urlscan.io logo urlscan.io
SecurityTrails logo

northwesternmutualsbx.ziphq.com Open in urlscan Pro
2606:4700:3108::ac42:2840  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://northwesternmutualsbx.ziphq.com/
Effective URL: https://northwesternmutualsbx.ziphq.com/login
Submission: On May 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 3 countries across 10 domains to perform 54 HTTP transactions. The main IP is 2606:4700:3108::ac42:2840, located in United States and belongs to CLOUDFLARENET, US. The main domain is northwesternmutualsbx.ziphq.com.
TLS certificate: Issued by E1 on May 25th 2024. Valid for: 3 months.
This is the only time northwesternmutualsbx.ziphq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13 2606:4700:310... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 99.86.8.175 16509 (AMAZON-02)
2 35.201.112.186 396982 (GOOGLE-CL...)
1 13.224.189.18 16509 (AMAZON-02)
2 18.245.46.19 16509 (AMAZON-02)
2 2600:1901:0:7... 15169 (GOOGLE)
4 34.233.215.113 14618 (AMAZON-AES)
2 151.101.194.217 54113 (FASTLY)
5 172.217.23.100 15169 (GOOGLE)
4 35.160.35.184 16509 (AMAZON-02)
4 52.202.28.55 14618 (AMAZON-AES)
3 35.186.194.58 15169 (GOOGLE)
1 3.33.235.18 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
54 16
13    2606:4700:3108::ac42:2840 (United States)

ASN13335 (CLOUDFLARENET, US)
northwesternmutualsbx.ziphq.com
assets.ziphq.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
8    99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    13.224.189.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net
widget.intercom.io
2    18.245.46.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-19.fra56.r.cloudfront.net
js.intercomcdn.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
4    34.233.215.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-215-113.compute-1.amazonaws.com
events.launchdarkly.com
2    151.101.194.217 (San Francisco, United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
5    172.217.23.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f4.1e100.net
www.google.com
4    35.160.35.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-35-184.us-west-2.compute.amazonaws.com
api.segment.io
4    52.202.28.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-28-55.compute-1.amazonaws.com
api-iam.intercom.io
3    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    3.33.235.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com
clientstream.launchdarkly.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
Apex Domain
Subdomains		 Transfer
13 ziphq.com
northwesternmutualsbx.ziphq.com
assets.ziphq.com — Cisco Umbrella Rank: 469873
646 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 2
apis.google.com — Cisco Umbrella Rank: 139
accounts.google.com — Cisco Umbrella Rank: 20
48 KB
8 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1845
124 KB
7 launchdarkly.com
events.launchdarkly.com — Cisco Umbrella Rank: 907
app.launchdarkly.com — Cisco Umbrella Rank: 736
clientstream.launchdarkly.com — Cisco Umbrella Rank: 886
19 KB
5 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1597
api-iam.intercom.io — Cisco Umbrella Rank: 2092
10 KB
5 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2197
rs.fullstory.com — Cisco Umbrella Rank: 2240
81 KB
4 segment.io
api.segment.io — Cisco Umbrella Rank: 1425
737 B
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 797
140 B
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2114
291 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
54 10
Domain Requested by
8 cdn.segment.com northwesternmutualsbx.ziphq.com
cdn.segment.com
8 northwesternmutualsbx.ziphq.com 1 redirects static.cloudflareinsights.com
cdn.segment.com
5 www.google.com
5 assets.ziphq.com northwesternmutualsbx.ziphq.com
assets.ziphq.com
4 api-iam.intercom.io js.intercomcdn.com
4 api.segment.io cdn.segment.com
edge.fullstory.com
4 events.launchdarkly.com assets.ziphq.com
edge.fullstory.com
3 rs.fullstory.com edge.fullstory.com
2 apis.google.com assets.ziphq.com
apis.google.com
2 app.launchdarkly.com assets.ziphq.com
2 sessions.bugsnag.com assets.ziphq.com
2 js.intercomcdn.com widget.intercom.io
2 edge.fullstory.com cdn.segment.com
edge.fullstory.com
1 accounts.google.com apis.google.com
1 clientstream.launchdarkly.com
1 widget.intercom.io cdn.segment.com
1 static.cloudflareinsights.com northwesternmutualsbx.ziphq.com
54 17

This site contains no links.

Subject Issuer Validity Valid
ziphq.com
E1		 2024-05-25 -
2024-08-23		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
edge.fullstory.com
GTS CA 1D4		 2024-05-03 -
2024-08-01		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-20 -
2025-04-15		 a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M03		 2024-05-22 -
2025-06-21		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1		 2024-04-04 -
2025-05-06		 a year crt.sh
*.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
rs.fullstory.com
GTS CA 1D4		 2024-05-02 -
2024-07-31		 3 months crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02		 2023-08-09 -
2024-09-05		 a year crt.sh
*.apis.google.com
WR2		 2024-05-13 -
2024-08-05		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://northwesternmutualsbx.ziphq.com/login
Frame ID: 761716859C0E3839F484F4173B6EE235
Requests: 43 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.6faba111.js
Frame ID: 947579A14B55053EF0BC5E42FBE82FC6
Requests: 6 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 3D3B925167F78813F8A3619476BAF5FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zip - Modern Spend Approvals

Page URL History Show full URLs

  1. https://northwesternmutualsbx.ziphq.com/ HTTP 302
    https://northwesternmutualsbx.ziphq.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

54
Requests

100 %
HTTPS

31 %
IPv6

10
Domains

17
Subdomains

16
IPs

3
Countries

1224 kB
Transfer

4187 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://northwesternmutualsbx.ziphq.com/ HTTP 302
    https://northwesternmutualsbx.ziphq.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
northwesternmutualsbx.ziphq.com/
Redirect Chain
  • https://northwesternmutualsbx.ziphq.com/
  • https://northwesternmutualsbx.ziphq.com/login
13 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8d427134e57afd2b639136bc5f6ca1122a9969ff85a2776ab7fdf3226bd218
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com https://www.google.com/recaptcha/api2/anchor; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
88be1baaec889004-FRA
content-encoding
br
content-security-policy
default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com https://www.google.com/recaptcha/api2/anchor; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 10:40:48 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie
x-content-type-options
nosniff
x-frame-options
DENY
x-request-id
a1f5e6819520b4a8c1cf81e5dabbf164

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
88be1ba96ade9004-FRA
content-security-policy
default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com https://www.google.com/recaptcha/api2/anchor; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
content-type
text/html; charset=utf-8
date
Thu, 30 May 2024 10:40:47 GMT
location
https://northwesternmutualsbx.ziphq.com/login
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie
x-content-type-options
nosniff
x-frame-options
DENY
x-request-id
5f20174fad17794322afe1c451167fe8
4218.5f8e5df83199f40db17c.js
assets.ziphq.com/static/ 		1 MB
435 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ziphq.com/static/4218.5f8e5df83199f40db17c.js
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e11c834f82cf0976788978128ec51d64875ce3328e87c04594ece2ce95d78a1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
8B0C0R109G0S9C8Z
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
46R+/5qd0vP55bDlW+1wQPlBzxCl8xkGHN6RrsYgeXpFkgKAbv4njhBy1QaTu/hFyx92Rme7qyQ=
x-amz-expiration
expiry-date="Mon, 10 Jun 2024 00:00:00 GMT", rule-id="Delete old bundles"
cf-bgj
minify
last-modified
Fri, 10 May 2024 22:40:45 GMT
server
cloudflare
etag
W/"2943b1efecb1becb0f0c7a6d265525eb"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
88be1bacaea59004-FRA
bundle.d52a79e58f46f60c1c74.js
assets.ziphq.com/static/ 		563 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ziphq.com/static/bundle.d52a79e58f46f60c1c74.js
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3181f7d1ba6ab45452ca6bc7e92f2a65316588746dcd571f2b99da512a8bf64

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
GX57TC8YFT6B4DZS
age
4224
x-amz-server-side-encryption
AES256
x-amz-id-2
+coVLROxWDaBnXx+4npwkOP8Skst4Dz3NMfBS1D/FsB2GeSSUBn/R2i8cD/ewj7meIZ+6XwIfG7F4ychFCxLhg==
x-amz-expiration
expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="Delete old bundles"
cf-bgj
minify
last-modified
Wed, 29 May 2024 22:23:44 GMT
server
cloudflare
etag
W/"0da18e4e539660aa4a972e6642287404"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
88be1bacaea69004-FRA
bundle.3ba543f06b4ca33f9be7.css
assets.ziphq.com/static/ 		82 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.ziphq.com/static/bundle.3ba543f06b4ca33f9be7.css
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
889427bc46a235d8f03a18c4484af19db9c2b92657950867e0445977a0a5db98

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
90QZ0F25AHKBJ93Q
cf-polished
origSize=84942
x-amz-server-side-encryption
AES256
x-amz-id-2
0X51CexHX89V92Ne4vsAHfGB97rnsCoIp6CiBKrYivkIQnRnlhmZdQmd9r5CwEVh1YJIseNt5mY=
x-amz-expiration
expiry-date="Sat, 29 Jun 2024 00:00:00 GMT", rule-id="Delete old bundles"
cf-bgj
minify
last-modified
Wed, 29 May 2024 22:23:44 GMT
server
cloudflare
etag
W/"3e05169e1b16ddf4d5db31ddb482def6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2678400
cf-ray
88be1bacaea49004-FRA
vef91dfe02fce4ee0ad053f6de4f175db1715022073587
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Origin
https://northwesternmutualsbx.ziphq.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-encoding
gzip
last-modified
Mon, 06 May 2024 19:01:13 GMT
server
cloudflare
etag
W/"2024.5.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
88be1bacd8874d84-FRA
analytics.min.js
cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20dc9596fd9498dd9f9e8bf059651fcc6a52109445bb3bdf3468ac09d292788a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
21udsS6UjPTDTutMgUZ3DxDI4sclujQB
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
date
Thu, 30 May 2024 10:40:48 GMT
x-amz-cf-pop
FRA6-C1
age
111
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 Apr 2024 20:20:19 GMT
server
AmazonS3
etag
W/"02b947a962602fa35c818c7583621261"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
Sa5xnNL-ZUhzATywHbdfjpae1xfqDx6c636-_GKM9EI6A5gfKV1pUw==
settings
cdn.segment.com/v1/projects/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/settings
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7174353c219612a1c00c27905b22ec27ba6815201aede89267ec2323380af324

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
jTuecqAaiAj2zemsO5ptWlVFHn.Sef_0
content-encoding
br
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
date
Thu, 30 May 2024 09:51:41 GMT
x-amz-cf-pop
FRA6-C1
age
2979
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 23 May 2024 11:51:24 GMT
server
AmazonS3
etag
W/"ecfd3f2ff9b66a47bd7d14e1027fd2cd"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
M7txLFLI_GZc7qQKWsf8bYXS_6DjgPqxVaPD29lz1ybft08g_-q6_A==
ajs-destination.bundle.ed53a26b6edc80c65d73.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 15 Apr 2024 15:05:40 GMT
x-amz-version-id
1lCjHefPzcRt0EbQDFkkb.6FnzhNuKxa
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
3872109
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 12 Apr 2024 21:39:45 GMT
server
AmazonS3
etag
W/"00e9c65cbba11c07c4bf4a6e2727b8ea"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
O92saZEQedxsLJydM2dtWmb1nRwTykUDk93zpGw9UeH02TABbRN0VA==
schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 13 Feb 2024 21:44:05 GMT
x-amz-version-id
GdbKd8UgUP5EXZpDaTRDFeJkJbyj8x6E
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
age
9205004
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 13 Feb 2024 18:05:05 GMT
server
AmazonS3
etag
W/"3867b2388b619ff7fddc29ef359fc9aa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
nH3pbKcn1SEF9PaqQXQJPZvasay6VF6yRcKZTZIQVClAyuQBklm4vA==
016dd6049ab7880d013d.js
cdn.segment.com/next-integrations/actions/fullstory/ 		186 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/fullstory/016dd6049ab7880d013d.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b3103b571b4262c95c11727af72622cd4de0466a0b5f796544690d816b739058

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uCJmTFozNyRvbeOfONu2NRC5l2QcyB5c
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
date
Thu, 30 May 2024 02:18:33 GMT
x-amz-cf-pop
FRA6-C1
age
30136
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 22 May 2024 10:13:38 GMT
server
AmazonS3
etag
W/"21cb746eb0bb85ed0f57e6c2f00dfa59"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
2YdzP0DmW20bUTnOltzUyxSAapnkJQ_JdxaBjXOZxOqLtLE4YFq0Tw==
f2b65540f91528301bda.js
cdn.segment.com/next-integrations/actions/845/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/845/f2b65540f91528301bda.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/016dd6049ab7880d013d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e5eaa930a247f99415a6c4955d96dbba2cd93a3dc92b5f8d3ad5334a8526d807

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
nIDy5slC9Qwp0UsYPEb8mzCwLdWdALMa
content-encoding
br
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
date
Wed, 29 May 2024 14:34:02 GMT
x-amz-cf-pop
FRA6-C1
age
72407
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 22 May 2024 10:13:36 GMT
server
AmazonS3
etag
W/"c99d6fae088cd5d0a0063eaa0d0d714f"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
CfksUp-RyFIa1GDLgtt6sXXRFc5h-51JnC418yQjoUCj8gDMaxGpIQ==
intercom.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/intercom/3.1.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 03 Feb 2024 17:22:52 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-version-id
5b1tkua7MmGqtjD1FWqYm4X1yYVabAcO
x-amz-cf-pop
FRA6-C1
age
10084676
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1878
last-modified
Wed, 18 Oct 2023 10:36:35 GMT
server
AmazonS3
etag
"d20b898e8b1fe44f03e532db7fe5cf4e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
y877B0aiCQ4umFSyvd0B7BJcVO9E5LlYNCCLFkzFjfJ9G3QOZQJzvw==
fs.js
edge.fullstory.com/s/ 		275 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/016dd6049ab7880d013d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f679d6ba05c5482e84c83fa3b35958730f79cb4365562b73b09ec902762bfe5a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Origin
https://northwesternmutualsbx.ziphq.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:39:48 GMT
content-encoding
br
age
60
x-guploader-uploadid
ABPtcPonkPfGUPsYGThuomk_1umrjeYzHhjdZDLt4NMIIY2kYbBBNzeHIfO4OdzVsL-LbxxqtxYBQjfAoQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75829
last-modified
Wed, 29 May 2024 16:36:25 GMT
server
UploadServer
etag
"602e9aafca8a540dbec7f8ebd8bdff02"
vary
Accept-Encoding
x-goog-generation
1717000585340181
x-goog-hash
crc32c=q7gb6w==, md5=YC6ar8qKVA2+x/jr2L3/Ag==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
75829
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 30 May 2024 11:39:48 GMT
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-8-175.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 03 Apr 2024 10:56:48 GMT
content-encoding
gzip
via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
x-amz-version-id
HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
x-amz-cf-pop
FRA6-C1
age
4923841
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22177
last-modified
Fri, 08 Mar 2024 07:35:27 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
xAQTied7kYfXGfnoavPgC5RIerTY9rt7HxBHx5PpZWPrKyTiuSmP8w==
jpvqigu7
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/jpvqigu7
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2c209103bad3923b3a96173391f47549995f13fdd68c81b9f0e35c963f1fa39

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
4wKOHUV5X4f6Z3hi89lngrejnhzD2F5l
content-encoding
gzip
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
date
Thu, 30 May 2024 10:36:55 GMT
x-amz-cf-pop
FRA2-C1
age
234
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2669
last-modified
Thu, 30 May 2024 09:54:52 GMT
server
AmazonS3
etag
"a2dba01d12a36bc282eb3fadcb403cdd"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
7VQVUTkmPbuWEEwQUk2SWVQ4zWpuj6tNeE5VtBGtVmUc4PvNflzi0w==
web
edge.fullstory.com/s/settings/Z1C2H/v1/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/Z1C2H/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7c0a68ed7252d3d527bf74ebdea1707e5656ad1e7bbfafc9208ef6b7c0d946e8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:38:51 GMT
content-encoding
gzip
age
117
x-guploader-uploadid
ABPtcPrIMfjPXkY0HAXQCTR-sxhKXnh9zfSVCqoohENG17x8ccPL5UQyiNakMMOHVwmho1ekl0Vaan1Izw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1729
last-modified
Thu, 30 May 2024 10:34:38 GMT
server
UploadServer
etag
"12b6533414f998099852e81c95bc93d5"
x-goog-generation
1717065278122728
x-goog-hash
crc32c=uRVuAA==, md5=ErZTNBT5mAmYUugclbyT1Q==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1729
accept-ranges
bytes
content-type
application/json
expires
Thu, 30 May 2024 10:53:51 GMT
frame-modern.6faba111.js
js.intercomcdn.com/ Frame 9475 		460 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.6faba111.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jpvqigu7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
458bd069d02006c7b54f2392386173c851665caf8b84971f264d96a8a25bbffe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 09:54:55 GMT
content-encoding
gzip
via
1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
x-amz-version-id
PWFc9tW_1df8B.UBY6iU.MrYu5.yMkQp
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
2754
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
140882
last-modified
Thu, 30 May 2024 09:52:21 GMT
server
AmazonS3
etag
"e15ad2d865c0d2293c95c0aac24d4b50"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
9BuKJmaVMo1o0Yu7SvHDmjM2E2Y10v-rf0gGI7gsDy2ibd7AukORpA==
vendor-modern.1a13b382.js
js.intercomcdn.com/ Frame 9475 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.1a13b382.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jpvqigu7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.46.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-46-19.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0994a3d3661344684acec971fc82154a4605c4b2bbd4a95a6c065140dff7811f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
7TzMVquNufeLPqAioEI3AnR_4COuk_VE
content-encoding
gzip
via
1.1 77e414816706879c16a3707f261f0b5a.cloudfront.net (CloudFront)
date
Thu, 30 May 2024 09:47:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P9
age
3177
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
155543
last-modified
Wed, 29 May 2024 17:03:40 GMT
server
AmazonS3
etag
"82b135e7f918556124285c160cf4be1e"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
gEAGRhbQe5AzESA42RhvpYt57xjsWesdW4wdKt0q3jMClq5454bi3Q==
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://northwesternmutualsbx.ziphq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 30 May 2024 10:40:48 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: assets.ziphq.com
URL: https://assets.ziphq.com/static/4218.5f8e5df83199f40db17c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Bugsnag-Api-Key
20e44bea8596af42695842ff661291ac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Bugsnag-Payload-Version
1
Referer
https://northwesternmutualsbx.ziphq.com/
Bugsnag-Sent-At
2024-05-30T10:40:48.493Z
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 30 May 2024 10:40:48 GMT
via
1.1 google
bugsnag-session-uuid
c0b6503a-001a-46fc-af62-6b57a05308cf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
8685.61db4e07346eae7f08ad.css
assets.ziphq.com/static/ 		1 KB
740 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.ziphq.com/static/8685.61db4e07346eae7f08ad.css
Requested by
Host: assets.ziphq.com
URL: https://assets.ziphq.com/static/bundle.d52a79e58f46f60c1c74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0f9e5e10b991ba7d28463805f27680f006149faadde5bb3f332418f8bfcfb54

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
31KV431XAMSACWB0
cf-polished
origSize=1113
x-amz-server-side-encryption
AES256
x-amz-id-2
itnD1oLpSHZFQ7yP+VrXXw36xUzuSanK+QJGQgxxxCdC7xj/dZGdJN3+XK9b2ScafqeFSJDRvsI=
x-amz-expiration
expiry-date="Mon, 10 Jun 2024 00:00:00 GMT", rule-id="Delete old bundles"
cf-bgj
minify
last-modified
Fri, 10 May 2024 22:40:48 GMT
server
cloudflare
etag
W/"1d638a2ceed700b9946d8d5df39ae1d7"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2678400
cf-ray
88be1bafea379004-FRA
AsyncLoginPage.196a07c0d57cd5310119.js
assets.ziphq.com/static/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ziphq.com/static/AsyncLoginPage.196a07c0d57cd5310119.js
Requested by
Host: assets.ziphq.com
URL: https://assets.ziphq.com/static/bundle.d52a79e58f46f60c1c74.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2621e31f5b14c49f27949b3be29df9e03063207ece2b7b3d2417cdce71f559b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-encoding
br
x-amz-expiration
expiry-date="Mon, 24 Jun 2024 00:00:00 GMT", rule-id="Delete old bundles"
cf-bgj
minify
last-modified
Fri, 24 May 2024 05:13:38 GMT
cf-cache-status
REVALIDATED
x-amz-request-id
Z0T8RWBJ40K9A7J9
server
cloudflare
etag
W/"42ff7caf857b5a1db981849ac1f47382"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
88be1bafea3f9004-FRA
x-amz-id-2
bSVECPZ8e632EJsVyGTBgAweHFVsi3usLFU464g3UlYdKcd6u3kRq0R9fsxE0frR8ggGmwFYHcY7+/Zn2Po9EQ==
zip_logo_primary_black.svg
northwesternmutualsbx.ziphq.com/static/images/logo/ 		13 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northwesternmutualsbx.ziphq.com/static/images/logo/zip_logo_primary_black.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcaa60c3181ba1017820b90e9aab024f9ce6998ef0842a4381fee263c5f855d5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Thu, 30 May 2024 10:24:05 GMT
server
cloudflare
etag
W/"665853c5-333d"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
88be1bafea399004-FRA
6220031710123414f492f4e2
events.launchdarkly.com/events/diagnostic/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/6220031710123414f492f4e2
Requested by
Host: assets.ziphq.com
URL: https://assets.ziphq.com/static/4218.5f8e5df83199f40db17c.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.233.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-215-113.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://northwesternmutualsbx.ziphq.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
app.launchdarkly.com/sdk/evalx/6220031710123414f492f4e2/contexts/ 		109 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/6220031710123414f492f4e2/contexts/eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
Requested by
Host: assets.ziphq.com
URL: https://assets.ziphq.com/static/4218.5f8e5df83199f40db17c.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a8192672e66b22a882a613ea1c138b98de04dea31ff032dd4e00e389fffa8e9a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://northwesternmutualsbx.ziphq.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
18464
x-served-by
cache-fra-etou8220040-FRA, cache-fra-etou8220033-FRA
x-timer
S1717065649.677411,VS0,VE2
etag
"2396dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
6220031710123414f492f4e2
events.launchdarkly.com/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/6220031710123414f492f4e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.233.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-215-113.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://northwesternmutualsbx.ziphq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Thu, 30 May 2024 10:40:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
app.launchdarkly.com/sdk/evalx/6220031710123414f492f4e2/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/6220031710123414f492f4e2/contexts/eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://northwesternmutualsbx.ziphq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Thu, 30 May 2024 10:40:48 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-etou8220033-FRA
x-timer
S1717065649.660876,VS0,VE1
normal.woff2
northwesternmutualsbx.ziphq.com/cf-fonts/v/encode-sans/5.0.11/latin/wght/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://northwesternmutualsbx.ziphq.com/cf-fonts/v/encode-sans/5.0.11/latin/wght/normal.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84d61e7247b5194fedf074ca201a7bbc68d3ee141236b4e7cb5030abf9ab58c5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/login
Origin
https://northwesternmutualsbx.ziphq.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
cache-control
public, max-age=31536000, immutable
cf-cache-status
HIT
server
cloudflare
cf-ray
88be1bb09af89004-FRA
content-length
27320
vary
Accept-Encoding
rum
northwesternmutualsbx.ziphq.com/cdn-cgi/ 		0
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://northwesternmutualsbx.ziphq.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vef91dfe02fce4ee0ad053f6de4f175db1715022073587
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://northwesternmutualsbx.ziphq.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
88be1bafea3b9004-FRA
px.gif
www.google.com/images/phd/ 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/phd/px.gif?t=1717065648601
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
sffe /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 30 May 2024 10:40:48 GMT
graphql
northwesternmutualsbx.ziphq.com/ 		103 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://northwesternmutualsbx.ziphq.com/graphql
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/016dd6049ab7880d013d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c93d987a0df26d303b5e07fbc409558853c94b94e13b1ad2e88f8fc26c6ed8
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com https://www.google.com/recaptcha/api2/anchor; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://northwesternmutualsbx.ziphq.com/login
x-csrftoken
IjBmNjg3NjdkMmFkYzgyZjgyNjg2MzM4NGQ3YjBkMGU5NjA0MTVmMTQi.GTnpMA.nnoFdGiikncS05cmv8QNWnhOzGM
x-request-id
8a6a1737-fcb9-4f4c-bedf-bf9df8a3e3f3
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-security-policy
default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com https://www.google.com/recaptcha/api2/anchor; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
content-encoding
br
x-git-commit
2fac35b61e
x-frame-options
DENY
vary
Cookie
content-type
application/json
cf-ray
88be1bafea3e9004-FRA
x-request-id
8a6a1737-fcb9-4f4c-bedf-bf9df8a3e3f3
favicon_custom.ico
northwesternmutualsbx.ziphq.com/ 		4 KB
640 B 		Other
General
Check archive.org
Download Go to
Full URL
https://northwesternmutualsbx.ziphq.com/favicon_custom.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
273598d25b334a1b4c575ea9a0a0bc10d9e0ccf665253ddb9df45f6b56616982
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com https://www.google.com/recaptcha/api2/anchor; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-security-policy
default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com https://www.google.com/recaptcha/api2/anchor; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
BYPASS
content-encoding
br
x-request-id
291f7d7fa8e5e542084191af7711056e
last-modified
Wed, 29 May 2024 22:02:28 GMT
server
cloudflare
etag
W/"1717020148.0-4286-3105164239"
x-frame-options
DENY
vary
Cookie, Accept-Encoding
content-type
image/vnd.microsoft.icon
cache-control
public, max-age=43200
cf-ray
88be1baffa4a9004-FRA
expires
Thu, 30 May 2024 22:40:48 GMT
t
api.segment.io/v1/ 		21 B
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/016dd6049ab7880d013d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-35-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Thu, 30 May 2024 10:40:49 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
p
api.segment.io/v1/ 		21 B
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/016dd6049ab7880d013d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-35-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Thu, 30 May 2024 10:40:49 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
ping
api-iam.intercom.io/messenger/web/ Frame 9475 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6faba111.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.28.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-28-55.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b6697658ab5047dd586e0ffc7f6003e5b7b52934e967d7b2f970ac0155cc49eb
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 10:40:49 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-09a36a6c62f211f17
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00048t7nbfd5an6g61f0
x-runtime
0.268067
server
nginx
etag
W/"b6697658ab5047dd586e0ffc7f6003e5"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
x-intercom-version
20a8eec3704bd6a316aded220250410824e0ba68
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
page
rs.fullstory.com/rec/ 		1 KB
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
9293e3051cf204994afb94ad0943ab01a93b3e69de08d628c613ae9907946cc9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
569
px.gif
www.google.com/images/phd/ 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/phd/px.gif?t=1717065648747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
sffe /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 30 May 2024 10:40:48 GMT
eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
clientstream.launchdarkly.com/eval/6220031710123414f492f4e2/ 		109 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/6220031710123414f492f4e2/eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.235.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa1ba9bef7b18c265.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Accept
text/event-stream
Cache-Control
no-cache
Referer
https://northwesternmutualsbx.ziphq.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
px.gif
www.google.com/images/phd/ 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/phd/px.gif?t=1717065648769
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
sffe /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 30 May 2024 10:40:48 GMT
t
api.segment.io/v1/ 		21 B
185 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/016dd6049ab7880d013d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-35-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Thu, 30 May 2024 10:40:49 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
px.gif
www.google.com/images/phd/ 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/phd/px.gif?t=1717065648792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
sffe /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 30 May 2024 10:40:48 GMT
px.gif
www.google.com/images/phd/ 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/phd/px.gif?t=1717065648811
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s45-in-f4.1e100.net
Software
sffe /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 30 May 2024 10:40:48 GMT
google.png
northwesternmutualsbx.ziphq.com/static/images/integrations/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northwesternmutualsbx.ziphq.com/static/images/integrations/icons/google.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6605c625b3eb350783677d44539bec99ca2e8aa80fcbe9033476c5410cf965ea

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/login
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:49 GMT
cf-cache-status
MISS
last-modified
Wed, 29 May 2024 22:56:30 GMT
server
cloudflare
etag
"6657b29e-c57"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
88be1bb16bcf9004-FRA
content-length
3159
api.js
apis.google.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: assets.ziphq.com
URL: https://assets.ziphq.com/static/AsyncLoginPage.196a07c0d57cd5310119.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bbd8d4c8232df5d4d395f28151e43c17ddc981fe499fd94698162d610c1e95e
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 30 May 2024 10:40:48 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5897
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"d936f112b85f6a2e"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 May 2024 10:40:48 GMT
integrations
rs.fullstory.com/rec/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/integrations?OrgId=Z1C2H
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d020ef8796bc4a95f05f874c9fbcadfe9ae3e3d2138abcf30e1d4eb36fc3154b

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:48 GMT
via
1.1 google
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=utf-8
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/ 		120 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9aa77ab8d23a5766d3b3b24224dfdaa3dee98faa457c0a06aaec09f55c4b7d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 28 May 2024 15:10:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156616
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41559
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 18:15:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 May 2025 15:10:32 GMT
iframe
accounts.google.com/o/oauth2/ Frame 3D3B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DxE8WI7K29fuG2ThfZ4zVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-DxE8WI7K29fuG2ThfZ4zVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Thu, 30 May 2024 10:40:49 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9 AgwNkGShU7jmThCwETvmNknL6SkfRK4HUOBOkR6DTLS3TOAs8YQVA2BAX9dts4v0gDOKplt/w6+QXoSpVnb4RQMAAABmeyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IkZlZENtV2l0aFN0b3JhZ2VBY2Nlc3NBUEkiLCJleHBpcnkiOjE3Mjc4MjcxOTl9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/_/IdpIFrameHttp/web-reports?context=eJzjstHikmJw0ZBikPj6kkkLiJ3SZ7CGALFP_QzWOCBuvXmOdToQW908z5r07zxrCRC3f77AOhOIhbg5Nq5_uIlNYMfuuTJKakn5hfGZKal5JZkllbr5iaUlGboZJSUF8UYGRiYGpkYWegaG8QUGAC_PLI4"
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
t
api.segment.io/v1/ 		21 B
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-35-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Thu, 30 May 2024 10:40:49 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
ping
api-iam.intercom.io/messenger/web/ Frame 9475 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6faba111.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.28.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-28-55.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b5b91c84cd8d11979cccb1d183b8324e64b6cab1f5989914a6c295b211b38bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 10:40:49 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-09a36a6c62f211f17
status
200 OK
x-xss-protection
1; mode=block
x-request-id
000foea6mrgf808u8igg
x-runtime
0.223798
server
nginx
etag
W/"b5b91c84cd8d11979cccb1d183b8324e"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
x-intercom-version
ece931a98561595cdfcbe3d2707ebba3497aa34f
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
events
api-iam.intercom.io/messenger/web/ Frame 9475 		4 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/events
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6faba111.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.28.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-28-55.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 10:40:49 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-09a36a6c62f211f17
status
200 OK
x-xss-protection
1; mode=block
x-request-id
000fetcdnb1thrhcagjg
x-runtime
0.137120
server
nginx
etag
W/"e10808d43975dc400731053386849f86"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
x-intercom-version
20a8eec3704bd6a316aded220250410824e0ba68
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
events
api-iam.intercom.io/messenger/web/ Frame 9475 		4 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/events
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.6faba111.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.202.28.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-28-55.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 May 2024 10:40:49 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-09a36a6c62f211f17
status
200 OK
x-xss-protection
1; mode=block
x-request-id
0003ttgob1v57v8uo0u0
x-runtime
0.123237
server
nginx
etag
W/"e10808d43975dc400731053386849f86"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
x-intercom-version
ece931a98561595cdfcbe3d2707ebba3497aa34f
access-control-expose-headers
x-request-id
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
6220031710123414f492f4e2
events.launchdarkly.com/events/bulk/ 		0
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/6220031710123414f492f4e2
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.233.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-215-113.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-LaunchDarkly-Payload-ID
151992f0-1e71-11ef-916b-f19a1b4dd8bf
X-LaunchDarkly-Event-Schema
4
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://northwesternmutualsbx.ziphq.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 30 May 2024 10:40:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
6220031710123414f492f4e2
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/6220031710123414f492f4e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.233.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-215-113.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://northwesternmutualsbx.ziphq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Thu, 30 May 2024 10:40:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=Z1C2H&UserId=4fe16d72-70d3-4c08-a945-7fd667873a0c&SessionId=678145d9-5ef3-4559-b159-adc100b847cb&PageId=dcad416e-16c0-4328-bc99-6dcb569dd773&Seq=1&ClientTime=1717065651418&PageStart=1717065648905&PrevBundleTime=0&LastActivity=2359&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
f7f052c712e490ca43712c1c827eb574cd30b3b1b9410e50e9cfe5fca2bfd9fd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://northwesternmutualsbx.ziphq.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Thu, 30 May 2024 10:40:51 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| csrf_token object| analytics object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| webpackChunkDestination function| fullstoryDestination string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS boolean| _fs_initialized object| intercomDeps function| intercomLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| intercomIntegration function| Intercom string| _fs_loaded function| _fs_shutdown function| __intercomAssignLocation function| __intercomReloadLocation boolean| _fs_debug object| webpackChunkzip_app object| DD_LOGS string| __reactRouterVersion object| InjectedData object| __MUI_LICENSE_INFO__ object| regeneratorRuntime object| __cfBeacon string| _fs_rec_settings_host object| gapi object| ___jsl object| _F_toggles object| osapi function| normalize

10 Cookies

Domain/Path Name / Value
.ziphq.com/ Name: oauth_state
Value: sEFuWwBhnbfisyRI
.northwesternmutualsbx.ziphq.com/ Name: session
Value: eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiMGY2ODc2N2QyYWRjODJmODI2ODYzMzg0ZDdiMGQwZTk2MDQxNWYxNCJ9.GTnpMA.cJvqVlVRwuL43levgWRRUA8e7rU
.ziphq.com/ Name: ajs_anonymous_id
Value: ed07233e-790d-4b57-8d31-b70e806de566
.ziphq.com/ Name: fs_lua
Value: 1.1717065648904
.ziphq.com/ Name: fs_uid
Value: #Z1C2H#4fe16d72-70d3-4c08-a945-7fd667873a0c:678145d9-5ef3-4559-b159-adc100b847cb:1717065648904::1#/1748601650
.northwesternmutualsbx.ziphq.com/ Name: G_ENABLED_IDPS
Value: google
.ziphq.com/ Name: intercom-id-jpvqigu7
Value: 48fe5f3f-98b6-4017-ad57-c1d1e8b7b489
.ziphq.com/ Name: intercom-session-jpvqigu7
Value:
.ziphq.com/ Name: intercom-device-id-jpvqigu7
Value: 79abaf65-92da-411a-bcd4-8b8ec0c0b4a4
northwesternmutualsbx.ziphq.com/ Name: _dd_s
Value: logs=1&id=f10aa90e-85a2-4120-a86d-a29b4253b598&created=1717065648544&expire=1717066548544

1 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Dsoa_Wdo28w.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_vT9SKJEh9EgzMdmSuOtg3sj0vqg/cb=gapi.loaded_0?le=scs(Line 186)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com https://www.google.com/recaptcha/api2/anchor; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api-iam.intercom.io
api.segment.io
apis.google.com
app.launchdarkly.com
assets.ziphq.com
cdn.segment.com
clientstream.launchdarkly.com
edge.fullstory.com
events.launchdarkly.com
js.intercomcdn.com
northwesternmutualsbx.ziphq.com
rs.fullstory.com
sessions.bugsnag.com
static.cloudflareinsights.com
widget.intercom.io
www.google.com
13.224.189.18
151.101.194.217
172.217.23.100
18.245.46.19
2600:1901:0:7a0b::
2606:4700:3108::ac42:2840
2606:4700::6810:5049
2a00:1450:4001:82b::200e
2a00:1450:400c:c09::54
3.33.235.18
34.233.215.113
35.160.35.184
35.186.194.58
35.201.112.186
52.202.28.55
99.86.8.175
0994a3d3661344684acec971fc82154a4605c4b2bbd4a95a6c065140dff7811f
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0e11c834f82cf0976788978128ec51d64875ce3328e87c04594ece2ce95d78a1
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
20dc9596fd9498dd9f9e8bf059651fcc6a52109445bb3bdf3468ac09d292788a
273598d25b334a1b4c575ea9a0a0bc10d9e0ccf665253ddb9df45f6b56616982
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
458bd069d02006c7b54f2392386173c851665caf8b84971f264d96a8a25bbffe
6605c625b3eb350783677d44539bec99ca2e8aa80fcbe9033476c5410cf965ea
6a8d427134e57afd2b639136bc5f6ca1122a9969ff85a2776ab7fdf3226bd218
7174353c219612a1c00c27905b22ec27ba6815201aede89267ec2323380af324
7c0a68ed7252d3d527bf74ebdea1707e5656ad1e7bbfafc9208ef6b7c0d946e8
84d61e7247b5194fedf074ca201a7bbc68d3ee141236b4e7cb5030abf9ab58c5
889427bc46a235d8f03a18c4484af19db9c2b92657950867e0445977a0a5db98
8bbd8d4c8232df5d4d395f28151e43c17ddc981fe499fd94698162d610c1e95e
9293e3051cf204994afb94ad0943ab01a93b3e69de08d628c613ae9907946cc9
9aa77ab8d23a5766d3b3b24224dfdaa3dee98faa457c0a06aaec09f55c4b7d74
a0f9e5e10b991ba7d28463805f27680f006149faadde5bb3f332418f8bfcfb54
a2c209103bad3923b3a96173391f47549995f13fdd68c81b9f0e35c963f1fa39
a8192672e66b22a882a613ea1c138b98de04dea31ff032dd4e00e389fffa8e9a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b2621e31f5b14c49f27949b3be29df9e03063207ece2b7b3d2417cdce71f559b
b3103b571b4262c95c11727af72622cd4de0466a0b5f796544690d816b739058
b5b91c84cd8d11979cccb1d183b8324e64b6cab1f5989914a6c295b211b38bf0
b6697658ab5047dd586e0ffc7f6003e5b7b52934e967d7b2f970ac0155cc49eb
d020ef8796bc4a95f05f874c9fbcadfe9ae3e3d2138abcf30e1d4eb36fc3154b
dcaa60c3181ba1017820b90e9aab024f9ce6998ef0842a4381fee263c5f855d5
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eaa930a247f99415a6c4955d96dbba2cd93a3dc92b5f8d3ad5334a8526d807
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3
f3181f7d1ba6ab45452ca6bc7e92f2a65316588746dcd571f2b99da512a8bf64
f4c93d987a0df26d303b5e07fbc409558853c94b94e13b1ad2e88f8fc26c6ed8
f679d6ba05c5482e84c83fa3b35958730f79cb4365562b73b09ec902762bfe5a
f7f052c712e490ca43712c1c827eb574cd30b3b1b9410e50e9cfe5fca2bfd9fd
f9eb189676a78d42d7a8487eef683702ada6c5c866399eefbc0df319d5f7c6d7