urlscan.io logo urlscan.io
SecurityTrails logo

northwesternmutualsbx.ziphq.com Open in urlscan Pro
2606:4700:3108::ac42:2840  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://northwesternmutualsbx.ziphq.com/
Effective URL: https://northwesternmutualsbx.ziphq.com/login
Submission: On March 25 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 1 countries across 12 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3108::ac42:2840, located in United States and belongs to CLOUDFLARENET, US. The main domain is northwesternmutualsbx.ziphq.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 28th 2023. Valid for: a year.
This is the only time northwesternmutualsbx.ziphq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2606:4700:310... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 13.226.38.199 16509 (AMAZON-02)
4 35.201.112.186 396982 (GOOGLE-CL...)
2 2600:1901:0:7... 396982 (GOOGLE-CL...)
2 151.101.130.217 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 3.33.235.18 16509 (AMAZON-02)
4 35.186.194.58 15169 (GOOGLE)
2 2607:f8b0:402... 15169 (GOOGLE)
1 13.226.34.119 16509 (AMAZON-02)
5 35.160.35.184 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
7 108.139.47.108 16509 (AMAZON-02)
4 52.71.168.113 14618 (AMAZON-AES)
4 52.72.54.62 14618 (AMAZON-AES)
64 19
10    2606:4700:3108::ac42:2840 (United States)

ASN13335 (CLOUDFLARENET, US)
northwesternmutualsbx.ziphq.com
assets.ziphq.com
1    2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
8    13.226.38.199 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-38-199.ewr53.r.cloudfront.net
cdn.segment.com
4    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
2    2600:1901:0:7a0b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
sessions.bugsnag.com
2    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
app.launchdarkly.com
1    2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2607:f8b0:4006:824::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)
apis.google.com
1    3.33.235.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa1ba9bef7b18c265.awsglobalaccelerator.com
clientstream.launchdarkly.com
4    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
2    2607:f8b0:4023:1401::54 (Columbus, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    13.226.34.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-119.ewr53.r.cloudfront.net
widget.intercom.io
5    35.160.35.184 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-35-184.us-west-2.compute.amazonaws.com
api.segment.io
1    2607:f8b0:4006:80a::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
7    108.139.47.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net
js.intercomcdn.com
4    52.71.168.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-168-113.compute-1.amazonaws.com
events.launchdarkly.com
4    52.72.54.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-54-62.compute-1.amazonaws.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
10 ziphq.com
northwesternmutualsbx.ziphq.com
assets.ziphq.com
1 MB
9 google.com
www.google.com — Cisco Umbrella Rank: 5
apis.google.com — Cisco Umbrella Rank: 259
accounts.google.com — Cisco Umbrella Rank: 62
49 KB
8 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 3894
rs.fullstory.com — Cisco Umbrella Rank: 3744
216 KB
8 segment.com
cdn.segment.com — Cisco Umbrella Rank: 2983
124 KB
7 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 5586
661 KB
7 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 962
clientstream.launchdarkly.com — Cisco Umbrella Rank: 1054
events.launchdarkly.com — Cisco Umbrella Rank: 1451
18 KB
5 segment.io
api.segment.io — Cisco Umbrella Rank: 1610
921 B
5 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 3779
api-iam.intercom.io — Cisco Umbrella Rank: 3892
9 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
65 KB
2 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 1175
131 B
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1408
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
954 B
64 12
Domain Requested by
8 cdn.segment.com northwesternmutualsbx.ziphq.com
cdn.segment.com
7 js.intercomcdn.com widget.intercom.io
js.intercomcdn.com
7 northwesternmutualsbx.ziphq.com 1 redirects northwesternmutualsbx.ziphq.com
edge.fullstory.com
5 api.segment.io edge.fullstory.com
5 www.google.com northwesternmutualsbx.ziphq.com
4 api-iam.intercom.io js.intercomcdn.com
4 events.launchdarkly.com edge.fullstory.com
4 rs.fullstory.com edge.fullstory.com
4 edge.fullstory.com northwesternmutualsbx.ziphq.com
edge.fullstory.com
3 assets.ziphq.com northwesternmutualsbx.ziphq.com
2 accounts.google.com apis.google.com
www.gstatic.com
2 apis.google.com assets.ziphq.com
apis.google.com
2 app.launchdarkly.com assets.ziphq.com
2 sessions.bugsnag.com assets.ziphq.com
1 www.gstatic.com accounts.google.com
1 widget.intercom.io cdn.segment.com
1 clientstream.launchdarkly.com northwesternmutualsbx.ziphq.com
1 fonts.gstatic.com fonts.googleapis.com
1 static.cloudflareinsights.com northwesternmutualsbx.ziphq.com
1 fonts.googleapis.com northwesternmutualsbx.ziphq.com
64 20

This site contains no links.

Subject Issuer Validity Valid
ziphq.com
Cloudflare Inc ECC CA-3		 2023-04-28 -
2024-04-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
cloudflareinsights.com
GTS CA 1P5		 2024-03-10 -
2024-06-08		 3 months crt.sh
*.segment.com
Amazon RSA 2048 M03		 2023-11-14 -
2024-12-13		 a year crt.sh
edge.fullstory.com
GTS CA 1D4		 2024-03-07 -
2024-06-05		 3 months crt.sh
*.bugsnag.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-03-20 -
2025-04-15		 a year crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-02 -
2024-08-02		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M01		 2023-08-09 -
2024-09-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
rs.fullstory.com
GTS CA 1D4		 2024-03-05 -
2024-06-03		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M03		 2024-01-15 -
2025-02-11		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh
*.intercomcdn.com
Amazon RSA 2048 M02		 2023-12-01 -
2024-12-29		 a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M02		 2023-06-21 -
2024-07-20		 a year crt.sh

This page contains 5 frames:

Primary Page: https://northwesternmutualsbx.ziphq.com/login
Frame ID: 48342249C5FC4F28FF768BBE198A9173
Requests: 44 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: DE8105DEF9B42F50DB1F1019FEE12294
Requests: 3 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.d78f357d.js
Frame ID: A0B83E76B47FA24532A9A43141D590F2
Requests: 11 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: B2590CDFADF8A61C437B1E9FDB762026
Requests: 1 HTTP requests in this frame

Frame: https://edge.fullstory.com/s/fs.js
Frame ID: 66F6A44F881CBAAE5B6018EE78E85283
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zip - Modern Spend Approvals

Page URL History Show full URLs

  1. https://northwesternmutualsbx.ziphq.com/ HTTP 302
    https://northwesternmutualsbx.ziphq.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js

Page Statistics

64
Requests

100 %
HTTPS

47 %
IPv6

12
Domains

20
Subdomains

19
IPs

1
Countries

2415 kB
Transfer

8877 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://northwesternmutualsbx.ziphq.com/ HTTP 302
    https://northwesternmutualsbx.ziphq.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
northwesternmutualsbx.ziphq.com/
Redirect Chain
  • https://northwesternmutualsbx.ziphq.com/
  • https://northwesternmutualsbx.ziphq.com/login
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4d1b4738a49a1680c70065f0b07f8cdf2ef98692b22bf3779a8d7d88e21c812
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.heapanalytics.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://heapanalytics.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
86a0de5ada244bc3-BUF
content-encoding
gzip
content-security-policy
default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.heapanalytics.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://heapanalytics.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
content-type
text/html; charset=utf-8
date
Mon, 25 Mar 2024 18:12:22 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie
x-content-type-options
nosniff
x-frame-options
DENY
x-request-id
c979345c4a2dc7c743ef26ad9c62f88d

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
86a0de5939504bc3-BUF
content-security-policy
default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.heapanalytics.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://heapanalytics.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
content-type
text/html; charset=utf-8
date
Mon, 25 Mar 2024 18:12:20 GMT
location
https://northwesternmutualsbx.ziphq.com/login
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Cookie
x-content-type-options
nosniff
x-frame-options
DENY
x-request-id
bce69a10c7fdea2a44c5cf1a0452bfc1
css2
fonts.googleapis.com/ 		4 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Encode+Sans:wght@400;500;600&display=swap
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f578acaa37c56cb6d45723b5afd3418d3eb23361c682399d889454a935e3f7c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 25 Mar 2024 18:12:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 25 Mar 2024 18:10:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Mar 2024 18:12:22 GMT
1996.63e84fadf37151ce6f3f.js
assets.ziphq.com/static/ 		2 MB
679 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ziphq.com/static/1996.63e84fadf37151ce6f3f.js
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4f9730e98321c29c3ce40ac78ee0f7c8aa21c8e848bf773f741fff2c5da55c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:22 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
XCSBREPPFP6AWWNP
age
301
cf-polished
origSize=2478705
x-amz-server-side-encryption
AES256
x-amz-id-2
dJst+beWjStO8oWG/B7BUhuf16CY+K2VOKiUqgmvSzAdKwQVWgDJkzYUfzNb8kDwo8OrJjty/uc=
x-amz-expiration
expiry-date="Sat, 20 Apr 2024 00:00:00 GMT", rule-id="Delete old bundles"
cf-bgj
minify
last-modified
Wed, 20 Mar 2024 01:11:16 GMT
server
cloudflare
etag
W/"e56e961584c1a779452f2223e46fa199"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
86a0de67e8f14bc3-BUF
bundle.af69258f0742469d9a95.js
assets.ziphq.com/static/ 		2 MB
537 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ziphq.com/static/bundle.af69258f0742469d9a95.js
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ccc6c518ffe31eed92f470c761328b99eb22f51ca03cd51b3e379050ae42024

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:22 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
5E26PSAN0Y020D83
age
301
x-amz-server-side-encryption
AES256
x-amz-id-2
Es1n+8ZtU1amFZQeKTFSYzwNeUKHzerVT0Z7RQKlp1nm2dBtaQlzZsJD1B8FoXcI657C3eqBGgh9vxN0kT+4sg==
x-amz-expiration
expiry-date="Sun, 21 Apr 2024 00:00:00 GMT", rule-id="Delete old bundles"
cf-bgj
minify
last-modified
Thu, 21 Mar 2024 20:04:27 GMT
server
cloudflare
etag
W/"b7854c3c839195b46ebe49cb47eb85a0"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=2678400
cf-ray
86a0de6949984bc3-BUF
bundle.5a7c7ed833cf18f847e9.css
assets.ziphq.com/static/ 		183 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.ziphq.com/static/bundle.5a7c7ed833cf18f847e9.css
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69592dc75ce77470480df5f52123b17ccdbc78e18eae173449267cbe7b4bdae9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:22 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
20XHBXRK0ZTR965H
age
301
cf-polished
origSize=188216
x-amz-server-side-encryption
AES256
x-amz-id-2
Vzby0DujYH+200Rk9B6TUpbATmKDdVLpi8NjE5UBm9NGteJgx3UsjBXfqcXRsSCH3vgHasP1JeZ3aRfQHblOvA==
x-amz-expiration
expiry-date="Sun, 21 Apr 2024 00:00:00 GMT", rule-id="Delete old bundles"
cf-bgj
minify
last-modified
Thu, 21 Mar 2024 20:04:27 GMT
server
cloudflare
etag
W/"216db0c47f925e3f60c13a9449d9d357"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2678400
cf-ray
86a0de67e8f04bc3-BUF
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
Origin
https://northwesternmutualsbx.ziphq.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:22 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
86a0de69ac3d4bc6-BUF
analytics.min.js
cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/ 		108 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d416e84afdd1e9419df402e033504031f668bc43d29106e2ba44c6991d1b1ea3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
.qJuS0on6KhaPcppqroY06o1St0kh3Tm
content-encoding
br
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 18:12:14 GMT
x-amz-cf-pop
EWR53-C2
age
20
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 11 Mar 2024 10:05:40 GMT
server
AmazonS3
etag
W/"7be65d0f1ea93862c2beb9a0adea8906"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=120
vary
Accept-Encoding
x-amz-cf-id
7N4f0DFfj0bLg_dzCR40ou5oywvSBrGl569ux1yqUqR3CMu4kDOmsg==
fs.js
edge.fullstory.com/s/ 		252 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
Origin
https://northwesternmutualsbx.ziphq.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 17:23:56 GMT
content-encoding
br
age
2907
x-guploader-uploadid
ABPtcPqzjTSkFRNZWgHZX2hFV2ytnQ7lFQmgU_pgbtiUTSeS1rxeVaFwLv17CwU3xYUiK6REb_LPPwKPrw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70641
last-modified
Tue, 19 Mar 2024 13:20:22 GMT
server
UploadServer
etag
"55abb77d6ef5f32c187228af79a39e07"
vary
Accept-Encoding
x-goog-generation
1710854422256649
x-goog-hash
crc32c=v0JsiA==, md5=Vau3fW718ywYciiveaOeBw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
70641
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 25 Mar 2024 18:23:56 GMT
settings
cdn.segment.com/v1/projects/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/v1/projects/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/settings
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a395b7bf9aba045f782b2cfad1e761f015efec9d382e2889267d0afa5eab830d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
FJYYGNTdhGBL3Q5OTnlwN.TLKU5cbFOf
content-encoding
br
via
1.1 2755a65ada03bcb40dcec9e77a7c9160.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 17:11:30 GMT
x-amz-cf-pop
EWR53-C2
age
3657
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Feb 2024 22:08:00 GMT
server
AmazonS3
etag
W/"6b657e7a325a8e4bca00f6d418a6c6e8"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=10800
vary
Accept-Encoding
x-amz-cf-id
jLzoY-4jJAQ_IyhzNDOZKo4RJ8uWXFN3qkbSCHz5ZbtOSdc_SQYQLQ==
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://northwesternmutualsbx.ziphq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 25 Mar 2024 18:12:23 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: assets.ziphq.com
URL: https://assets.ziphq.com/static/1996.63e84fadf37151ce6f3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://northwesternmutualsbx.ziphq.com/
Bugsnag-Sent-At
2024-03-25T18:12:23.230Z
accept-language
en-US,en;q=0.9
Bugsnag-Api-Key
20e44bea8596af42695842ff661291ac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Mon, 25 Mar 2024 18:12:23 GMT
via
1.1 google
bugsnag-session-uuid
c9b7cfe9-9aea-44bd-a858-9289be4c9ae0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
zip_logo_primary_black.svg
northwesternmutualsbx.ziphq.com/static/images/logo/ 		13 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northwesternmutualsbx.ziphq.com/static/images/logo/zip_logo_primary_black.svg
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcaa60c3181ba1017820b90e9aab024f9ce6998ef0842a4381fee263c5f855d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:24 GMT
content-encoding
gzip
cf-cache-status
EXPIRED
last-modified
Mon, 25 Mar 2024 09:58:35 GMT
server
cloudflare
etag
W/"66014acb-333d"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
86a0de7638074bc3-BUF
eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
app.launchdarkly.com/sdk/evalx/6220031710123414f492f4e2/contexts/ 		105 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/6220031710123414f492f4e2/contexts/eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
Requested by
Host: assets.ziphq.com
URL: https://assets.ziphq.com/static/1996.63e84fadf37151ce6f3f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
91db9e53d11b03515a44f1929fbc6163fc466e12afd4385ac37924f295448eba

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:24 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
17820
x-served-by
cache-yyz4564-YYZ, cache-yyz4551-YYZ
x-timer
S1711390345.848695,VS0,VE3
etag
"108dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
1
eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
app.launchdarkly.com/sdk/evalx/6220031710123414f492f4e2/contexts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.launchdarkly.com/sdk/evalx/6220031710123414f492f4e2/contexts/eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
GET
Origin
https://northwesternmutualsbx.ziphq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Mon, 25 Mar 2024 18:12:24 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-served-by
cache-yyz4551-YYZ
x-timer
S1711390345.796178,VS0,VE0
LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2
fonts.gstatic.com/s/encodesans/v19/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/encodesans/v19/LDIhapOFNxEwR-Bd1O9uYNmnUQomAgE25imKSbHLSMA6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Encode+Sans:wght@400;500;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84d61e7247b5194fedf074ca201a7bbc68d3ee141236b4e7cb5030abf9ab58c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://northwesternmutualsbx.ziphq.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 09:01:22 GMT
x-content-type-options
nosniff
age
465062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27320
x-xss-protection
0
last-modified
Mon, 20 Mar 2023 20:55:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Mar 2025 09:01:22 GMT
px.gif
www.google.com/images/phd/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/phd/px.gif?t=1711390344623
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:24 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 25 Mar 2024 18:12:24 GMT
graphql
northwesternmutualsbx.ziphq.com/ 		25 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://northwesternmutualsbx.ziphq.com/graphql
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8584df3a0dca6a092898d956fae4ece208131db7b012154f3b7371b51649f346
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.heapanalytics.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://heapanalytics.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept
*/*
Referer
https://northwesternmutualsbx.ziphq.com/login
accept-language
en-US,en;q=0.9
x-csrftoken
IjQ2NzA4MzIxYzM1YWZjOWMwOWY3ZGRkZDRhYmJkZGQ2YzVlN2VkMmMi.GONQBg.JjXR7GyMzUIpa2I4Vb_7YFvjDYc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
x-request-id
cb7a471c-34e9-4708-bf4c-0f2a693298af
content-type
application/json

Response headers

date
Mon, 25 Mar 2024 18:12:24 GMT
content-security-policy
default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.heapanalytics.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://heapanalytics.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
x-git-commit
9601d7867c
x-frame-options
DENY
vary
Cookie
content-type
application/json
cf-ray
86a0de7638084bc3-BUF
content-length
25
x-request-id
cb7a471c-34e9-4708-bf4c-0f2a693298af
graphql
northwesternmutualsbx.ziphq.com/ 		103 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://northwesternmutualsbx.ziphq.com/graphql
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c93d987a0df26d303b5e07fbc409558853c94b94e13b1ad2e88f8fc26c6ed8
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.heapanalytics.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://heapanalytics.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept
*/*
Referer
https://northwesternmutualsbx.ziphq.com/login
accept-language
en-US,en;q=0.9
x-csrftoken
IjQ2NzA4MzIxYzM1YWZjOWMwOWY3ZGRkZDRhYmJkZGQ2YzVlN2VkMmMi.GONQBg.JjXR7GyMzUIpa2I4Vb_7YFvjDYc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
x-request-id
cb7a471c-34e9-4708-bf4c-0f2a693298af
content-type
application/json

Response headers

date
Mon, 25 Mar 2024 18:12:24 GMT
content-security-policy
default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.heapanalytics.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://heapanalytics.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
content-encoding
gzip
x-git-commit
9601d7867c
x-frame-options
DENY
vary
Cookie
content-type
application/json
cf-ray
86a0de7638094bc3-BUF
x-request-id
cb7a471c-34e9-4708-bf4c-0f2a693298af
ajs-destination.bundle.13362ca512563a10e34d.js
cdn.segment.com/analytics-next/bundles/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.13362ca512563a10e34d.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 11 Mar 2024 06:18:42 GMT
x-amz-version-id
zLlD7V458WAMWR2TbagutIejPfQAgFsB
content-encoding
br
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
1252424
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Sun, 10 Mar 2024 20:38:56 GMT
server
AmazonS3
etag
W/"0dec480089dae7da1834489f95aca4e7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
yG2GT5MNgpcfZaEtzR_55P4w3aVY78xw8pHbAPNswuAADIoUX17GaA==
web
edge.fullstory.com/s/settings/Z1C2H/v1/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/Z1C2H/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
22c142d62a9eee1363ce3464d1c12cb8b61c0caaeb1c42ad13995f478cc1e32a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 17:59:52 GMT
content-encoding
gzip
age
753
x-guploader-uploadid
ABPtcPpGA2D3RaTAHDlaK_NHs7sfi-dh7-Qka_Y9kacXWBoUH53LP4DE_-B9UFn41-FyEdMHMvA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1747
last-modified
Mon, 25 Mar 2024 17:59:38 GMT
server
UploadServer
etag
"34272e71f415969928b3a26ed80667cf"
x-goog-generation
1711389578125084
x-goog-hash
crc32c=iudaAg==, md5=NCcucfQVlpkos6Ju2AZnzw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
1747
accept-ranges
bytes
content-type
application/json
expires
Mon, 25 Mar 2024 18:14:52 GMT
px.gif
www.google.com/images/phd/ 		43 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/phd/px.gif?t=1711390345131
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 25 Mar 2024 18:12:25 GMT
api.js
apis.google.com/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/api.js
Requested by
Host: assets.ziphq.com
URL: https://assets.ziphq.com/static/1996.63e84fadf37151ce6f3f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ab812b784460878762b061a4278eb0bcac4adb2c49cbc4757190c54cbc34d76
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 25 Mar 2024 18:12:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5892
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"29fb66b29f645cfa"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Mar 2024 18:12:25 GMT
google.png
northwesternmutualsbx.ziphq.com/static/images/integrations/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://northwesternmutualsbx.ziphq.com/static/images/integrations/icons/google.png
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6605c625b3eb350783677d44539bec99ca2e8aa80fcbe9033476c5410cf965ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:25 GMT
cf-cache-status
EXPIRED
last-modified
Mon, 25 Mar 2024 12:40:48 GMT
server
cloudflare
etag
"660170d0-c57"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
86a0de7a6a7f4bc3-BUF
content-length
3159
eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
clientstream.launchdarkly.com/eval/6220031710123414f492f4e2/ 		105 KB
0 		EventSource
General
Check archive.org
Download Go to
Full URL
https://clientstream.launchdarkly.com/eval/6220031710123414f492f4e2/eyJrZXkiOiJhbm9ueW1vdXMiLCJjdXN0b20iOnsib3JnYW5pemF0aW9uIjoiIiwib3JnYW5pemF0aW9uX2d1aWQiOiIifX0
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.235.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa1ba9bef7b18c265.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
text/event-stream
Cache-Control
no-cache
Referer
https://northwesternmutualsbx.ziphq.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:25 GMT
strict-transport-security
max-age=31536000
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.f63551a29dc1697f71b6.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 08:24:52 GMT
x-amz-version-id
Vhxc.PNoCl1XdQ5uL7S33Fz9JAAyJXMa
content-encoding
br
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
3750454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 05 Feb 2024 23:38:55 GMT
server
AmazonS3
etag
W/"2a359f6227308e4ee31623f9381ae1d7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
vary
Accept-Encoding
x-amz-cf-id
f22OnlVCFHC1x08LLLTK5LXNRBYtVtvOkkIo0VWiRh2IEYHeBna4wA==
px.gif
www.google.com/images/phd/ 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/phd/px.gif?t=1711390345321
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 25 Mar 2024 18:12:25 GMT
4f7b1c96b5d7262322cc.js
cdn.segment.com/next-integrations/actions/fullstory/ 		183 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/fullstory/4f7b1c96b5d7262322cc.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f60ee135ad75095cfe8664f39a39e73f477831d996bf2e3d4689792b52c82d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
ZFSmlzHW12VV0jjYuhBTlvoWwqijGLly
content-encoding
gzip
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 06:30:24 GMT
x-amz-cf-pop
EWR53-C2
age
42122
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 12 Mar 2024 06:23:50 GMT
server
AmazonS3
etag
W/"6223a2ed33fe961f63088bd851ca0283"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
GzeqI5t21gYs6TY1O3aaM-mOYCecnUhco3BFon8WEmI3Lf0svLpKog==
px.gif
www.google.com/images/phd/ 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/phd/px.gif?t=1711390345425
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 25 Mar 2024 18:12:25 GMT
page
rs.fullstory.com/rec/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
99f1f688035d0afa9675a8a7ae2f251e532bbdb57c9b3b0722f1f51857d0e432

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 25 Mar 2024 18:12:25 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1985
px.gif
www.google.com/images/phd/ 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/phd/px.gif?t=1711390345590
Requested by
Host: northwesternmutualsbx.ziphq.com
URL: https://northwesternmutualsbx.ziphq.com/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:25 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/gif
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 25 Mar 2024 18:12:25 GMT
3afb34170d18de455d37.js
cdn.segment.com/next-integrations/actions/845/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/actions/845/3afb34170d18de455d37.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/actions/fullstory/4f7b1c96b5d7262322cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
04d18bef2807591fc537180f58ede59bc3788ba3817847f2cdf5ec41d8a611d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
8C4vXHGg6ERvGpREFFF2_z_mIci38V_A
content-encoding
gzip
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 11:59:07 GMT
x-amz-cf-pop
EWR53-C2
age
22399
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 12 Mar 2024 06:23:48 GMT
server
AmazonS3
etag
W/"5343057d1293b492869e57bab8573740"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding
x-amz-cf-id
7siQkkM64-tun-SVwkwq0xQhyBG2bvhabA6ivyovB-rlISSkEBtY8Q==
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oh6mNxd5OYM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-goHQwcBQdTSfIcaYi5vOvnb-P8g/ 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oh6mNxd5OYM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-goHQwcBQdTSfIcaYi5vOvnb-P8g/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08daf345086e4aba1e754175bfe658b40b382192ece81cfba09764905cb6d08d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 07:48:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
469419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40439
x-xss-protection
0
last-modified
Fri, 01 Mar 2024 15:19:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 20 Mar 2025 07:48:46 GMT
intercom.dynamic.js.gz
cdn.segment.com/next-integrations/integrations/intercom/3.1.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/intercom/3.1.0/intercom.dynamic.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 21:26:48 GMT
content-encoding
gzip
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-version-id
UmD7F.j8vFqDUtNMk_FJm_Zc.bMsT7GP
x-amz-cf-pop
EWR53-C2
age
765938
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1878
last-modified
Fri, 08 Mar 2024 07:35:29 GMT
server
AmazonS3
etag
"d20b898e8b1fe44f03e532db7fe5cf4e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
wWWihmHEkz8H8Eet0lcfcsr1GjVbkxUJmpRFOnHCUotoTLOIJxFGsA==
integrations
rs.fullstory.com/rec/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/integrations?OrgId=Z1C2H
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d020ef8796bc4a95f05f874c9fbcadfe9ae3e3d2138abcf30e1d4eb36fc3154b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:25 GMT
via
1.1 google
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/javascript; charset=utf-8
iframe
accounts.google.com/o/oauth2/ Frame DE81 		295 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oh6mNxd5OYM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-goHQwcBQdTSfIcaYi5vOvnb-P8g/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1401::54 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3557c422061c0516bcb0835dbb37363be50c213dbfe31622152e28b6360e3236
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-Jh6hBbvlOlV8oVt8kTIqjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-Jh6hBbvlOlV8oVt8kTIqjw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 25 Mar 2024 18:12:26 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
Anx7P+ykxPk2cvb3pmDcFJrtthuvm2pPqF/N9DW2XnD4tw+GvaXWaUhemhtJeK2OiYYjgVfcdmEkym+Al84WUQEAAABReyJvcmlnaW4iOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb206NDQzIiwiZmVhdHVyZSI6IlRwY2QiLCJleHBpcnkiOjE3MzUzNDM5OTl9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/_/IdpIFrameHttp/web-reports?context=eJzjctHikmLw1ZBiePflJRPH15dMEkCsBsR866azqgCx5vrprIFA7JQ-gzUAiH3qZ7BGAXHrzXOsk4HY-uZ5ViEejq6_bRvYBF6cPbiUEQA2uCGa"
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
commons.c42222c4cb2f8913500f.js.gz
cdn.segment.com/next-integrations/integrations/vendor/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/sHOxZcjtDGhyuIMAjm6nAmNim3QS6xkI/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.38.199 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-38-199.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Thu, 21 Mar 2024 22:10:55 GMT
content-encoding
gzip
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
x-amz-version-id
HopHKmY9TBcR3b.zdj3KrkRozUW9hj.F
x-amz-cf-pop
EWR53-C2
age
331292
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
22177
last-modified
Fri, 08 Mar 2024 07:35:27 GMT
server
AmazonS3
etag
"befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
accept-ranges
bytes
x-amz-cf-id
zKFpVyVyLdCe5laCY_LEksDG_QdOv-bSiVS1xvd_Zxavvy5YRGSXJg==
jpvqigu7
widget.intercom.io/widget/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/jpvqigu7
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-119.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d6c9d4211a4ca9d64360c52e9a8bccd2b6f6c6df60e810f03b1ec054d3f0880

Request headers

accept-language
en-US,en;q=0.9
Referer
https://northwesternmutualsbx.ziphq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
m1t5sGMW5Lh_EmXWAvQVz2R.vz9BYJDt
content-encoding
gzip
via
1.1 b1cccfee199a18a4097165436eb291a8.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 18:09:51 GMT
x-amz-cf-pop
EWR53-C2
age
155
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2705
last-modified
Mon, 25 Mar 2024 17:24:49 GMT
server
AmazonS3
etag
"faf8bfc75654ee86b2a27e1ad8b576a8"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=300, s-maxage=300, public
accept-ranges
bytes
x-amz-cf-id
CuZVSdVCxF3pGmx95m_MG6PtGTmIdQ5cLi2pxUshryVv3r5cfZDMIQ==
t
api.segment.io/v1/ 		21 B
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-35-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Mon, 25 Mar 2024 18:12:26 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/ 		21 B
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-35-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Mon, 25 Mar 2024 18:12:26 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
t
api.segment.io/v1/ 		21 B
185 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-35-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Mon, 25 Mar 2024 18:12:26 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
p
api.segment.io/v1/ 		21 B
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-35-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Mon, 25 Mar 2024 18:12:26 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.CRjZsbLFC7Y.es5.O/am=wA/d=1/rs=AOaEmlFJVO6b9gwDXxk4iRilRlt4INh1lg/ Frame DE81 		109 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.CRjZsbLFC7Y.es5.O/am=wA/d=1/rs=AOaEmlFJVO6b9gwDXxk4iRilRlt4INh1lg/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
689dc9d9c13d54d0da52d6f27128166dd8b695a877afd5da700750c3a6c473b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Fri, 22 Mar 2024 10:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
288307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38366
x-xss-protection
0
last-modified
Sat, 16 Mar 2024 00:50:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sat, 22 Mar 2025 10:07:19 GMT
frame-modern.d78f357d.js
js.intercomcdn.com/ Frame A0B8 		515 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.d78f357d.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jpvqigu7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a99217bda86a068a164996f67e49451118bcdc7f9042ca8d58a4822889bd2020
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 17:24:52 GMT
content-encoding
gzip
via
1.1 b4d4149b3eab97748926fd7af4eba404.cloudfront.net (CloudFront)
x-amz-version-id
PsMYQefrIJGAbq2b8ScOb8UVE4Jwus3c
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
2855
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
144945
last-modified
Mon, 25 Mar 2024 17:21:47 GMT
server
AmazonS3
etag
"51b9347003500d4795ff1787053f6e3d"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
-IRVe-vhEVHLAbkZJfmScyYramhtVWXRWPRzo46a0oMeGrER9CsUCg==
vendor-modern.9921b73c.js
js.intercomcdn.com/ Frame A0B8 		483 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.9921b73c.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/jpvqigu7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cad3500791a788df6463f08be3d2cd07785f0f24b90d403fa17392a47469f0ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 16:41:46 GMT
content-encoding
gzip
via
1.1 b4d4149b3eab97748926fd7af4eba404.cloudfront.net (CloudFront)
x-amz-version-id
zk.etVXE0Vj.y3ocCV4ckMkFEldqVVuf
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
5441
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
151135
last-modified
Mon, 25 Mar 2024 15:50:40 GMT
server
AmazonS3
etag
"ae95e8cfe55350008dcd098ebbe4cee3"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
T_1_ujqhyp0bqf_Ut9F4hN33Bb6M41uq2bIqdhmzWc5n1vtNE0mu5A==
6220031710123414f492f4e2
events.launchdarkly.com/events/diagnostic/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/6220031710123414f492f4e2
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.71.168.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-168-113.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 25 Mar 2024 18:12:26 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
6220031710123414f492f4e2
events.launchdarkly.com/events/diagnostic/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/diagnostic/6220031710123414f492f4e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.71.168.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-168-113.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://northwesternmutualsbx.ziphq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Mon, 25 Mar 2024 18:12:26 GMT
strict-transport-security
max-age=31536000
iframerpc
accounts.google.com/o/oauth2/ Frame DE81 		50 B
783 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fnorthwesternmutualsbx.ziphq.com&client_id=232138060133-shrgkh93v06a0ae7fqk4otgob1pite19.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.CRjZsbLFC7Y.es5.O/am=wA/d=1/rs=AOaEmlFJVO6b9gwDXxk4iRilRlt4INh1lg/m=base
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1401::54 Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-1d_QonXtXbM6FsUPpXY2jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 18:12:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-1d_QonXtXbM6FsUPpXY2jg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/IdpIFrameHttp/web-reports?context=eJzjctHikmLw05BiePflJRPH15dMEkCsBsR866azqgCx5vrprIFA7JQ-gzUAiH3qZ7BGAXHrzXOsk4HY6uZ5ViEejq6_bRvYBFb0fTvBBAA1niF0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, Origin
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 25 Mar 2024 18:12:26 GMT
rum
northwesternmutualsbx.ziphq.com/cdn-cgi/ 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://northwesternmutualsbx.ziphq.com/cdn-cgi/rum?
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3108::ac42:2840 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/login
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type
application/json

Response headers

date
Mon, 25 Mar 2024 18:12:26 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
86a0de829ed94bc3-BUF
t
api.segment.io/v1/ 		21 B
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/t
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.160.35.184 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-160-35-184.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Mon, 25 Mar 2024 18:12:26 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
ping
api-iam.intercom.io/messenger/web/ Frame A0B8 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d78f357d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.72.54.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-54-62.compute-1.amazonaws.com
Software
nginx /
Resource Hash
caf0aa88113139a768511286c961c232ee6a901b81723833e88ed305be9890e4
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 25 Mar 2024 18:12:27 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-03244067f559d9bd4
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00056bndroa8ssbb0vq0
x-runtime
0.300588
server
nginx
etag
W/"caf0aa88113139a768511286c961c232"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
x-intercom-version
e415000b15f3ce19daacbede24b0d7177ca77dec
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=Z1C2H&UserId=418d9257-c2a9-4973-89ac-f9a228e815f7&SessionId=229378b0-be3a-4711-af42-5ece7f6cdded&PageId=2c36f185-9213-4789-8fa4-6bfa2af90df0&Seq=1&ClientTime=1711390347264&PageStart=1711390345837&PrevBundleTime=0&LastActivity=917&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
c83104cf83074501515650f01d8545fab1fe8ec2b1f085a4e322ce9f4ae9df19

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Mon, 25 Mar 2024 18:12:27 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
ping
api-iam.intercom.io/messenger/web/ Frame A0B8 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d78f357d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.72.54.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-54-62.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bc0626d1ebe2061e078b3921ba5e98c7a5201fbd4adbbdc687b44f1bd0679501
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 25 Mar 2024 18:12:28 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-03244067f559d9bd4
status
200 OK
x-xss-protection
1; mode=block
x-request-id
003cnprtg0867ktmmal0
x-runtime
0.261382
server
nginx
etag
W/"bc0626d1ebe2061e078b3921ba5e98c7"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
x-intercom-version
e415000b15f3ce19daacbede24b0d7177ca77dec
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
events
api-iam.intercom.io/messenger/web/ Frame A0B8 		4 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/events
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d78f357d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.72.54.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-54-62.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 25 Mar 2024 18:12:28 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-03244067f559d9bd4
status
200 OK
x-xss-protection
1; mode=block
x-request-id
003d5n5vri7jjr5jn5u0
x-runtime
0.112162
server
nginx
etag
W/"e10808d43975dc400731053386849f86"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
x-intercom-version
e415000b15f3ce19daacbede24b0d7177ca77dec
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
events
api-iam.intercom.io/messenger/web/ Frame A0B8 		4 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/events
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d78f357d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.72.54.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-54-62.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 25 Mar 2024 18:12:28 GMT
strict-transport-security
max-age=31556952; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-ami-version
ami-03244067f559d9bd4
status
200 OK
x-xss-protection
1; mode=block
x-request-id
00048336qdrcvne9r7p0
x-runtime
0.144345
server
nginx
etag
W/"e10808d43975dc400731053386849f86"
x-request-queueing
0
vary
Accept,Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
x-intercom-version
e415000b15f3ce19daacbede24b0d7177ca77dec
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-frame-options
SAMEORIGIN
access-control-allow-headers
Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA
6220031710123414f492f4e2
events.launchdarkly.com/events/bulk/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/6220031710123414f492f4e2
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.71.168.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-168-113.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

X-LaunchDarkly-Payload-ID
3d83a220-ead3-11ee-a9a8-4300b4c54b8a
X-LaunchDarkly-Event-Schema
4
accept-language
en-US,en;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
application/json
Referer
https://northwesternmutualsbx.ziphq.com/
X-LaunchDarkly-Wrapper
react-client-sdk/3.0.9

Response headers

date
Mon, 25 Mar 2024 18:12:28 GMT
strict-transport-security
max-age=31536000
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
6220031710123414f492f4e2
events.launchdarkly.com/events/bulk/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.launchdarkly.com/events/bulk/6220031710123414f492f4e2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.71.168.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-168-113.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent,x-launchdarkly-wrapper
Access-Control-Request-Method
POST
Origin
https://northwesternmutualsbx.ziphq.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Mon, 25 Mar 2024 18:12:28 GMT
strict-transport-security
max-age=31536000
v2
rs.fullstory.com/rec/bundle/ 		29 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=Z1C2H&UserId=418d9257-c2a9-4973-89ac-f9a228e815f7&SessionId=229378b0-be3a-4711-af42-5ece7f6cdded&PageId=2c36f185-9213-4789-8fa4-6bfa2af90df0&Seq=2&ClientTime=1711390351027&PageStart=1711390345837&PrevBundleTime=1711390347318&LastActivity=4692&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
18a79cfb4bd2224a3492ec81170b5c117bf32a5a729502d8fa8f8e74862c87a6

Request headers

Referer
https://northwesternmutualsbx.ziphq.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://northwesternmutualsbx.ziphq.com
date
Mon, 25 Mar 2024 18:12:31 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
vendors~app~tooltips-modern.77e8d419.js
js.intercomcdn.com/ Frame A0B8 		687 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app~tooltips-modern.77e8d419.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d78f357d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72014cc902b20d3ae073ce853bba58420c0df7765f63432f72472086b3f54ed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
s4UryWBcYmU.Pd_70uSqc0UiwLCbIVgP
content-encoding
gzip
via
1.1 b4d4149b3eab97748926fd7af4eba404.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 16:43:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
5350
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
162751
last-modified
Mon, 25 Mar 2024 13:55:37 GMT
server
AmazonS3
etag
"bbf9fe5c44467ed294a5ef62e7106fdc"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
Tt3NcHEsVRYtFQpr2rKjnRflOGXot8Zk2YxDjVkrdGHK67CLzznyBw==
vendors~app-modern.3733d47a.js
js.intercomcdn.com/ Frame A0B8 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app-modern.3733d47a.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d78f357d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f462869d3a32461e00329c7a89a2463250f2bd4a40bd80f2e9dc3bd8e476aca9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
1VtaU7P0.zy5xVZszPWcizrSsl1edq9o
content-encoding
gzip
via
1.1 b4d4149b3eab97748926fd7af4eba404.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 16:56:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
4574
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21502
last-modified
Mon, 25 Mar 2024 13:55:37 GMT
server
AmazonS3
etag
"418911f0e28e7f33a5ac1fc4f3c723de"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
UYNMuaU2kFvBxoy6KCSGyTJYQxscbCoogFFk1-G7GZwicDBiL5d63Q==
app~tooltips-modern.d78e4d48.js
js.intercomcdn.com/ Frame A0B8 		206 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app~tooltips-modern.d78e4d48.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d78f357d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22b62195ec3f2b362f71687f7939196d67222238bb8188f78e0b5b50afb22bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
Yg78OOI3Q1_02RxMb7gs6s.dmfcfE4q9
content-encoding
gzip
via
1.1 b4d4149b3eab97748926fd7af4eba404.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 17:14:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
3500
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54071
last-modified
Mon, 25 Mar 2024 13:55:36 GMT
server
AmazonS3
etag
"91db46f9a239ddda3b9ea3e0af746198"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
0OgfIgX6zM8EzE5jJX1AVWuJE-EtvkpE86IS0M9tabFH0T2V2NjIFg==
app-modern.248c8e39.js
js.intercomcdn.com/ Frame A0B8 		492 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app-modern.248c8e39.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d78f357d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cdca08bb5e0827c37987b8c336f9ac249ea028257182b131b13c8ba2085a111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 17:24:53 GMT
content-encoding
gzip
via
1.1 b4d4149b3eab97748926fd7af4eba404.cloudfront.net (CloudFront)
x-amz-version-id
B7EHq4SFdSRY3LE2F9.PmqHY7IV5dXD9
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
2861
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136024
last-modified
Mon, 25 Mar 2024 17:21:46 GMT
server
AmazonS3
etag
"8a542e81d20854b13a742346d26b3fa7"
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
xB5TiktgVy-1lbTVDbPoASa2hl-DYcNm7jOtD0vEzhsNn6W-gu3N0w==
launcher-discovery-modern.374890f2.js
js.intercomcdn.com/ Frame A0B8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/launcher-discovery-modern.374890f2.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.d78f357d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c8b35bcfc5bb96f2259d7283f368bb370e6fab63d035909ed6a25b4695ed77e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
xkOrUf4EC96F3bHuGkO1G3tpfolDMDVq
content-encoding
gzip
via
1.1 694c2ab22098fd212b8d6808ee6c5aaa.cloudfront.net (CloudFront)
date
Mon, 25 Mar 2024 16:22:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
6591
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1926
last-modified
Mon, 25 Mar 2024 13:55:36 GMT
server
AmazonS3
etag
"c8d15d2b5331fe0e09a3f74e8aa0779b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
mat78758GuaPl2FeVye2dcYBiOVSMARr0v7bDh2MB4aSZ23atqpshg==
fs.js
edge.fullstory.com/s/ Frame B259 		252 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af

Request headers

Referer
Origin
https://northwesternmutualsbx.ziphq.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 17:23:07 GMT
content-encoding
br
age
2967
x-guploader-uploadid
ABPtcPpNLFaRg9YTwUlia328Itgsi48yj7qg6v9_IuGeOXpZsCp4hEr2pV8he6bBsXgz7LxqYoI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70641
last-modified
Tue, 19 Mar 2024 13:20:22 GMT
server
UploadServer
etag
"55abb77d6ef5f32c187228af79a39e07"
vary
Accept-Encoding
x-goog-generation
1710854422256649
x-goog-hash
crc32c=v0JsiA==, md5=Vau3fW718ywYciiveaOeBw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
70641
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 25 Mar 2024 18:23:07 GMT
fs.js
edge.fullstory.com/s/ Frame 66F6 		252 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af

Request headers

Referer
Origin
https://northwesternmutualsbx.ziphq.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Mon, 25 Mar 2024 17:23:07 GMT
content-encoding
br
age
2967
x-guploader-uploadid
ABPtcPpNLFaRg9YTwUlia328Itgsi48yj7qg6v9_IuGeOXpZsCp4hEr2pV8he6bBsXgz7LxqYoI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70641
last-modified
Tue, 19 Mar 2024 13:20:22 GMT
server
UploadServer
etag
"55abb77d6ef5f32c187228af79a39e07"
vary
Accept-Encoding
x-goog-generation
1710854422256649
x-goog-hash
crc32c=v0JsiA==, md5=Vau3fW718ywYciiveaOeBw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
70641
accept-ranges
bytes
content-type
application/javascript
expires
Mon, 25 Mar 2024 18:23:07 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| csrf_token object| analytics boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| webpackChunkzip_app object| __MUI_LICENSE_INFO__ object| InjectedData object| regeneratorRuntime object| __cfBeacon string| _fs_loaded function| _fs_shutdown object| webpackChunkDestination function| fullstoryDestination object| gapi object| ___jsl boolean| _fs_initialized string| _fs_rec_settings_host object| _F_toggles object| osapi object| intercomDeps function| intercomLoader object| webpackJsonp_name_Integration function| setImmediate function| clearImmediate function| intercomIntegration function| Intercom function| __intercomAssignLocation function| __intercomReloadLocation function| normalize

10 Cookies

Domain/Path Name / Value
.ziphq.com/ Name: oauth_state
Value: uMsqEVdCyBxqRxcp
.northwesternmutualsbx.ziphq.com/ Name: session
Value: eyJfZnJlc2giOmZhbHNlLCJfcGVybWFuZW50Ijp0cnVlLCJjc3JmX3Rva2VuIjoiNDY3MDgzMjFjMzVhZmM5YzA5ZjdkZGRkNGFiYmRkZDZjNWU3ZWQyYyJ9.GONQCA.dlucQOElQ2EtZhP2bqje8ZCpMQo
.ziphq.com/ Name: fs_lua
Value: 1.1711390345791
.ziphq.com/ Name: fs_uid
Value: #Z1C2H#418d9257-c2a9-4973-89ac-f9a228e815f7:229378b0-be3a-4711-af42-5ece7f6cdded:1711390345791::1#/1742926347
.northwesternmutualsbx.ziphq.com/ Name: G_ENABLED_IDPS
Value: google
.ziphq.com/ Name: ajs_anonymous_id
Value: 09fb8b47-e50f-4af2-87c0-4442898380f9
.google.com/ Name: NID
Value: 512=nmKyCquFMBYhoxutH_YIgDseAgFM1q3W51XxA_gmuo_-jL7SsDW4mQaPwGnUslTRWikEzAgjs90uPzxF0gNv4xWlbscJAc47EC6crVvMd6Vc_bHujrq4C_GvusGdkPR0N0Bn_51XCJlJFnxg0fOp3lw9au4XTbZW5a7EBwe7568
.ziphq.com/ Name: intercom-id-jpvqigu7
Value: c4c2204e-0cbd-482d-a6ae-6b7c28f3064f
.ziphq.com/ Name: intercom-session-jpvqigu7
Value:
.ziphq.com/ Name: intercom-device-id-jpvqigu7
Value: a0e83632-a25a-4fa2-a7cd-967cef841f67

2 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.Oh6mNxd5OYM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-goHQwcBQdTSfIcaYi5vOvnb-P8g/cb=gapi.loaded_0?le=scs(Line 181)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://northwesternmutualsbx.ziphq.com/login
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' blob: data: wss://*.intercom.io https://*.bugsnag.com https://*.cloudflareinsights.com https://*.datadoghq.com https://*.browser-intake-datadoghq.com https://*.fullstory.com https://*.google-analytics.com https://*.googletagmanager.com https://*.gstatic.com https://*.heapanalytics.com https://*.hellosign.com https://*.intercom.io https://*.intercomcdn.com https://*.mktoresp.com https://*.segment.com https://*.segment.io https://*.ziphq.com https://*.ziphq.com/to_primary https://accounts.google.com https://apis.google.com https://evergreen-private.s3.amazonaws.com https://intercom-sheets.com https://heapanalytics.com https://prod-evergreen-files.s3.amazonaws.com https://zip-kyc.s3.amazonaws.com https://zip-kyc-staging.s3.amazonaws.com https://*.launchdarkly.com https://*.stripe.com; script-src https: 'unsafe-inline' 'unsafe-eval' blob:; style-src https: 'unsafe-inline'; font-src https: data: moz-extension:; img-src https: blob: data:; frame-ancestors 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api-iam.intercom.io
api.segment.io
apis.google.com
app.launchdarkly.com
assets.ziphq.com
cdn.segment.com
clientstream.launchdarkly.com
edge.fullstory.com
events.launchdarkly.com
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
northwesternmutualsbx.ziphq.com
rs.fullstory.com
sessions.bugsnag.com
static.cloudflareinsights.com
widget.intercom.io
www.google.com
www.gstatic.com
108.139.47.108
13.226.34.119
13.226.38.199
151.101.130.217
2600:1901:0:7a0b::
2606:4700:3108::ac42:2840
2606:4700::6810:5049
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80e::2003
2607:f8b0:4006:81d::200e
2607:f8b0:4006:824::2004
2607:f8b0:4023:1401::54
3.33.235.18
35.160.35.184
35.186.194.58
35.201.112.186
52.71.168.113
52.72.54.62
04d18bef2807591fc537180f58ede59bc3788ba3817847f2cdf5ec41d8a611d0
08daf345086e4aba1e754175bfe658b40b382192ece81cfba09764905cb6d08d
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
18a79cfb4bd2224a3492ec81170b5c117bf32a5a729502d8fa8f8e74862c87a6
1d6c9d4211a4ca9d64360c52e9a8bccd2b6f6c6df60e810f03b1ec054d3f0880
22b62195ec3f2b362f71687f7939196d67222238bb8188f78e0b5b50afb22bda
22c142d62a9eee1363ce3464d1c12cb8b61c0caaeb1c42ad13995f478cc1e32a
3557c422061c0516bcb0835dbb37363be50c213dbfe31622152e28b6360e3236
3f60ee135ad75095cfe8664f39a39e73f477831d996bf2e3d4689792b52c82d1
427653d8b0569e986b88bb7dca1852b627a034f69be1da68b150eb0d2bbacb5d
4c4bc328d74d58c3210e435afd7fa9ad2292226b1d388d0c66cd32682f3ed2af
5c8b35bcfc5bb96f2259d7283f368bb370e6fab63d035909ed6a25b4695ed77e
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6605c625b3eb350783677d44539bec99ca2e8aa80fcbe9033476c5410cf965ea
689dc9d9c13d54d0da52d6f27128166dd8b695a877afd5da700750c3a6c473b6
69592dc75ce77470480df5f52123b17ccdbc78e18eae173449267cbe7b4bdae9
72014cc902b20d3ae073ce853bba58420c0df7765f63432f72472086b3f54ed6
7e4fde2a7e2da4eb11065a29f03b7f68566665515cf79bf4841168b46508dda5
84d61e7247b5194fedf074ca201a7bbc68d3ee141236b4e7cb5030abf9ab58c5
8584df3a0dca6a092898d956fae4ece208131db7b012154f3b7371b51649f346
8ab812b784460878762b061a4278eb0bcac4adb2c49cbc4757190c54cbc34d76
91db9e53d11b03515a44f1929fbc6163fc466e12afd4385ac37924f295448eba
99f1f688035d0afa9675a8a7ae2f251e532bbdb57c9b3b0722f1f51857d0e432
9ccc6c518ffe31eed92f470c761328b99eb22f51ca03cd51b3e379050ae42024
9cdca08bb5e0827c37987b8c336f9ac249ea028257182b131b13c8ba2085a111
a395b7bf9aba045f782b2cfad1e761f015efec9d382e2889267d0afa5eab830d
a99217bda86a068a164996f67e49451118bcdc7f9042ca8d58a4822889bd2020
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
bc0626d1ebe2061e078b3921ba5e98c7a5201fbd4adbbdc687b44f1bd0679501
c4f9730e98321c29c3ce40ac78ee0f7c8aa21c8e848bf773f741fff2c5da55c2
c83104cf83074501515650f01d8545fab1fe8ec2b1f085a4e322ce9f4ae9df19
cad3500791a788df6463f08be3d2cd07785f0f24b90d403fa17392a47469f0ed
caf0aa88113139a768511286c961c232ee6a901b81723833e88ed305be9890e4
d020ef8796bc4a95f05f874c9fbcadfe9ae3e3d2138abcf30e1d4eb36fc3154b
d416e84afdd1e9419df402e033504031f668bc43d29106e2ba44c6991d1b1ea3
d4d1b4738a49a1680c70065f0b07f8cdf2ef98692b22bf3779a8d7d88e21c812
dcaa60c3181ba1017820b90e9aab024f9ce6998ef0842a4381fee263c5f855d5
e10808d43975dc400731053386849f864f297e6c4f7519c380f3dbaf7067a840
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f17f078ea883fbe048f75ab5e7371c081cbd7d85ec5d91d443512d1ecd63dfb3
f462869d3a32461e00329c7a89a2463250f2bd4a40bd80f2e9dc3bd8e476aca9
f4c93d987a0df26d303b5e07fbc409558853c94b94e13b1ad2e88f8fc26c6ed8
f578acaa37c56cb6d45723b5afd3418d3eb23361c682399d889454a935e3f7c1