grinnellmutualb2c.b2clogin.com Open in urlscan Pro
2603:1037:1:128::9  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://my.grinnellmutual.com/ Page URL
2. https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/authorize?client_id=0oa1759042uBZnvQU358&redirect_uri=https%3A%2F%2Fmy.grinnellmutual.com%2Fcallback&scope=openid%20profile%20email%20groups%20grantedAuthorities%20afiExternalUserID&response_type=code&idp=0oa13jnagnivzK1T3358&state=kIvM85Esyom1B0su&nonce=GvjYTEU28wOo&code_challenge=azvzx9PE3DlAwlWqrU1oE8aZ4a-kAn3qRJhFP3ZuBZk&code_challenge_method=S256 Page URL
3. https://grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/samlp/sso/login Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response my.grinnellmutual.com/	2 KB 2 KB	501ms 319ms	Document text/html	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 303439ad4a6d45f48e2831e4afa5d75fa4ad63a564109d804273c919b1e35aa9 Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cache-control max-age=0, no-store, public, must-revalidate, proxy-revalidate content-encoding br content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' content-type text/html cross-origin-embedder-policy unsafe-none cross-origin-opener-policy same-origin cross-origin-resource-policy same-origin date Sat, 13 Jul 2024 11:16:21 GMT etag W/"1c3e65ab24d6df3d7d893dcf95c43ab3" expires Thu, 01 Jan 1970 00:00:00 GMT last-modified Fri, 12 Jul 2024 22:54:26 GMT permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() referrer-policy no-referrer-when-downgrade server AmazonS3 strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) x-amz-cf-id Zx_tQ5Q0TRckmTK7fIs7v8BpeZHTBqLUjBDF88NSuyuH-dn3RaaduQ== x-amz-cf-pop IAD50-C2 x-amz-server-side-encryption AES256 x-amz-version-id gLbxulqCj0xxbxm_WEmpVBpeS1DYnvQP x-cache RefreshHit from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN x-permitted-cross-domain-policies none x-xss-protection 1; mode=block
GET H2	200	js Show response www.googletagmanager.com/gtag/	307 KB 102 KB	123ms 43ms	Script application/javascript	2607:f8b0:400d:c0b::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-L11T6TV1TY Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0b::61 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 83f5479bc069aa05867c88034604c2b3765606b53aa23ab7c88c8adcd6c41e6b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 11:16:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 103963 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 13 Jul 2024 11:16:21 GMT
GET H2	200	jutro.38bbadce.chunk.js Show response my.grinnellmutual.com/static/js/	5 MB 686 KB	21ms 19ms	Script application/javascript	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/static/js/jutro.38bbadce.chunk.js Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 44183beca9cdaa83583261461f7abab5beefc347fc1153f05a8f8cb3322caad5 Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 23:06:56 GMT x-amz-version-id hF34BtQjbdT1neEfod2gaK8R2uTz_CwH x-content-type-options nosniff content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 x-amz-cf-pop IAD50-C2 x-cache Hit from cloudfront age 43766 cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:25 GMT server AmazonS3 cross-origin-opener-policy same-origin etag W/"e5494c01b504d6e4e3428b4a44793241" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() x-amz-cf-id lpnk79ohRFLFM5XknXLt7q1qT2o8eGMKTAgW43Y2alVE-4jpATvvHg==
GET H3	200	config.5d680e11.chunk.js Show response my.grinnellmutual.com/static/js/	13 KB 5 KB	80ms 78ms	Script application/javascript	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/static/js/config.5d680e11.chunk.js Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f5ad22dfee202b1d313cbad1b7797b054ba1e67d9bacd493ebf94428df4b166f Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-amz-version-id lTtvpaHmcyH639JeKduucDwGKNvQS0Yz content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' x-content-type-options nosniff strict-transport-security max-age=63072000; includeSubDomains; preload content-encoding br x-permitted-cross-domain-policies none date Sat, 13 Jul 2024 11:16:22 GMT x-amz-cf-pop IAD50-C2 cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) x-cache RefreshHit from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:26 GMT server AmazonS3 cross-origin-opener-policy same-origin etag W/"326374e414ff290b9a693116bab9b62a" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=0, no-store, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() x-amz-cf-id 4kJUiLi4_Cwwvk1By3wDqKT9w1qyM0DjE1xwmDUA4wPWZG5sMPUENw== expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3	200	vendor.b9e1ab6d.chunk.js Show response my.grinnellmutual.com/static/js/	4 MB 923 KB	25ms 24ms	Script application/javascript	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/static/js/vendor.b9e1ab6d.chunk.js Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9a1f76d292312479b3819cda04878c105f41f9fb97decb1ebcd669dffc136ce0 Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 23:06:56 GMT x-amz-version-id zvXB.8flI36hLKXahB6B0KnjMHs80DvF x-content-type-options nosniff content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=63072000; includeSubDomains; preload age 43766 cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 x-amz-cf-pop IAD50-C2 via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) x-cache Hit from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:25 GMT server AmazonS3 cross-origin-opener-policy same-origin etag W/"20cf856fd4dc4eb7d3cf66bb206b62ea" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() x-amz-cf-id BCe7HVChtNx9XhvZoabCYA6eLQfofvEVWj2hx4c_qxFXjqmXz54SQw==
GET H3	200	main.6a4667d7.js Show response my.grinnellmutual.com/static/js/	3 MB 459 KB	21ms 20ms	Script application/javascript	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/static/js/main.6a4667d7.js Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1e5027b366eeba1298d79006635ca4c727251b79cd47d12fc7172807ffc66263 Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 23:06:56 GMT x-amz-version-id VpdkWH_XWGWAnZCI5HBfeyQPK7RXdG9K x-content-type-options nosniff content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=63072000; includeSubDomains; preload age 43766 cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 x-amz-cf-pop IAD50-C2 via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) x-cache Hit from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:25 GMT server AmazonS3 cross-origin-opener-policy same-origin etag W/"768c2556850f9199cdb5412f0ad34697" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() x-amz-cf-id c1OqMZ__3_op5jLAELWzElcw25ui4d_3TmG1ilSi-L3Oi2MRrw8c-A==
GET H2	200	jutro.c6c04aea.css my.grinnellmutual.com/static/css/	316 KB 39 KB	88ms 87ms	Stylesheet text/css	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/static/css/jutro.c6c04aea.css Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 12408219d6c111759719399196dc0a2dd7b4932d9c32a526c207954f75dd064d Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 23:06:56 GMT x-amz-version-id kct_nuNgYvLKlCHr5n47u9BGnVWRhJOm x-content-type-options nosniff content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 x-amz-cf-pop IAD50-C2 x-cache Hit from cloudfront age 43766 cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:25 GMT server AmazonS3 cross-origin-opener-policy same-origin etag W/"913c3dcdf28de112007987b2a1f9b809" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control max-age=31536000, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() x-amz-cf-id MnvOH3NxY7RPjw5ilQeLEaDgMcYxZLBf2RWWKShQzUkHALgPw9pqgQ==
GET H2	200	vendor.a5701c0a.css my.grinnellmutual.com/static/css/	27 KB 5 KB	36ms 35ms	Stylesheet text/css	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/static/css/vendor.a5701c0a.css Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b669c9f0963a898450c0f54a997dda8cf8762c65d3b34a11aa7bfdc100007ac5 Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 23:06:56 GMT x-amz-version-id VsMsyQVVoOW7g5ebZHjI6Mtyg5XyBAEM x-content-type-options nosniff content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 x-amz-cf-pop IAD50-C2 x-cache Hit from cloudfront age 43766 cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:25 GMT server AmazonS3 cross-origin-opener-policy same-origin etag W/"2cd171c570edcda5df914768e7b65513" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control max-age=31536000, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() x-amz-cf-id r0vBCeraadbJKzXqoj4SPHmewiAmzNRqrCNHrCQqC9oJ7yaWGq47Iw==
GET H2	200	main.0db726da.css my.grinnellmutual.com/static/css/	351 KB 50 KB	21ms 20ms	Stylesheet text/css	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/static/css/main.0db726da.css Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8fbffac961ed741bf107dcb79ad692ba05a057bdc7d73fc353916614cae98ff4 Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 23:06:56 GMT x-amz-version-id QBV9eQaSCWKeeXeorb_vpxMQjEcbpNh9 x-content-type-options nosniff content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=63072000; includeSubDomains; preload via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 x-amz-cf-pop IAD50-C2 x-cache Hit from cloudfront age 43766 cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:25 GMT server AmazonS3 cross-origin-opener-policy same-origin etag W/"35f27cb23c77a8433917324d7da584bc" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control max-age=31536000, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() x-amz-cf-id ABFuYNEV56BtE6Pg4IakONZw0yubDXslescyPTCITy-XzNoYQkLZ_A==
GET H2	200	gtm.js Show response www.googletagmanager.com/	193 KB 69 KB	69ms 68ms	Script application/javascript	2607:f8b0:400d:c0b::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-TW9P6GNP Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c0b::61 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 50b7453e258cff5d07da5c5b41c2f22837d04cea9e5b9983da7758a08e38535f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 11:16:21 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70341 x-xss-protection 0 last-modified Sat, 13 Jul 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 13 Jul 2024 11:16:21 GMT
POST H2	204	collect www.google-analytics.com/g/	0 0	102ms 22ms	Fetch text/plain	2607:f8b0:4004:c07::8b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-L11T6TV1TY&gtm=45je4790v9168982034za200&_p=1720869381147&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=1427623127.1720869381&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720869381&sct=1&seg=0&dl=https%3A%2F%2Fmy.grinnellmutual.com%2F&dt=CustomerEngage%20Account%20Management&uid=USER_ID&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=765&_z=fetch Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-L11T6TV1TY Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c07::8b Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Sat, 13 Jul 2024 11:16:21 GMT server Golfe2 content-type text/plain access-control-allow-origin https://my.grinnellmutual.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		a31d51b0-cc7a-4df6-be1a-5dbc1d44baba https://my.grinnellmutual.com/	0 0
GET H3	200	app-messages-en_US.d74f6e50.chunk.js my.grinnellmutual.com/static/js/	548 KB 105 KB	21ms 20ms	Script application/javascript	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/static/js/app-messages-en_US.d74f6e50.chunk.js Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/static/js/main.6a4667d7.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 23:06:57 GMT x-amz-version-id 1bnK7sfjXuEMr.eE13vDDijehPgHGuuP x-content-type-options nosniff content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=63072000; includeSubDomains; preload age 43766 cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 x-amz-cf-pop IAD50-C2 via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) x-cache Hit from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:25 GMT server AmazonS3 cross-origin-opener-policy same-origin etag W/"33e4e616da184768db6adf20a2439e94" x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/javascript cache-control max-age=31536000, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() x-amz-cf-id e86jO0Y2hY6FfMlG125jUSnKvGE-sZjgJO4jw4TAzQSFbPFckfKEIQ==
GET H3	200	variableOverrides.css my.grinnellmutual.com/style/grinnellTheme/	23 KB 5 KB	23ms 23ms	Stylesheet text/css	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/style/grinnellTheme/variableOverrides.css Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/static/js/jutro.38bbadce.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash eedcefa223a8a50cec64c818c74f7c28caa872691fe135c228d2d4572d847f9e Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 23:06:57 GMT x-amz-version-id S9zPj3D7aKSDZU6S_g9v2v5BohT6_uca x-content-type-options nosniff content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=63072000; includeSubDomains; preload age 43766 cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 x-amz-cf-pop IAD50-C2 via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) x-cache Hit from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:25 GMT server AmazonS3 cross-origin-opener-policy same-origin etag W/"2efa3d5ef2fd8faef439e44e2297cadd" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control max-age=31536000, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() x-amz-cf-id QRZWABZJIvhBp-NHoWQDfZH0J01cInEnjPMCYYW41gTg7YseeBphRg==
GET H3	200	styleOverrides.css my.grinnellmutual.com/style/grinnellTheme/	4 KB 2 KB	27ms 27ms	Stylesheet text/css	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/style/grinnellTheme/styleOverrides.css Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/static/js/jutro.38bbadce.chunk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 3c4d88804b36ddb8f88e2ea58bbd539f62cd8b4a61ba619cf1520aa6b8674677 Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 23:06:57 GMT x-amz-version-id SRiTmtH66IF_a6OY7dwXmtkWbxHdCThy x-content-type-options nosniff content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' content-encoding br x-permitted-cross-domain-policies none strict-transport-security max-age=63072000; includeSubDomains; preload age 43766 cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 x-amz-cf-pop IAD50-C2 via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) x-cache Hit from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:25 GMT server AmazonS3 cross-origin-opener-policy same-origin etag W/"ddf13ce95a246938e3962aeb37794162" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/css cache-control max-age=31536000, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() x-amz-cf-id Leux9jPN-vzQfVKmExZHVkiy3h7delLwUzqGwNQVaQPvFxwVIITqaA==
GET H3	200	favicon.ico my.grinnellmutual.com/grinnell/	2 KB 3 KB	29ms 28ms	Other image/vnd.microsoft.icon	2600:9000:2073:8c00:c:878b:8100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://my.grinnellmutual.com/grinnell/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2600:9000:2073:8c00:c:878b:8100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Security Headers Name Value Content-Security-Policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 23:06:57 GMT x-amz-version-id zS5tSb0nhlzuF9qvm2_W2xZE.TItBHJF x-content-type-options nosniff content-security-policy object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline' via 1.1 c57d1eb27f41d3e95fc5060845849c06.cloudfront.net (CloudFront) x-permitted-cross-domain-policies none strict-transport-security max-age=63072000; includeSubDomains; preload age 43766 cross-origin-embedder-policy unsafe-none x-amz-server-side-encryption AES256 x-amz-cf-pop IAD50-C2 x-cache Hit from cloudfront cross-origin-resource-policy same-origin alt-svc h3=":443"; ma=86400 content-length 1674 x-xss-protection 1; mode=block referrer-policy no-referrer-when-downgrade last-modified Fri, 12 Jul 2024 22:54:24 GMT server AmazonS3 cross-origin-opener-policy same-origin etag "cc38087c619d842427478d8a0653c24e" x-frame-options SAMEORIGIN content-type image/vnd.microsoft.icon cache-control max-age=31536000, public, must-revalidate, proxy-revalidate permissions-policy accelerometer=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(), xr-spatial-tracking=() accept-ranges bytes x-amz-cf-id PCLcrqKIzmU_oipE0rFdvZrsLgkohWZ9-5iZDxgQcHOQZwRNn_H7RQ==
GET H2	200	openid-configuration guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/.well-known/	2 KB 4 KB	263ms 68ms	Fetch application/json	35.71.178.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/.well-known/openid-configuration Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/static/js/vendor.b9e1ab6d.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.71.178.224 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a71a8df23b4ece90e.awsglobalaccelerator.com Software nginx / Resource Hash Security Headers Name Value Content-Security-Policy default-src 'self' guidewire-hub.okta.com *.oktacdn.com; connect-src 'self' guidewire-hub.okta.com guidewire-hub-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com guidewire-hub.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' guidewire-hub.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' guidewire-hub.okta.com *.oktacdn.com; frame-src 'self' guidewire-hub.okta.com guidewire-hub-admin.okta.com login.okta.com *.vidyard.com; img-src 'self' guidewire-hub.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' guidewire-hub.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' Strict-Transport-Security max-age=315360000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://my.grinnellmutual.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-okta-request-id df882cb56a52f051d5e0effa5716467e date Sat, 13 Jul 2024 11:16:22 GMT content-security-policy default-src 'self' guidewire-hub.okta.com *.oktacdn.com; connect-src 'self' guidewire-hub.okta.com guidewire-hub-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com guidewire-hub.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' guidewire-hub.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' guidewire-hub.okta.com *.oktacdn.com; frame-src 'self' guidewire-hub.okta.com guidewire-hub-admin.okta.com login.okta.com *.vidyard.com; img-src 'self' guidewire-hub.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' guidewire-hub.okta.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' x-content-type-options nosniff strict-transport-security max-age=315360000; includeSubDomains p3p CP="HONK" x-xss-protection 0 referrer-policy strict-origin-when-cross-origin server nginx accept-ch Sec-CH-UA-Platform-Version vary Origin, Origin content-type application/json access-control-allow-origin https://my.grinnellmutual.com cache-control max-age=86400, must-revalidate access-control-allow-credentials true expires Sun, 14 Jul 2024 11:15:34 GMT
GET		OidcKeepAliveServiceWorker.json my.grinnellmutual.com/	0 0
GET H2	200	authorize Show response guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/	30 KB 11 KB	330ms 205ms	Document text/html	52.223.45.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/authorize?client_id=0oa1759042uBZnvQU358&redirect_uri=https%3A%2F%2Fmy.grinnellmutual.com%2Fcallback&scope=openid%20profile%20email%20groups%20grantedAuthorities%20afiExternalUserID&response_type=code&idp=0oa13jnagnivzK1T3358&state=kIvM85Esyom1B0su&nonce=GvjYTEU28wOo&code_challenge=azvzx9PE3DlAwlWqrU1oE8aZ4a-kAn3qRJhFP3ZuBZk&code_challenge_method=S256 Requested by Host: my.grinnellmutual.com URL: https://my.grinnellmutual.com/static/js/vendor.b9e1ab6d.chunk.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.223.45.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS a71a8df23b4ece90e.awsglobalaccelerator.com Software nginx / Resource Hash 375bebd61e3b622c8313f9b9ede1dc09913e7f1ebcc06aa0b3fa87a684869a6b Security Headers Name Value Content-Security-Policy default-src 'self' guidewire-hub.okta.com *.oktacdn.com; connect-src 'self' guidewire-hub.okta.com guidewire-hub-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com guidewire-hub.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' guidewire-hub.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' guidewire-hub.okta.com *.oktacdn.com; frame-src 'self' guidewire-hub.okta.com guidewire-hub-admin.okta.com login.okta.com *.vidyard.com; img-src 'self' guidewire-hub.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' guidewire-hub.okta.com data: *.oktacdn.com fonts.gstatic.com Strict-Transport-Security max-age=315360000; includeSubDomains X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://my.grinnellmutual.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers accept-ch Sec-CH-UA-Platform-Version cache-control no-cache, no-store content-encoding gzip content-language en content-security-policy default-src 'self' guidewire-hub.okta.com *.oktacdn.com; connect-src 'self' guidewire-hub.okta.com guidewire-hub-admin.okta.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.okta.com guidewire-hub.kerberos.okta.com https://oinmanager.okta.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' guidewire-hub.okta.com *.oktacdn.com; style-src 'unsafe-inline' 'self' guidewire-hub.okta.com *.oktacdn.com; frame-src 'self' guidewire-hub.okta.com guidewire-hub-admin.okta.com login.okta.com *.vidyard.com; img-src 'self' guidewire-hub.okta.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' guidewire-hub.okta.com data: *.oktacdn.com fonts.gstatic.com content-type text/html;charset=utf-8 date Sat, 13 Jul 2024 11:16:23 GMT expires 0 p3p CP="HONK" pragma no-cache referrer-policy no-referrer server nginx strict-transport-security max-age=315360000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-okta-request-id 76675f9be00b0c30b378586df69f8904 x-rate-limit-limit 60 x-rate-limit-remaining 59 x-rate-limit-reset 1720869442 x-robots-tag noindex,nofollow x-xss-protection 0
GET H2	200	jquery-1.12.4.2ef93d9aedc4198ec425a799a371292d.js Show response ok7static.oktacdn.com/assets/js/	289 KB 101 KB	136ms 18ms	Script application/javascript	18.165.98.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/jquery-1.12.4.2ef93d9aedc4198ec425a799a371292d.js Requested by Host: guidewire-hub.okta.com URL: https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/authorize?client_id=0oa1759042uBZnvQU358&redirect_uri=https%3A%2F%2Fmy.grinnellmutual.com%2Fcallback&scope=openid%20profile%20email%20groups%20grantedAuthorities%20afiExternalUserID&response_type=code&idp=0oa13jnagnivzK1T3358&state=kIvM85Esyom1B0su&nonce=GvjYTEU28wOo&code_challenge=azvzx9PE3DlAwlWqrU1oE8aZ4a-kAn3qRJhFP3ZuBZk&code_challenge_method=S256 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-18.iad55.r.cloudfront.net Software nginx / Resource Hash 43e51f129fb6eb0f52aee5fb4857f14796f9a5b38e66f445658db1ac1fb7298e Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer Origin https://guidewire-hub.okta.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-amz-meta-sha1sum 26667ee897b9e91a9b54c3d4aa445649aa92543d strict-transport-security max-age=315360000; includeSubDomains content-encoding gzip date Tue, 09 Jul 2024 09:58:49 GMT via 1.1 b72ec90bfb3598795e1ec469cc868742.cloudfront.net (CloudFront) x-amz-cf-pop IAD55-P4 age 350254 x-cache Hit from cloudfront last-modified Tue, 06 Dec 2022 22:05:53 GMT server nginx etag W/"2ef93d9aedc4198ec425a799a371292d" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-id a6VoyASsd8Th0J84kguOy3NkSPH1hC7-I7dryyYEilPUXVnt5Q1h9A== expires Wed, 09 Jul 2025 09:58:49 GMT
GET H2	200	interstitial.c280c95e9e8c971dad6d6dd597ab23f8.css ok7static.oktacdn.com/assets/css/sections/	8 KB 3 KB	135ms 18ms	Stylesheet text/css	18.165.98.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/css/sections/interstitial.c280c95e9e8c971dad6d6dd597ab23f8.css Requested by Host: guidewire-hub.okta.com URL: https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/authorize?client_id=0oa1759042uBZnvQU358&redirect_uri=https%3A%2F%2Fmy.grinnellmutual.com%2Fcallback&scope=openid%20profile%20email%20groups%20grantedAuthorities%20afiExternalUserID&response_type=code&idp=0oa13jnagnivzK1T3358&state=kIvM85Esyom1B0su&nonce=GvjYTEU28wOo&code_challenge=azvzx9PE3DlAwlWqrU1oE8aZ4a-kAn3qRJhFP3ZuBZk&code_challenge_method=S256 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-18.iad55.r.cloudfront.net Software nginx / Resource Hash d952fafe2ace405711d16dd5b78225162c199fffc0132fb1d85b612b629c5e22 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-amz-meta-sha1sum 254ba22d6a26decbf68aac1f9710e47a39cc4bfa strict-transport-security max-age=315360000; includeSubDomains content-encoding gzip date Tue, 09 Jul 2024 00:38:53 GMT via 1.1 b72ec90bfb3598795e1ec469cc868742.cloudfront.net (CloudFront) x-amz-cf-pop IAD55-P4 age 383850 x-cache Hit from cloudfront last-modified Tue, 05 Dec 2023 22:44:18 GMT server nginx etag W/"c280c95e9e8c971dad6d6dd597ab23f8" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-id z0k2xopN4mR5IbL6FSZnkudA9G3jEDNC8wGPm4PKohHh2DICwz4c2w== expires Wed, 09 Jul 2025 00:38:53 GMT
GET H2	200	interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif ok7static.oktacdn.com/assets/img/ui/indicators/	143 KB 144 KB	136ms 19ms	Image image/gif	18.165.98.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok7static.oktacdn.com/assets/img/ui/indicators/interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif Requested by Host: guidewire-hub.okta.com URL: https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/authorize?client_id=0oa1759042uBZnvQU358&redirect_uri=https%3A%2F%2Fmy.grinnellmutual.com%2Fcallback&scope=openid%20profile%20email%20groups%20grantedAuthorities%20afiExternalUserID&response_type=code&idp=0oa13jnagnivzK1T3358&state=kIvM85Esyom1B0su&nonce=GvjYTEU28wOo&code_challenge=azvzx9PE3DlAwlWqrU1oE8aZ4a-kAn3qRJhFP3ZuBZk&code_challenge_method=S256 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-18.iad55.r.cloudfront.net Software nginx / Resource Hash 3911e7c9d421c5b4435541e78ea1ea99b9975249fe7dc21cddad7418e666be02 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=315360000; includeSubDomains date Fri, 12 Jul 2024 00:46:42 GMT via 1.1 b72ec90bfb3598795e1ec469cc868742.cloudfront.net (CloudFront) x-amz-cf-pop IAD55-P4 age 124202 x-cache Hit from cloudfront content-length 146495 last-modified Wed, 15 Dec 2021 03:30:45 GMT server nginx etag "d4ca51b5579d1772af159f12276beb72" content-type image/gif access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 accept-ranges bytes x-amz-cf-id Wm-wAVi_ImibWGMc4N-jfthi0i_9mC5PFrURIDazvNkylkYQvUv8Mg== expires Sat, 12 Jul 2025 00:46:21 GMT
GET H2	200	interstitial.3bb1b1dab07d5557b70fe16c1da0276e.js Show response ok7static.oktacdn.com/assets/js/app/sso/	576 B 832 B	167ms 50ms	Script application/javascript	18.165.98.18 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok7static.oktacdn.com/assets/js/app/sso/interstitial.3bb1b1dab07d5557b70fe16c1da0276e.js Requested by Host: guidewire-hub.okta.com URL: https://guidewire-hub.okta.com/oauth2/aus11vix3uKEpIfSI357/v1/authorize?client_id=0oa1759042uBZnvQU358&redirect_uri=https%3A%2F%2Fmy.grinnellmutual.com%2Fcallback&scope=openid%20profile%20email%20groups%20grantedAuthorities%20afiExternalUserID&response_type=code&idp=0oa13jnagnivzK1T3358&state=kIvM85Esyom1B0su&nonce=GvjYTEU28wOo&code_challenge=azvzx9PE3DlAwlWqrU1oE8aZ4a-kAn3qRJhFP3ZuBZk&code_challenge_method=S256 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-18.iad55.r.cloudfront.net Software nginx / Resource Hash d67f33137e87a6a11f9b298e5a4aefe0c3094930d5ad4fcce9e828e0d6a5d3b8 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer Origin https://guidewire-hub.okta.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-amz-meta-sha1sum ae20c501108c474c6d4f9657041db2260164e0a0 strict-transport-security max-age=315360000; includeSubDomains content-encoding gzip date Thu, 27 Jun 2024 23:47:26 GMT via 1.1 b72ec90bfb3598795e1ec469cc868742.cloudfront.net (CloudFront) x-amz-cf-pop IAD55-P4 age 1501706 x-cache Hit from cloudfront last-modified Wed, 17 Jan 2024 22:38:48 GMT server nginx etag W/"3bb1b1dab07d5557b70fe16c1da0276e" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-id p5HQtYFB2wh-uJf8VB8rVb43tKbE0FkpYFpuevUxbRwDLux5uZYcOg== expires Thu, 26 Jun 2025 02:07:57 GMT
GET H2	200	interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif ok7static.oktacdn.com/assets/img/ui/indicators/	143 KB 0	0ms 0ms	Image image/gif	18.165.98.18 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok7static.oktacdn.com/assets/img/ui/indicators/interstitial-dark-blue-brand.d4ca51b5579d1772af159f12276beb72.gif Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.165.98.18 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-165-98-18.iad55.r.cloudfront.net Software nginx / Resource Hash Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 12 Jul 2024 00:46:42 GMT via 1.1 b72ec90bfb3598795e1ec469cc868742.cloudfront.net (CloudFront) last-modified Wed, 15 Dec 2021 03:30:45 GMT server nginx x-amz-cf-pop IAD55-P4 age 124202 etag "d4ca51b5579d1772af159f12276beb72" x-cache Hit from cloudfront content-type image/gif access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 accept-ranges bytes content-length 146495 x-amz-cf-id Wm-wAVi_ImibWGMc4N-jfthi0i_9mC5PFrURIDazvNkylkYQvUv8Mg== expires Sat, 12 Jul 2025 00:46:21 GMT
POST H/1.1	200 OK	Primary Request login Show response grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/samlp/sso/	148 KB 64 KB	727ms 558ms	Document text/html	2603:1037:1:128::9 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/samlp/sso/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1037:1:128::9 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash a88fa8f24308fe3fef71ba18e3639133d1fcd7f442c4858292c8bf1145e7c838 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Content-Type application/x-www-form-urlencoded Origin null Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Allow OPTIONS TRACE GET HEAD POST Cache-Control no-store, must-revalidate, no-cache Content-Encoding gzip Content-Length 63054 Content-Type text/html; charset=utf-8 Date Sat, 13 Jul 2024 11:16:23 GMT Expires -1 Public OPTIONS,TRACE,GET,HEAD,POST Strict-Transport-Security max-age=31536000; includeSubDomains Vary Accept-Encoding X-Build 1.1.205.0 X-Content-Type-Options nosniff X-Frame-Options DENY X-Request-ID ff92eae2-1abd-40d5-bb77-191839801630 X-UA-Compatible IE=edge X-XSS-Protection 1; mode=block x-ms-gateway-requestid 922cd19c-2373-44f4-99ba-8a2fb7ef02e8
GET H2	200	unified-signin.html Show response wcm.grinnellmutual.com/upload/Azure/customer/	26 KB 26 KB	276ms 158ms	XHR text/html	2606:4700:4400::6812:2298 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wcm.grinnellmutual.com/upload/Azure/customer/unified-signin.html Requested by Host: grinnellmutualb2c.b2clogin.com URL: https://grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/samlp/sso/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2298 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f166fc051f3c51b4bc2b03de1ff793580901a95a00ca5304421874127a40922b Request headers Referer https://grinnellmutualb2c.b2clogin.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-origin https://grinnellmutualb2c.b2clogin.com date Sat, 13 Jul 2024 11:16:24 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 8a28dc549d5342b2-EWR content-length 26349 request-context appId=cid-v1:07f1d79c-c0fa-4cdb-b3d5-89feb525a26f
GET H2	200	logoB.png wcm.grinnellmutual.com/upload/azure/	3 KB 3 KB	63ms 31ms	Image image/webp	2606:4700:4400::6812:2298 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wcm.grinnellmutual.com/upload/azure/logoB.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2298 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e20f0689c049318b479c8775879e874224ce8324b2a594d2a91a96620323e8cb Request headers Referer https://grinnellmutualb2c.b2clogin.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 11:16:24 GMT cf-cache-status HIT age 36781 cf-polished origFmt=png, origSize=9117 content-disposition inline; filename="logoB.webp" content-length 3034 request-context appId=cid-v1:07f1d79c-c0fa-4cdb-b3d5-89feb525a26f cf-bgj imgq:85,h2pri last-modified Thu, 25 May 2023 20:03:34 GMT server cloudflare etag "1d98f43fc24cc9d" vary Accept content-type image/webp cache-control public, max-age=14400 accept-ranges bytes cf-ray 8a28dc55d9761859-EWR expires Sat, 13 Jul 2024 15:16:24 GMT
GET H2	200	bootstrap.min.css ajax.aspnetcdn.com/ajax/bootstrap/4.6.0/css/	158 KB 36 KB	95ms 10ms	Stylesheet text/css	152.199.4.33 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ajax.aspnetcdn.com/ajax/bootstrap/4.6.0/css/bootstrap.min.css Requested by Host: grinnellmutualb2c.b2clogin.com URL: https://grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/samlp/sso/login Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.4.33 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (nyd/D18C) / Resource Hash 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://grinnellmutualb2c.b2clogin.com/ Origin https://grinnellmutualb2c.b2clogin.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 11:16:24 GMT content-encoding gzip x-content-type-options nosniff age 1011790 x-cache HIT content-length 36779 x-xss-protection 1; mode=block last-modified Fri, 12 Mar 2021 19:02:18 GMT server ECAcc (nyd/D18C) etag "1c5252397217d71:0" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public,max-age=31536000 accept-ranges bytes timing-allow-origin *
GET H2	200	css fonts.googleapis.com/	6 KB 2 KB	83ms 33ms	Stylesheet text/css	2607:f8b0:400d:c04::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c04::5f Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://grinnellmutualb2c.b2clogin.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sat, 13 Jul 2024 11:16:24 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sat, 13 Jul 2024 09:37:48 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 13 Jul 2024 11:16:24 GMT
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	36ms 9ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: grinnellmutualb2c.b2clogin.com URL: https://grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/samlp/sso/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://grinnellmutualb2c.b2clogin.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 11:16:24 GMT content-encoding gzip via 1.1 varnish age 2238653 x-cache HIT content-length 30879 x-served-by cache-lga21978-LGA last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1720869385.628739,VS0,VE0 etag W/"28feccc0-15d84" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 45282
POST H/1.1	200 OK	perftrace Show response grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/client/	0 447 B	162ms 157ms	XHR text/plain	2603:1037:1:128::9 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/client/perftrace?tx=StateProperties=eyJUSUQiOiJmZjkyZWFlMi0xYWJkLTQwZDUtYmI3Ny0xOTE4Mzk4MDE2MzAifQ&p=B2C_1A_Signup_Signin_saml Requested by Host: grinnellmutualb2c.b2clogin.com URL: https://grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/samlp/sso/login Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2603:1037:1:128::9 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/samlp/sso/login X-Requested-With XMLHttpRequest X-CSRF-TOKEN Q0xWTTh6UE1BZnBLODV3blpSTFRKRk4waS8zTGw3Uit5MVVMb3oxbHluek9kTmxyMktNbjdVZkZiNDZXSEU3bjg2ci9CdWJwc1lZdkxVazg4d3lzN1E9PTsyMDI0LTA3LTEzVDExOjE2OjI0LjAzNTM5ODVaO0VwMUlNV0pRZjdvcFlNWXJxa3l2a3c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ== User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/json; charset=UTF-8 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Date Sat, 13 Jul 2024 11:16:24 GMT X-Content-Type-Options nosniff Allow OPTIONS, TRACE, GET, HEAD, POST X-Frame-Options DENY Public OPTIONS,TRACE,GET,HEAD,POST Cache-Control no-store, must-revalidate, no-cache x-ms-gateway-requestid 683d0659-b56f-4c31-8d63-5658fb36ef35 Content-Length 0 X-XSS-Protection 1; mode=block
GET H2	200	background.jpg wcm.grinnellmutual.com/upload/azure/customer/	273 KB 274 KB	117ms 117ms	Image image/webp	2606:4700:4400::6812:2298 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wcm.grinnellmutual.com/upload/azure/customer/background.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2298 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71abcb16b09da708330a1b3960d513c1d00c3365a62ba088b7a73852c2cd02f8 Request headers Referer https://grinnellmutualb2c.b2clogin.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Sat, 13 Jul 2024 11:16:24 GMT cf-cache-status REVALIDATED cf-polished qual=85, origFmt=jpeg, origSize=322682 content-disposition inline; filename="background.webp" content-length 279848 request-context appId=cid-v1:07f1d79c-c0fa-4cdb-b3d5-89feb525a26f cf-bgj imgq:85,h2pri last-modified Thu, 11 Jul 2024 21:23:57 GMT server cloudflare etag "1dad3d8a37ff8fa" vary Accept content-type image/webp cache-control public, max-age=43200 accept-ranges bytes cf-ray 8a28dc5679c41859-EWR expires Sat, 13 Jul 2024 23:16:24 GMT
GET H2	200	memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 fonts.gstatic.com/s/opensans/v40/	18 KB 19 KB	71ms 19ms	Font font/woff2	2607:f8b0:4004:c1f::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c1f::5e Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://grinnellmutualb2c.b2clogin.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 10 Jul 2024 08:52:33 GMT x-content-type-options nosniff age 267831 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18668 x-xss-protection 0 last-modified Thu, 14 Dec 2023 02:00:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 10 Jul 2025 08:52:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

my.grinnellmutual.com

URL

blob:https://my.grinnellmutual.com/a31d51b0-cc7a-4df6-be1a-5dbc1d44baba

Domain

my.grinnellmutual.com

URL

https://my.grinnellmutual.com/OidcKeepAliveServiceWorker.json?minSleepSeconds=150

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| CP object| SA_FIELDS object| CONTENT object| SETTINGS string| staticHost string| targetSlice string| targetDc number| initializationTimeout boolean| diagsAlways number| maxTrace function| PageLoadTime function| _isFunction function| _mapObject function| _getPerformanceObjectData function| $trace object| $diags object| $santizer object| preloadCssLink object| $i2e object| $predicateValidation object| $element function| checkCssPreloaded function| preloadJavaScript object| $cors function| applyTenantBranding function| sendPageLoadTime function| $ function| jQuery boolean| pageReady object| Handlebars boolean| contentReady

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.grinnellmutual.com/	1970-01-21 07:37:09	Name: _ga Value: GA1.1.1427623127.1720869381
			guidewire-hub.okta.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: C57EAB4ACE20C5605FDA15D2F5A2A321
			guidewire-hub.okta.com/	1969-12-31 23:59:59	Name: t Value: default
			guidewire-hub.okta.com/	1970-01-21 07:37:09	Name: DT Value: DI1xJjCyVz-Ti-hKLX4eb3QJA
			.grinnellmutual.com/	1970-01-21 07:37:09	Name: _ga_L11T6TV1TY Value: GS1.1.1720869381.1.0.1720869383.0.0.0
			.grinnellmutualb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-csrf Value: Q0xWTTh6UE1BZnBLODV3blpSTFRKRk4waS8zTGw3Uit5MVVMb3oxbHluek9kTmxyMktNbjdVZkZiNDZXSEU3bjg2ci9CdWJwc1lZdkxVazg4d3lzN1E9PTsyMDI0LTA3LTEzVDExOjE2OjI0LjAzNTM5ODVaO0VwMUlNV0pRZjdvcFlNWXJxa3l2a3c9PTt7Ik9yY2hlc3RyYXRpb25TdGVwIjoxfQ==
			.grinnellmutualb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-cache|4uqs_70a1uc7dxkyoyawma_0 Value: m1.8E7ftrYk+kygF2yB.VctyL12AGcJW6kQA1XCgPw==.0.0HbUlU8/clkCQhP/PJhwFDOpfg5iwn/98jkWtAbxeuEzoyh0GsOteVRYmxTf4K+h3tHie088zFdgb2mDu0d6PWyRktuZ19pnvguFuIHYxs0EPR+/gTWhl+8WkIGgOK0zZ0F2TT5MCG/guA/1N/uEAbBPEvCsEmTKqwYKu1vp9VuRbpmrD3eOFBB5p/Y5YYvGoaEnympszkDjeIyG/2wejeFHaiLIWjc8Z1GucPYoG7Ua9uozmQvOs8FkJx7ujmw1coy9PZpxeaFUoMjio/wfiBJ3qClwAR/soct5t61X5v800RzvPNdPXnlCnohf5N/R07A1V+1piZIC0H3QDd6FID2Fff2cExdOywSrScqz2xiMmnMcv4qZcZz/nqXfElyStHBPzJ99rRONm8rD0b5bu4Dn+WgIQZwdp2Rhl6xUcgASwlqCc6DqNXbSXJTbRISeZvdYSqUM5HxRQIz4DhpWsRuL0ms4BPYNJkXkNydupIV1vMJiBoFgGBvbfwxVFryWqpQemYA4X6mK50nStYsbO7gs5nBajf/+tijYs/dNd5mcK8rT/BHBr/vpwu4pSYR+ND4lNRkq/2wDRIJPbgqwGwPtsMPy/Mw3VyOPpP3ug2f/ieGnTMCqDkV++/+xUWxjUfP/4g0NTT+KZoKmybGX/8695+d/57elbzZ5wCip39ioWWHRHkLZWHBQer/uf2eEio1MdZdO1r4OaZtMZ8f4/giTXG4ZLop1DSVXph8KjRDea/RLERpVjMhEzXCeMBCfvw059MqS6N9D/TGllfR2+V9SJjo9Mbq1ucWbXFe2lgXK7sD07uRyQNukMUfWPgprNcDe7hhWZKjZtfwW9Ajs5x0OeMr8TfH2XzPzACIS0GcJdpRjddWwqATxbxzNggoFi2xLf6K2ypSti0lRX0saeY5VR73XUXogfdDAOa2eKE3TiiCF233V94Y6WgTsvj/opCWetuC2tYpwhYkknfTEY1S0S3bE4G18SR8cZ/uHg0c1EJVrBpysnZzy2OY0rKyk2h6aqwevqLfXCRBqGkmwLfZgwKypyh3GasODXmUkH13L54eWZGZ1OUcwqJOeTyp53SqemyeBmEBS5w==
			.grinnellmutualb2c.b2clogin.com/	1969-12-31 23:59:59	Name: x-ms-cpim-trans Value: eyJUX0RJQyI6W3siSSI6ImZmOTJlYWUyLTFhYmQtNDBkNS1iYjc3LTE5MTgzOTgwMTYzMCIsIlQiOiJncmlubmVsbG11dHVhbGIyYy5vbm1pY3Jvc29mdC5jb20iLCJQIjoiQjJDXzFBX1NpZ251cF9TaWduaW5fc2FtbCIsIkMiOiI5YzRmMmI2Yy0wNzZiLTQ1YzktYTIyZC1iNmIxYWMyYWQ4MWEiLCJTIjoxLCJNIjp7fSwiRCI6MCwiRSI6Imh0dHBzOi8vd3d3Lm9rdGEuY29tL3NhbWwyL3NlcnZpY2UtcHJvdmlkZXIvc3BnaWdsdXJmcnV5bHNnY29xbmcifV0sIkNfSUQiOiJmZjkyZWFlMi0xYWJkLTQwZDUtYmI3Ny0xOTE4Mzk4MDE2MzAifQ==

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
recommendation	verbose	URL: https://grinnellmutualb2c.b2clogin.com/grinnellmutualb2c.onmicrosoft.com/B2C_1A_Signup_Signin_saml/samlp/sso/login Message: [DOM] Input elements should have autocomplete attributes (suggested: "username"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests; block-all-mixed-content; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
grinnellmutualb2c.b2clogin.com
guidewire-hub.okta.com
my.grinnellmutual.com
ok7static.oktacdn.com
wcm.grinnellmutual.com
www.google-analytics.com
www.googletagmanager.com
my.grinnellmutual.com
152.199.4.33
18.165.98.18
2600:9000:2073:8c00:c:878b:8100:93a1
2603:1037:1:128::9
2606:4700:4400::6812:2298
2607:f8b0:4004:c07::8b
2607:f8b0:4004:c1f::5e
2607:f8b0:400d:c04::5f
2607:f8b0:400d:c0b::61
2a04:4e42::649
35.71.178.224
52.223.45.111
12408219d6c111759719399196dc0a2dd7b4932d9c32a526c207954f75dd064d
1e5027b366eeba1298d79006635ca4c727251b79cd47d12fc7172807ffc66263
303439ad4a6d45f48e2831e4afa5d75fa4ad63a564109d804273c919b1e35aa9
375bebd61e3b622c8313f9b9ede1dc09913e7f1ebcc06aa0b3fa87a684869a6b
3911e7c9d421c5b4435541e78ea1ea99b9975249fe7dc21cddad7418e666be02
3c4d88804b36ddb8f88e2ea58bbd539f62cd8b4a61ba619cf1520aa6b8674677
43e51f129fb6eb0f52aee5fb4857f14796f9a5b38e66f445658db1ac1fb7298e
44183beca9cdaa83583261461f7abab5beefc347fc1153f05a8f8cb3322caad5
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
50b7453e258cff5d07da5c5b41c2f22837d04cea9e5b9983da7758a08e38535f
71abcb16b09da708330a1b3960d513c1d00c3365a62ba088b7a73852c2cd02f8
83f5479bc069aa05867c88034604c2b3765606b53aa23ab7c88c8adcd6c41e6b
8fbffac961ed741bf107dcb79ad692ba05a057bdc7d73fc353916614cae98ff4
9a1f76d292312479b3819cda04878c105f41f9fb97decb1ebcd669dffc136ce0
a88fa8f24308fe3fef71ba18e3639133d1fcd7f442c4858292c8bf1145e7c838
b669c9f0963a898450c0f54a997dda8cf8762c65d3b34a11aa7bfdc100007ac5
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
d67f33137e87a6a11f9b298e5a4aefe0c3094930d5ad4fcce9e828e0d6a5d3b8
d952fafe2ace405711d16dd5b78225162c199fffc0132fb1d85b612b629c5e22
e20f0689c049318b479c8775879e874224ce8324b2a594d2a91a96620323e8cb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
eedcefa223a8a50cec64c818c74f7c28caa872691fe135c228d2d4572d847f9e
f166fc051f3c51b4bc2b03de1ff793580901a95a00ca5304421874127a40922b
f5ad22dfee202b1d313cbad1b7797b054ba1e67d9bacd493ebf94428df4b166f
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d