urlscan.io logo urlscan.io
SecurityTrails logo

stg.youraccountonline.com Open in urlscan Pro
52.9.62.47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nzfire.oktapreview.youraccountonline.com/
Effective URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Submission: On November 17 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 35 HTTP transactions. The main IP is 52.9.62.47, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is stg.youraccountonline.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on September 9th 2024. Valid for: a year.
This is the only time stg.youraccountonline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 13.248.244.122 16509 (AMAZON-02)
17 52.9.62.47 16509 (AMAZON-02)
5 18.65.185.50 16509 (AMAZON-02)
3 2600:9000:221... 16509 (AMAZON-02)
2 13.112.78.120 16509 (AMAZON-02)
1 18.180.1.246 16509 (AMAZON-02)
1 1 18.142.248.184 16509 (AMAZON-02)
1 63.140.50.167 16509 (AMAZON-02)
35 7
7    13.248.244.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: a556120ce37110a35.awsglobalaccelerator.com
nzfire.oktapreview.youraccountonline.com
17    52.9.62.47 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-62-47.us-west-1.compute.amazonaws.com
stg.youraccountonline.com
5    18.65.185.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-50.nrt57.r.cloudfront.net
global.oktacdn.com
3    2600:9000:2219:ac00:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
2    13.112.78.120 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-78-120.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net
1    18.180.1.246 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-180-1-246.ap-northeast-1.compute.amazonaws.com
mmc.demdex.net
1    18.142.248.184 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-142-248-184.ap-southeast-1.compute.amazonaws.com
cm.everesttech.net
1    63.140.50.167 (United States)

ASN16509 (AMAZON-02, US)
mercer.sc.omtrdc.net
Apex Domain
Subdomains		 Transfer
24 youraccountonline.com
nzfire.oktapreview.youraccountonline.com
stg.youraccountonline.com
734 KB
5 oktacdn.com
global.oktacdn.com — Cisco Umbrella Rank: 14291
508 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 262
mmc.demdex.net — Cisco Umbrella Rank: 330286
2 KB
3 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1341
67 KB
1 omtrdc.net
mercer.sc.omtrdc.net — Cisco Umbrella Rank: 451189
360 B
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1608
490 B
35 6
Domain Requested by
17 stg.youraccountonline.com stg.youraccountonline.com
7 nzfire.oktapreview.youraccountonline.com 1 redirects global.oktacdn.com
5 global.oktacdn.com stg.youraccountonline.com
global.oktacdn.com
3 tags.tiqcdn.com stg.youraccountonline.com
2 dpm.demdex.net stg.youraccountonline.com
1 mercer.sc.omtrdc.net
1 cm.everesttech.net 1 redirects
1 mmc.demdex.net stg.youraccountonline.com
35 8

This site contains links to these domains. Also see Links.

Domain
www.firesuper.org.nz
Subject Issuer Validity Valid
global.mercer.com
COMODO RSA Organization Validation Secure Server CA		 2024-09-09 -
2025-09-09		 a year crt.sh
*.oktacdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-15 -
2025-01-02		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2024-03-19 -
2025-04-17		 a year crt.sh
nzfire.oktapreview.youraccountonline.com
R10		 2024-10-17 -
2025-01-15		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-09-25 -
2025-10-26		 a year crt.sh
*.sc.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-07 -
2025-03-09		 a year crt.sh

This page contains 2 frames:

Primary Page: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Frame ID: 4B75A39D45EB6C30C1D26362F09BAF2D
Requests: 31 HTTP requests in this frame

Frame: https://mmc.demdex.net/dest5.html?d_nsid=0
Frame ID: 4EE25D9BE9E8EC0B86C99BD68BDF3AAB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login

Page URL History Show full URLs

  1. http://nzfire.oktapreview.youraccountonline.com/ HTTP 307
    https://nzfire.oktapreview.youraccountonline.com/ HTTP 302
    https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <div class="[^"]*aem-Grid
  • /etc/clientlibs/
  • /etc\.clientlibs/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

97 %
HTTPS

13 %
IPv6

6
Domains

8
Subdomains

7
IPs

3
Countries

1308 kB
Transfer

4683 kB
Size

18
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nzfire.oktapreview.youraccountonline.com/ HTTP 307
    https://nzfire.oktapreview.youraccountonline.com/ HTTP 302
    https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://cm.everesttech.net/cm/dd?d_uuid=22405725867877538424087960979618683159 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZznejwAAAB3fGAOa

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.html
stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/
Redirect Chain
  • http://nzfire.oktapreview.youraccountonline.com/
  • https://nzfire.oktapreview.youraccountonline.com/
  • https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
30 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a6921769802d84547c43bb03778d472a27b91d2c5515ae542c4d39462a06c695
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
gzip
content-length
7338
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
content-type
text/html;charset=utf-8
date
Sun, 17 Nov 2024 12:16:12 GMT
dispatcher
newenv
etag
"78e4-626e8406d2252-gzip"
expires
Mon, 18 Nov 2024 12:16:12 GMT
last-modified
Fri, 15 Nov 2024 00:00:15 GMT
server
Apache
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-robots-tag
noindex, nofollow, noarchive, nosnippet
x-xss-protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
0
Content-Type
text/html;charset=ISO-8859-1
Date
Sun, 17 Nov 2024 12:16:11 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-Robots-Tag
noindex,nofollow
content-security-policy
default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com mercersuper.mtls.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'nonce-j4cybCSAyBQGk304ZJfxxQ' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator: https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self' http://localhost:8100
location
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
p3p
CP="HONK"
x-content-type-options
nosniff
x-okta-request-id
Zznei02aqaV9Sk1KOZCwsQAACvc
x-xss-protection
0
clientlib-public.min.195f12d08487984c4715878a5a62d3ff.css
stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/ 		469 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/clientlib-public.min.195f12d08487984c4715878a5a62d3ff.css
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
791eb406df67386e97443cf46ba1e26949ab7cd155b54bdba07a6d5a7482168b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=43200
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 00:16:12 GMT
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
text/css;charset=utf-8
last-modified
Thu, 12 Sep 2024 08:22:56 GMT
server
Apache
x-frame-options
SAMEORIGIN
clientlibrarymanager.min.4066faea2c14fde8235ed95b86add70c.js
stg.youraccountonline.com/etc.clientlibs/clientlibs/granite/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/etc.clientlibs/clientlibs/granite/clientlibrarymanager.min.4066faea2c14fde8235ed95b86add70c.js
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
345ce190740e5d757880a43ea538562ec2d9f48ce0f6084b538d1d098f8e1427
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=43200
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 00:16:12 GMT
content-length
2522
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
application/javascript;charset=utf-8
last-modified
Tue, 23 Jul 2019 21:21:51 GMT
server
Apache
x-frame-options
SAMEORIGIN
clientlib-jquery.min.41f2ffad9fbc30ab8953c1fa7cad592d.js
stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/externals/ 		93 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/externals/clientlib-jquery.min.41f2ffad9fbc30ab8953c1fa7cad592d.js
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
df0993ac6e17d21ac516d43224ef5d3f3413ba5eb0a26b18b4c28952f3cc8e72
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=43200
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 00:16:12 GMT
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
application/javascript;charset=utf-8
last-modified
Tue, 28 May 2024 17:09:27 GMT
server
Apache
x-frame-options
SAMEORIGIN
okta-sign-in.min.js
global.oktacdn.com/okta-signin-widget/7.18.0/js/ 		2 MB
413 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/7.18.0/js/okta-sign-in.min.js
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-50.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8cefc46a1d3bc8e7e66399561998518e710f58053edf88d92cae906a942d30d
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/

Response headers

content-encoding
gzip
x-amz-version-id
xbtxMWXNJPUd3T.bwEsXo5Ic9RtU3epr
etag
W/"406211b3d96f32f8abb35e76aa7fdf76"
age
19092
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
C93OvdpUQU4w-gyQbweVCB1QECX6RAlqrNXodNWV4219Iq-rURkDTg==
date
Sun, 17 Nov 2024 06:58:00 GMT
content-type
application/x-javascript
vary
Accept-Encoding
last-modified
Wed, 01 May 2024 17:48:10 GMT
strict-transport-security
max-age=315360000
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,s-maxage=1814400
via
1.1 de7faf172f0834adc90263d79dc3e864.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
NRT57-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/7.18.0/css/ 		218 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-50.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e47f4d2af98bfe77921113c8aaf0c53614f88ff14ff819be6612538611ed3d1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/

Response headers

content-encoding
gzip
x-amz-version-id
PY2AulXv8R2FZ3OAL4NiV2d2Fe18hi5N
etag
W/"0329c939fca7c78756b94fbcd95e322b"
age
19092
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
Trk6IEUuhCB0FWVdmoVR8duwmXGcge9y2cd1yvbk62qzhOM347wu4Q==
date
Sun, 17 Nov 2024 06:58:01 GMT
content-type
text/css
vary
Accept-Encoding
last-modified
Wed, 01 May 2024 17:47:55 GMT
strict-transport-security
max-age=315360000
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,s-maxage=1814400
via
1.1 de7faf172f0834adc90263d79dc3e864.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
NRT57-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
clientlib-login.min.93cacb1de4ef10dc99cf37cc9a7ece0b.css
stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/OKTA/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/OKTA/clientlib-login.min.93cacb1de4ef10dc99cf37cc9a7ece0b.css
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
20d73127daaf5944b38cf90c3b172b00b291362f431591fb5dd80f861d77ebd0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=43200
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 00:16:12 GMT
content-length
1003
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
text/css;charset=utf-8
last-modified
Tue, 12 Nov 2024 18:15:30 GMT
server
Apache
x-frame-options
SAMEORIGIN
logo_FS_White_Baground-removebg-preview.png
stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/logo_FS_White_Baground-removebg-preview.png
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
88266d543004e27b48544d6c4e4fc3077e78d7a1ca5c363050654e634abd8413
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=604800
etag
"310f-6263c1bd374c0"
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 12:16:12 GMT
accept-ranges
bytes
content-length
12559
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 06 Nov 2024 10:37:47 GMT
server
Apache
x-frame-options
SAMEORIGIN
csrf.min.56934e461ff6c436f962a5990541a527.js
stg.youraccountonline.com/etc.clientlibs/clientlibs/granite/jquery/granite/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.56934e461ff6c436f962a5990541a527.js
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
515394110439a7aafe62229bbda44a768a1d938a2053d92764fae16b2aba5e81
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=43200
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 00:16:12 GMT
content-length
1599
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
application/javascript;charset=utf-8
last-modified
Mon, 26 Nov 2018 17:10:55 GMT
server
Apache
x-frame-options
SAMEORIGIN
csrf.min.e30b4dbf010a765d5355e977264ae7cc.js
stg.youraccountonline.com/etc/clientlibs/granite/jquery/granite/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/etc/clientlibs/granite/jquery/granite/csrf.min.e30b4dbf010a765d5355e977264ae7cc.js
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ae66cbb491a4c3399cfd27da20655d67604377ccc03e79f20736eb95f80a044f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-encoding
gzip
etag
"df8-5678e4178b540-gzip"
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 00:16:12 GMT
date
Sun, 17 Nov 2024 12:16:12 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Fri, 16 Mar 2018 21:26:05 GMT
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=43200
accept-ranges
bytes
content-length
1588
x-xss-protection
1; mode=block
dispatcher
newenv
server
Apache
clientlib-login.min.c2b389cc2da997da20cc7892456e75ce.js
stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/OKTA/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/OKTA/clientlib-login.min.c2b389cc2da997da20cc7892456e75ce.js
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ecb234a949d3b97cd08e73e7f232284244d0b310fad05be89d3aa66d18c5b15d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=43200
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 00:16:12 GMT
content-length
7294
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
application/javascript;charset=utf-8
last-modified
Thu, 14 Nov 2024 19:20:58 GMT
server
Apache
x-frame-options
SAMEORIGIN
fsLogo-removebg-preview.png
stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/fsLogo-removebg-preview.png
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
822f8a41ea0e985532f01fe89832657b56436407bacfd5a481c5cf997f7bc487
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=604800
etag
"2f81-6263c4eab3400"
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 12:16:12 GMT
accept-ranges
bytes
content-length
12161
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 06 Nov 2024 10:52:00 GMT
server
Apache
x-frame-options
SAMEORIGIN
clientlib-public.min.8e4f8dbec77b7d5ca424b34267fff7d6.js
stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/ 		2 MB
379 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/clientlib-public.min.8e4f8dbec77b7d5ca424b34267fff7d6.js
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
23d261cb74bc8d68d6876391edbff66804d792427b481009174de2540db77858
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=43200
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 00:16:12 GMT
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
application/javascript;charset=utf-8
last-modified
Thu, 26 Sep 2024 07:17:21 GMT
server
Apache
x-frame-options
SAMEORIGIN
utag.js
tags.tiqcdn.com/utag/mercer/financial/qa/ 		129 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mercer/financial/qa/utag.js
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2219:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2222db64984fcf333baf4229b1ffda12d68fb942f8ee7f91b38a260020791998

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"36b337c9f95399bd387b21eb6cadcd75"
x-amz-version-id
13TCJnBBL_3FbntY1oJg27OzrbjyBMJk
via
1.1 3a09808c80f02e165c92f14754676eea.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
8dBn4W7tPY-UOJjVZN6LUo_2MSrgF06ViG5DM3ry8tyQ-sGbHefbMA==
date
Sun, 17 Nov 2024 12:16:14 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 04:33:52 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P1
x-amz-server-side-encryption
AES256
token.json
stg.youraccountonline.com/libs/granite/csrf/ 		2 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/libs/granite/csrf/token.json
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.56934e461ff6c436f962a5990541a527.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
no-cache
x-content-type-options
nosniff
expires
-1
content-length
2
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
application/json;charset=iso-8859-1
dispatcher
newenv
server
Apache
x-frame-options
SAMEORIGIN
NotoSans.woff2
stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/clientlib-base/resources/fonts/ 		160 KB
161 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/clientlib-base/resources/fonts/NotoSans.woff2
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/clientlib-public.min.195f12d08487984c4715878a5a62d3ff.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
923ab93982d80339ca430ada2243b32368f2f8b4e7c20cb5b949f00719d2e456
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://stg.youraccountonline.com
Referer
https://stg.youraccountonline.com/etc.clientlibs/mercer-pacific/clientlibs/clientlib-public.min.195f12d08487984c4715878a5a62d3ff.css

Response headers

vary
Accept-Encoding
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=86400, public, max-age=86400
dispatcher
newenv
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 12:16:12 GMT
date
Sun, 17 Nov 2024 12:16:12 GMT
x-xss-protection
1; mode=block
content-type
application/octet-stream
last-modified
Thu, 10 Aug 2023 17:41:07 GMT
server
Apache
x-frame-options
SAMEORIGIN
openid-configuration
nzfire.oktapreview.youraccountonline.com/oauth2/default/.well-known/ 		5 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nzfire.oktapreview.youraccountonline.com/oauth2/default/.well-known/openid-configuration
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.18.0/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a556120ce37110a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
473b728e0743f00e5948b88eaafcc03f63d728d36a1914031f90c23f1bf62ec0
Security Headers
Name Value
Content-Security-Policy default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

X-Okta-User-Agent-Extended
okta-auth-js/7.0.1 okta-signin-widget-7.18.0
Referer
https://stg.youraccountonline.com/
Accept-Language
en
Accept
application/json
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 12:16:13 GMT
p3p
CP="HONK"
Keep-Alive
timeout=5, max=99
Date
Sun, 17 Nov 2024 12:16:13 GMT
Content-Type
application/json
vary
Origin
X-Okta-Request-Id
ZznejcrT0yKbdzc0Of7w5gAACrU
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=315360000; includeSubDomains
content-security-policy
default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'; report-uri https://oktacsp.report-uri.com/r/t/csp/enforce; report-to csp
cache-control
max-age=86400, must-revalidate
accept-ch
Sec-CH-UA-Platform-Version
Connection
Keep-Alive
Access-Control-Allow-Credentials
true
referrer-policy
strict-origin-when-cross-origin
Access-Control-Allow-Origin
https://stg.youraccountonline.com
x-xss-protection
0
Server
nginx
openid-configuration
nzfire.oktapreview.youraccountonline.com/oauth2/default/.well-known/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nzfire.oktapreview.youraccountonline.com/oauth2/default/.well-known/openid-configuration
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a556120ce37110a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=315360000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
GET
Origin
https://stg.youraccountonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type,x-okta-user-agent-extended
Access-Control-Allow-Methods
GET, OPTIONS
Access-Control-Allow-Origin
https://stg.youraccountonline.com
Access-Control-Max-Age
3600
Connection
Keep-Alive
Content-Length
0
Content-Type
application/octet-stream
Date
Sun, 17 Nov 2024 12:16:13 GMT
Keep-Alive
timeout=5, max=100
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
Vary
Origin
X-Okta-Request-Id
ZznejcrT0yKbdzc0Of7w5AAACrU
interact
nzfire.oktapreview.youraccountonline.com/oauth2/default/v1/ 		1 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nzfire.oktapreview.youraccountonline.com/oauth2/default/v1/interact
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.18.0/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a556120ce37110a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
dfce14907dfa12c1234c3e31cc3b8ec6ce56ca598c3205244ef598ac62915981
Security Headers
Name Value
Content-Security-Policy default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

X-Okta-User-Agent-Extended
okta-auth-js/7.0.1 okta-signin-widget-7.18.0
Referer
https://stg.youraccountonline.com/
Accept-Language
en
Accept
application/json
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

X-Robots-Tag
noindex,nofollow
x-rate-limit-limit
600
x-content-type-options
nosniff
expires
0
p3p
CP="HONK"
Keep-Alive
timeout=5, max=99
Date
Sun, 17 Nov 2024 12:16:13 GMT
Content-Type
application/json
vary
Origin
x-rate-limit-remaining
599
x-okta-request-id
ZznejU2aqaV9Sk1KOZCwuAAACvc
access-control-allow-headers
Content-Type
Strict-Transport-Security
max-age=315360000; includeSubDomains
Transfer-Encoding
chunked
content-security-policy
default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
cache-control
no-cache, no-store
x-rate-limit-reset
1731845833
pragma
no-cache
accept-ch
Sec-CH-UA-Platform-Version
Connection
Keep-Alive
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
https://stg.youraccountonline.com
x-xss-protection
0
Server
nginx
interact
nzfire.oktapreview.youraccountonline.com/oauth2/default/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nzfire.oktapreview.youraccountonline.com/oauth2/default/v1/interact
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a556120ce37110a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-okta-user-agent-extended
Access-Control-Request-Method
POST
Origin
https://stg.youraccountonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Date
Sun, 17 Nov 2024 12:16:13 GMT
Keep-Alive
timeout=5, max=98
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-Robots-Tag
noindex,nofollow
accept-ch
Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
x-okta-user-agent-extended,Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://stg.youraccountonline.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control
no-cache, no-store
content-security-policy
default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
x-okta-request-id
ZznejcrT0yKbdzc0Of7w6AAACrU
x-rate-limit-limit
10000
x-rate-limit-remaining
9999
x-rate-limit-reset
1731845833
x-xss-protection
0
utag.4.js
tags.tiqcdn.com/utag/mercer/financial/qa/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mercer/financial/qa/utag.4.js?utv=ut4.48.202407101833
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.56934e461ff6c436f962a5990541a527.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2219:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c335807c4224d3d8a72f01400d891b059295d45159475b58ccf01a288d7dceb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/

Response headers

vary
accept-encoding
cache-control
max-age=1296000
content-encoding
br
etag
W/"406d0c1f5878082b16bc76e20b61f7c6"
x-amz-version-id
ap2QKRs_xTCgnIQiaLF7f.G7ADHczjRA
via
1.1 3a09808c80f02e165c92f14754676eea.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
9TjbZuEmytNoC2eg2Fxc0O3cq9YncSaKAEoW_mlX-QQ6yb7fThJZ_A==
date
Sun, 17 Nov 2024 12:16:15 GMT
content-type
application/javascript
last-modified
Fri, 15 Nov 2024 04:33:51 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P1
x-amz-server-side-encryption
AES256
firesuper-favicon-32x32.JPG
stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/firesuper-favicon-32x32.JPG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1ecc9699272bf7cec87e50f262d1026a3c37c147f22cb1be558fdeac0f258cd4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=604800
etag
"621-5bfc1f7878380"
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 12:16:13 GMT
accept-ranges
bytes
content-length
1569
date
Sun, 17 Nov 2024 12:16:13 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 12 Apr 2021 08:04:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
firesuper-favicon-32x32.JPG
stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/firesuper-favicon-32x32.JPG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1ecc9699272bf7cec87e50f262d1026a3c37c147f22cb1be558fdeac0f258cd4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=604800
etag
"621-5bfc1f7878380"
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 12:16:13 GMT
accept-ranges
bytes
content-length
1569
date
Sun, 17 Nov 2024 12:16:13 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 12 Apr 2021 08:04:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
firesuper-favicon-32x32.JPG
stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/firesuper-favicon-32x32.JPG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1ecc9699272bf7cec87e50f262d1026a3c37c147f22cb1be558fdeac0f258cd4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=604800
etag
"621-5bfc1f7878380"
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 12:16:13 GMT
accept-ranges
bytes
content-length
1569
date
Sun, 17 Nov 2024 12:16:13 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 12 Apr 2021 08:04:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
firesuper-favicon-32x32.JPG
stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://stg.youraccountonline.com/content/dam/mercer-pacific/nz/firesuper/logo/firesuper-favicon-32x32.JPG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.9.62.47 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-62-47.us-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1ecc9699272bf7cec87e50f262d1026a3c37c147f22cb1be558fdeac0f258cd4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/form/nz/FIRESUPER/public-pages/login.html

Response headers

dispatcher
newenv
x-robots-tag
noindex, nofollow, noarchive, nosnippet
content-security-policy
frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
cache-control
max-age=604800
etag
"621-5bfc1f7878380"
x-content-type-options
nosniff
expires
Sun, 24 Nov 2024 12:16:13 GMT
accept-ranges
bytes
content-length
1569
date
Sun, 17 Nov 2024 12:16:13 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 12 Apr 2021 08:04:46 GMT
server
Apache
x-frame-options
SAMEORIGIN
introspect
nzfire.oktapreview.youraccountonline.com/idp/idx/ 		24 KB
27 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://nzfire.oktapreview.youraccountonline.com/idp/idx/introspect
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.18.0/js/okta-sign-in.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a556120ce37110a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
c4f90fbbec1a7f8d1a77dd90b6c73f4f2991d1a59866c1f11ce24c1ed07cc0e5
Security Headers
Name Value
Content-Security-Policy default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

X-Okta-User-Agent-Extended
okta-auth-js/7.0.1 okta-signin-widget-7.18.0
Referer
https://stg.youraccountonline.com/
Accept-Language
en
Accept
application/ion+json; okta-version=1.0.0
Content-Type
application/ion+json; okta-version=1.0.0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

X-Robots-Tag
noindex,nofollow
x-rate-limit-limit
2000
x-content-type-options
nosniff
expires
0
p3p
CP="HONK"
Keep-Alive
timeout=5, max=98
Date
Sun, 17 Nov 2024 12:16:14 GMT
Content-Type
application/ion+json;okta-version=1.0.0
x-rate-limit-remaining
1999
vary
Origin
x-okta-request-id
Zznejk2aqaV9Sk1KOZCwwAAACvc
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=315360000; includeSubDomains
content-security-policy
default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
cache-control
no-cache, no-store
x-rate-limit-reset
1731845834
pragma
no-cache
accept-ch
Sec-CH-UA-Platform-Version
Connection
Keep-Alive
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
access-control-allow-origin
https://stg.youraccountonline.com
x-xss-protection
0
Server
nginx
introspect
nzfire.oktapreview.youraccountonline.com/idp/idx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://nzfire.oktapreview.youraccountonline.com/idp/idx/introspect
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.244.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a556120ce37110a35.awsglobalaccelerator.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
Strict-Transport-Security max-age=315360000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-okta-user-agent-extended
Access-Control-Request-Method
POST
Origin
https://stg.youraccountonline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
0
Date
Sun, 17 Nov 2024 12:16:13 GMT
Keep-Alive
timeout=5, max=97
Server
nginx
Strict-Transport-Security
max-age=315360000; includeSubDomains
X-Robots-Tag
noindex,nofollow
accept-ch
Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-okta-user-agent-extended,Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
https://stg.youraccountonline.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
cache-control
no-cache, no-store
content-security-policy
default-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; connect-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.mixpanel.com *.mapbox.com *.mtls.oktapreview.com mercersuper.kerberos.oktapreview.com *.authenticatorlocalprod.com:8769 http://localhost:8769 http://127.0.0.1:8769 *.authenticatorlocalprod.com:65111 http://localhost:65111 http://127.0.0.1:65111 *.authenticatorlocalprod.com:65121 http://localhost:65121 http://127.0.0.1:65121 *.authenticatorlocalprod.com:65131 http://localhost:65131 http://127.0.0.1:65131 *.authenticatorlocalprod.com:65141 http://localhost:65141 http://127.0.0.1:65141 *.authenticatorlocalprod.com:65151 http://localhost:65151 http://127.0.0.1:65151 https://oinmanager.okta.com data: *.ingest.sentry.io data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' 'report-sample' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; style-src 'unsafe-inline' 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com; frame-src 'self' mercersuper.oktapreview.com mercersuper-admin.oktapreview.com nzfire.oktapreview.youraccountonline.com login.okta.com *.vidyard.com com-okta-authenticator:; img-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com *.oktacdn.com *.tiles.mapbox.com *.mapbox.com *.vidyard.com data: data.pendo.io pendo-static-5634101834153984.storage.googleapis.com pendo-static-5391521872216064.storage.googleapis.com blob:; font-src 'self' mercersuper.oktapreview.com nzfire.oktapreview.youraccountonline.com data: *.oktacdn.com fonts.gstatic.com; frame-ancestors 'self'
expires
0
p3p
CP="HONK"
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
vary
Origin
x-frame-options
SAMEORIGIN
x-okta-request-id
ZznejcrT0yKbdzc0Of7w7AAACrU
x-rate-limit-limit
10000
x-rate-limit-remaining
9998
x-rate-limit-reset
1731845833
x-xss-protection
0
okticon.woff
global.oktacdn.com/okta-signin-widget/7.18.0/font/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/7.18.0/font/okticon.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-50.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://stg.youraccountonline.com
Referer
https://global.oktacdn.com/okta-signin-widget/7.18.0/css/okta-sign-in.min.css

Response headers

x-amz-version-id
gbWGZOrUIZF2qJSJrl.mwZEOLnX___jo
etag
"db28723126138387cdf40680e6e0fa5d"
age
19078
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
gtLJyS-Vi61KxyW1_Fm8D7ydKdKWW3-JuFuNZyjXjcSge-EspLGl4w==
date
Sun, 17 Nov 2024 12:16:14 GMT
content-type
application/octet-stream
vary
Accept-Encoding
last-modified
Wed, 01 May 2024 17:48:07 GMT
strict-transport-security
max-age=315360000
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,s-maxage=1814400
via
1.1 1ec5c4b165968f8e5c872b374a497e8e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
20600
x-amz-cf-pop
NRT57-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
montserrat-okta-light-webfont.woff
global.oktacdn.com/okta-signin-widget/7.18.0/font/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/7.18.0/font/montserrat-okta-light-webfont.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-50.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://stg.youraccountonline.com
Referer
https://global.oktacdn.com/okta-signin-widget/7.18.0/css/okta-sign-in.min.css

Response headers

x-amz-version-id
XFbO9HUQWzNmo5bjz4mMH.sUXxUEWGqc
etag
"6225f3ca44b83090833064727a09cc95"
age
19078
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
SOsf7hfsISMEmrcUI9xC7r9_F-0a5cUptE9HfUCx_egUoc9um_9wbw==
date
Sun, 17 Nov 2024 12:16:14 GMT
content-type
application/octet-stream
vary
Accept-Encoding
last-modified
Wed, 01 May 2024 17:48:07 GMT
strict-transport-security
max-age=315360000
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,s-maxage=1814400
via
1.1 1ec5c4b165968f8e5c872b374a497e8e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
22112
x-amz-cf-pop
NRT57-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
montserrat-okta-regular-webfont.woff
global.oktacdn.com/okta-signin-widget/7.18.0/font/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://global.oktacdn.com/okta-signin-widget/7.18.0/font/montserrat-okta-regular-webfont.woff
Requested by
Host: global.oktacdn.com
URL: https://global.oktacdn.com/okta-signin-widget/7.18.0/css/okta-sign-in.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-50.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://stg.youraccountonline.com
Referer
https://global.oktacdn.com/okta-signin-widget/7.18.0/css/okta-sign-in.min.css

Response headers

x-amz-version-id
VR2.7GX8paox..nLK_eFW_nPpcL2sRkn
etag
"8f2822b73b5f9c106c6f2e0db820bcbb"
age
52432
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
4aG8rgs7mQhPUceq_wuqKOZ8cxG_wHOcxSIh5cySHDm7Kd68axIXNA==
date
Sat, 16 Nov 2024 21:42:23 GMT
content-type
application/octet-stream
last-modified
Wed, 01 May 2024 17:48:07 GMT
strict-transport-security
max-age=315360000
x-amz-replication-status
COMPLETED
cache-control
public,max-age=31536000,s-maxage=1814400
via
1.1 1ec5c4b165968f8e5c872b374a497e8e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
21980
x-amz-cf-pop
NRT57-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
id
dpm.demdex.net/ 		363 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=7205F0F5559E57A87F000101%40AdobeOrg&d_nsid=0&ts=1731845774789
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.56934e461ff6c436f962a5990541a527.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.112.78.120 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-78-120.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
82d397745bed70201f4ba1c41aa0585a9b2e0d04c3d8b4e399ab3b8f83552fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://stg.youraccountonline.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-tyo3-1-v066-0d94fe726.edge-tyo3.demdex.com 1 ms
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
x-tid
jiPQlAM5Taw=
expires
Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin
https://stg.youraccountonline.com
content-length
308
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sun, 17 Nov 2024 12:16:14 GMT
content-type
application/json;charset=utf-8
vary
Origin
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mercer/financial/202411150433&cb=1731845774791
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.56934e461ff6c436f962a5990541a527.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2219:ac00:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag
"7bc0ee636b3b83484fc3b9348863bd22"
age
108
x-cache
Hit from cloudfront
x-amz-cf-id
25W58GZviSr-cOUOXfslonMfVPIIU-y4S13YvramzuOXPth5ZrFjTQ==
date
Sun, 17 Nov 2024 12:14:27 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
cache-control
max-age=300
via
1.1 3a09808c80f02e165c92f14754676eea.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2
x-amz-cf-pop
NRT57-P1
server
AmazonS3
x-amz-server-side-encryption
AES256
dest5.html
mmc.demdex.net/ Frame 4EE2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mmc.demdex.net/dest5.html?d_nsid=0
Requested by
Host: stg.youraccountonline.com
URL: https://stg.youraccountonline.com/etc.clientlibs/clientlibs/granite/jquery/granite/csrf.min.56934e461ff6c436f962a5990541a527.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.180.1.246 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-180-1-246.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://stg.youraccountonline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 17 Nov 2024 12:16:14 GMT
dcs
dcs-prod-tyo3-2-v066-002433a87.edge-tyo3.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 11 Nov 2024 10:49:21 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
8P4fb097SkQ=
ibs:dpid=411&dpuuid=ZznejwAAAB3fGAOa
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=22405725867877538424087960979618683159
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZznejwAAAB3fGAOa
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZznejwAAAB3fGAOa
Protocol
H2
Server
13.112.78.120 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-78-120.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-tyo3-1-v066-098161459.edge-tyo3.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
UqUjlUG5Q9M=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Sun, 17 Nov 2024 12:16:15 GMT
content-type
image/gif

Redirect headers

Cache-Control
no-cache
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZznejwAAAB3fGAOa
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length
0
Date
Sun, 17 Nov 2024 12:16:15 GMT
Connection
keep-alive
Server
AMO-cookiemap/1.1
s67092834186675
mercer.sc.omtrdc.net/b/ss/mmclmercerfinservicesaus/1/JS-2.22.0/ 		43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mercer.sc.omtrdc.net/b/ss/mmclmercerfinservicesaus/1/JS-2.22.0/s67092834186675?AQB=1&ndh=1&pf=1&t=17%2F10%2F2024%2021%3A16%3A14%200%20-540&sdid=125616A28D8C6944-2664D2318E242FD9&mid=22402539224668371814086380238457382104&aamlh=11&ce=UTF-8&cdp=2&pageName=https%3A%2F%2Fstg.youraccountonline.com%2Fform%2Fnz%2FFIRESUPER%2Fpublic-pages%2Flogin.html&g=https%3A%2F%2Fstg.youraccountonline.com%2Fform%2Fnz%2FFIRESUPER%2Fpublic-pages%2Flogin.html&c.&getPageLoadTime=2.0.1&.c&cc=AUD&server=stg.youraccountonline.com&events=event4&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c4=Login&v4=Secure%20Site&v8=D%3Dc13&c11=https%3A%2F%2Fstg.youraccountonline.com%2Fform%2Fnz%2FFIRESUPER%2Fpublic-pages%2Flogin.html&c13=9%3A16%20PM%7CSunday&v16=New&v19=https%3A%2F%2Fstg.youraccountonline.com%2Fform%2Fnz%2FFIRESUPER%2Fpublic-pages%2Flogin.html&v20=Login&c62=D%3Dv107&v107=22402539224668371814086380238457382104&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=7205F0F5559E57A87F000101%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.50.167 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://stg.youraccountonline.com/

Response headers

x-adobe-ingress
hp
cache-control
no-cache, no-store, max-age=0, no-transform, private
pragma
no-cache
etag
3719110480543612928-4618470709180590889
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 12:16:14 GMT
access-control-allow-origin
*
p3p
CP="This is not a P3P policy"
content-length
43
date
Sun, 17 Nov 2024 12:16:14 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 18 Nov 2024 12:16:14 GMT
vary
*
server
jag
content-type
image/gif;charset=utf-8

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| GraniteClientLibraryManager object| CQClientLibraryManager object| GraniteTiming function| $ function| jQuery object| regeneratorRuntime function| jQueryCourage object| u2f function| OktaSignIn object| Granite function| detectDevice function| getCookieValue function| updateOktaLabelConfig object| searchParams object| oktaProperties object| oktaConfig string| contextController string| errorPage function| enableActivateButton function| callOKTASecureService function| createErrorElement function| removeErrorElement function| isDateValid function| oktaLogout function| oktaLogoutWithDirect function| callAuthenticationTokenServlet function| setCookie function| addLocalStorage object| Plugins function| evoButtonInteractive function| evoButtonDisabled function| evoFormPlaceholderPolyFill function| evoInputNumericMask function| evoAutofocus function| evoCheckboxesSelectAllToggle function| evoToggleElement object| evoAutocompleteDefaults function| evoAutocomplete object| evoCarouselDefaults function| evoCarousel object| evoDataTableDefaults function| evoDataTable object| evoDatepickerDefaults function| evoDatepicker object| evoScrollPaneDefaults function| evoScrollPane object| evoSliderDefaults function| evoSlider object| evoSliderRangeDefaults function| evoSliderRange object| evoSliderRangeSingleHandleDefaults function| evoSliderRangeSingleHandle function| evoTopBarMegaMenu object| renderFunctions function| callAPIWithCallback function| callAPI function| successHandler function| errorHandler function| showLoadingImage function| hideLoadingImage function| showGlicthError function| showComponentSpinner function| hideComponentSpinner function| createLoadingImage function| getHeaders function| getRequestJSON function| getCtrlPermission function| getJsonPropertyValue function| getJsonValue function| validateData function| validateJson function| commaSeparateNumber function| removeValueSymbols function| countDecimals function| numberWithCommasAndSuffix function| numberWithCommasAndPrefix function| animateMyNumber function| animateMyNumberWithSuffix function| animateMyNumberWithPrefix function| numberWithCommas function| getParameterByName function| sendEmail function| formConfirmationMsg function| welcomeMessage function| getAuthoredJsonValueData function| varValid function| getAuthoredJsonMultiValueData function| adjustFooter function| getInvestmentCardModalContent function| printError function| setDefaultFormFieldVal function| scrollToTop function| titleCase function| hideComponentInApp function| setSubCtrlPermissions function| getMemberIdentifier function| camelizeText function| formatAmount function| isValidDate function| formatDate function| doCheckInstance object| Log4js object| log4jsLogger object| log string| isProd string| isStage function| escapeRegExp function| replaceAll function| validateTextArea function| textCounter function| populateOtherProducts function| hiddenBoxGenerate function| getFirstHomeWithdrawal function| saveFirstHomeWithdrawlDetails function| recordKiwiSaverHomeStartGrantDetails function| requestJsonFunction string| emailAddrField string| confirmEmailAddrField string| emailAddrNoJsonRow function| validateEmail function| validateCEmail function| statusValidation function| validateTopic object| fileInfoArr object| fileAttachNameArr object| fileInfo boolean| isDropzoneErrFlag boolean| fileTypeFlag boolean| maxNoOfFilesFlag boolean| singleFileSizeFlag boolean| totalAttachSizeFlag string| multiFileUploadId string| maxFilesErrorId string| maxSizeErrorId string| fileSizeErrorId string| fileTypesErrorId string| multiFileInfoTextCls function| validateMultifileUpload function| toggleMultifileInfoText function| validateAttachment string| fullNameField string| firstNameField string| secondNameField function| fullNameValidation function| firstNameValidation function| secondNameValidation string| headerLogo string| mobileLogo string| toolTip string| logoWidth string| logoLink string| favicon string| footerLogo string| showreset string| htmldata string| mobiledata string| footerdata number| t0 object| clientJsonData number| t1 function| clientDetailsKey string| mobileNumField function| getContactNumber function| validatePhoneNumber function| contactOnSubmitValidation function| currentStepActivate function| doAPICall function| FastClick object| Foundation boolean| mCustomScrollbar object| AniJS function| Dropzone function| default object| utag function| loadLibrary object| adobe function| Visitor object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap object| s_c_il number| s_c_in object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt string| pageName function| cookieWrite function| cookieRead function| p_fo object| __fo string| g number| ptc object| s_i_mmclmercerfinservicesaus

18 Cookies

Domain/Path Name / Value
stg.youraccountonline.com/ Name: renderid
Value: 0
.youraccountonline.com/ Name: utag_main
Value: v_id:01933a0d5954007c5adebb54b25805065004b05d00b08$_sn:1$_se:1$_ss:1$_st:1731847573655$ses_id:1731845773655%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:youraccountonline.com
stg.youraccountonline.com/ Name: AWSALB
Value: ohmlmiTJoocQncw2htwv8UheXoz82EBQNiTmI7zIE0937mDDvOjVgfzYY23MD7thUxRFPU3pmCHQTlPhIMIMMBPcVGbL85tXRFqBEes30gjQmoMuEELL0f6GrPWW
stg.youraccountonline.com/ Name: AWSALBCORS
Value: ohmlmiTJoocQncw2htwv8UheXoz82EBQNiTmI7zIE0937mDDvOjVgfzYY23MD7thUxRFPU3pmCHQTlPhIMIMMBPcVGbL85tXRFqBEes30gjQmoMuEELL0f6GrPWW
nzfire.oktapreview.youraccountonline.com/ Name: DT
Value: DI1wdlG68FKSDyBL7PTtr9zCA
nzfire.oktapreview.youraccountonline.com/ Name: JSESSIONID
Value: C9EF6629B4B1491147FD2ED5028785D4
.demdex.net/ Name: demdex
Value: 22405725867877538424087960979618683159
.youraccountonline.com/ Name: AMCVS_7205F0F5559E57A87F000101%40AdobeOrg
Value: 1
.youraccountonline.com/ Name: gpv_url
Value: https%3A%2F%2Fstg.youraccountonline.com%2Fform%2Fnz%2FFIRESUPER%2Fpublic-pages%2Flogin.html
.youraccountonline.com/ Name: s_nr
Value: 1731845774894-New
.youraccountonline.com/ Name: s_ppn
Value: https%3A%2F%2Fstg.youraccountonline.com%2Fform%2Fnz%2FFIRESUPER%2Fpublic-pages%2Flogin.html
.youraccountonline.com/ Name: s_ppvl
Value: %5B%5BB%5D%5D
.youraccountonline.com/ Name: s_ppv
Value: https%253A%2F%2Fstg.youraccountonline.com%2Fform%2Fnz%2FFIRESUPER%2Fpublic-pages%2Flogin.html%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.youraccountonline.com/ Name: s_plt
Value: 3.16
.youraccountonline.com/ Name: s_pltp
Value: https%3A%2F%2Fstg.youraccountonline.com%2Fform%2Fnz%2FFIRESUPER%2Fpublic-pages%2Flogin.html
.youraccountonline.com/ Name: s_cc
Value: true
.dpm.demdex.net/ Name: dpm
Value: 22405725867877538424087960979618683159
.youraccountonline.com/ Name: AMCV_7205F0F5559E57A87F000101%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C20045%7CMCMID%7C22402539224668371814086380238457382104%7CMCAAMLH-1732450574%7C11%7CMCAAMB-1732450574%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1731852974s%7CNONE%7CMCSYNCSOP%7C411-20052%7CvVersion%7C5.2.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://mercercrm--full2--cloupra.sandbox.vf.force.com/ https://mercercrm--full--cloupra.sandbox.vf.force.com/ https://mercercrm--cloupra.vf.force.com/ https://mercercrm--full2--c.sandbox.vf.force.com/ https://mercercrm--partial.sandbox.my.salesforce.com/ https://mercercrm--partial--cloupra.sandbox.vf.force.com/ https://mercersupercrm--full--c.sandbox.vf.force.com/ https://mercersupercrm--full.sandbox.lightning.force.com/ https://mercersupercrm--full.sandbox.my.salesforce.com/ https://mercersupercrm--c.vf.force.com/ https://mercersupercrm.lightning.force.com/ https://mercersupercrm.my.salesforce.com/ https://mercercrm--c.vf.force.com/
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.everesttech.net
dpm.demdex.net
global.oktacdn.com
mercer.sc.omtrdc.net
mmc.demdex.net
nzfire.oktapreview.youraccountonline.com
stg.youraccountonline.com
tags.tiqcdn.com
13.112.78.120
13.248.244.122
18.142.248.184
18.180.1.246
18.65.185.50
2600:9000:2219:ac00:7:2bfb:7c00:93a1
52.9.62.47
63.140.50.167
0e47f4d2af98bfe77921113c8aaf0c53614f88ff14ff819be6612538611ed3d1
1c335807c4224d3d8a72f01400d891b059295d45159475b58ccf01a288d7dceb
1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3
1ecc9699272bf7cec87e50f262d1026a3c37c147f22cb1be558fdeac0f258cd4
20d73127daaf5944b38cf90c3b172b00b291362f431591fb5dd80f861d77ebd0
2222db64984fcf333baf4229b1ffda12d68fb942f8ee7f91b38a260020791998
23d261cb74bc8d68d6876391edbff66804d792427b481009174de2540db77858
345ce190740e5d757880a43ea538562ec2d9f48ce0f6084b538d1d098f8e1427
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
473b728e0743f00e5948b88eaafcc03f63d728d36a1914031f90c23f1bf62ec0
515394110439a7aafe62229bbda44a768a1d938a2053d92764fae16b2aba5e81
791eb406df67386e97443cf46ba1e26949ab7cd155b54bdba07a6d5a7482168b
7eccbb3b4b68f9f24a3b826f2eea4a1bbb48196cb734afc1b62c3d045cb680e1
822f8a41ea0e985532f01fe89832657b56436407bacfd5a481c5cf997f7bc487
82d397745bed70201f4ba1c41aa0585a9b2e0d04c3d8b4e399ab3b8f83552fc3
88266d543004e27b48544d6c4e4fc3077e78d7a1ca5c363050654e634abd8413
923ab93982d80339ca430ada2243b32368f2f8b4e7c20cb5b949f00719d2e456
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a6921769802d84547c43bb03778d472a27b91d2c5515ae542c4d39462a06c695
ae66cbb491a4c3399cfd27da20655d67604377ccc03e79f20736eb95f80a044f
c4f90fbbec1a7f8d1a77dd90b6c73f4f2991d1a59866c1f11ce24c1ed07cc0e5
df0993ac6e17d21ac516d43224ef5d3f3413ba5eb0a26b18b4c28952f3cc8e72
dfce14907dfa12c1234c3e31cc3b8ec6ce56ca598c3205244ef598ac62915981
e8cefc46a1d3bc8e7e66399561998518e710f58053edf88d92cae906a942d30d
ecb234a949d3b97cd08e73e7f232284244d0b310fad05be89d3aa66d18c5b15d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace