www.financialengines.com Open in urlscan Pro
2a02:26f0:480:598::2d5b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.mail.edelmanfinancialengines.com/?qs=e17c87636c3fc0a7017223976266a890376f5d5905d1c0cca4fcf42e643b97c6b971c58154c40571a0fc832f31fd...
Effective URL:
https://www.financialengines.com/app/enc/
Submission: On December 12 via api (December 12th 2024, 4:06:35 pm UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 10 domains to perform 60 HTTP transactions. The main IP is 2a02:26f0:480:598::2d5b, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1 Akamai International B.V., NL. The main domain is www.financialengines.com. The Cisco Umbrella rank of the primary domain is 113133.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 16th 2024. Valid for: a year.

This is the only time www.financialengines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.148.97 13.111.148.97	14340 (SALESFORCE) (SALESFORCE)
1 3	2a02:26f0:480... 2a02:26f0:480:598::2d5b	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
2	2a02:26f0:480... 2a02:26f0:480:f9d::1e80	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
12	2600:9000:26e... 2600:9000:26e8:b800:1f:d227:e8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.222 63.140.62.222	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6812:572a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	143.204.98.3 143.204.98.3	16509 (AMAZON-02) (AMAZON-02)
3	44.242.134.223 44.242.134.223	16509 (AMAZON-02) (AMAZON-02)
3	100.25.67.126 100.25.67.126	14618 (AMAZON-AES) (AMAZON-AES)
4	143.204.98.90 143.204.98.90	16509 (AMAZON-02) (AMAZON-02)
2	108.138.26.5 108.138.26.5	16509 (AMAZON-02) (AMAZON-02)
3	44.194.24.212 44.194.24.212	14618 (AMAZON-AES) (AMAZON-AES)
2	13.32.27.68 13.32.27.68	16509 (AMAZON-02) (AMAZON-02)
60	16

1 13.111.148.97 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.mail.edelmanfinancialengines.com

click.mail.edelmanfinancialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:598::2d5b (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

www.financialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f9d::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:26e8:b800:1f:d227:e8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.financialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-222.data.adobedc.net

edge.adobedc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
somtr.financialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:572a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 143.204.98.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-3.fra50.r.cloudfront.net

gateway.financialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.242.134.223 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-134-223.us-west-2.compute.amazonaws.com

http-inputs-financialengines.splunkcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 100.25.67.126 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-67-126.compute-1.amazonaws.com

apps.mypurecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.98.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-90.fra50.r.cloudfront.net

images.financialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.26.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-5.fra56.r.cloudfront.net

api-cdn.mypurecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.194.24.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-24-212.compute-1.amazonaws.com

apps.mypurecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.27.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-68.fra56.r.cloudfront.net

api.mypurecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	financialengines.com 1 redirects www.financialengines.com — Cisco Umbrella Rank: 113133 cdn.financialengines.com gateway.financialengines.com — Cisco Umbrella Rank: 309049 somtr.financialengines.com — Cisco Umbrella Rank: 388167 images.financialengines.com — Cisco Umbrella Rank: 624797	784 KB
10	mypurecloud.com apps.mypurecloud.com — Cisco Umbrella Rank: 9970 api-cdn.mypurecloud.com — Cisco Umbrella Rank: 19807 api.mypurecloud.com — Cisco Umbrella Rank: 16840	113 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 329	143 KB
3	splunkcloud.com http-inputs-financialengines.splunkcloud.com — Cisco Umbrella Rank: 297208	858 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353	57 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	239 KB
2	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 458	73 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 514	295 B
1	adobedc.net edge.adobedc.net — Cisco Umbrella Rank: 3794	884 B
1	edelmanfinancialengines.com 1 redirects click.mail.edelmanfinancialengines.com — Cisco Umbrella Rank: 358712	396 B
60	10

	Domain	Requested by
12	cdn.financialengines.com	www.financialengines.com cdn.financialengines.com
10	gateway.financialengines.com	cdn.financialengines.com
10	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org cdn.financialengines.com
6	apps.mypurecloud.com	cdn.financialengines.com apps.mypurecloud.com
4	images.financialengines.com	cdn.financialengines.com
3	http-inputs-financialengines.splunkcloud.com	cdn.financialengines.com
3	www.financialengines.com	1 redirects
2	api.mypurecloud.com	apps.mypurecloud.com cdn.financialengines.com
2	api-cdn.mypurecloud.com	cdn.financialengines.com
2	region1.google-analytics.com	www.googletagmanager.com cdn.financialengines.com
2	www.googletagmanager.com	www.financialengines.com www.googletagmanager.com
2	assets.adobedtm.com	www.financialengines.com assets.adobedtm.com
1	somtr.financialengines.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	edge.adobedc.net	assets.adobedtm.com
1	click.mail.edelmanfinancialengines.com	1 redirects
60	16

This site contains links to these domains. Also see Links.

Domain
legaldocs.financialengines.io
www.edelmanfinancialengines.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.financialengines.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-16` - `2025-02-18`	a year	crt.sh
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-09` - `2025-08-09`	a year	crt.sh
cdn.financialengines.com Amazon RSA 2048 M03	`2024-07-22` - `2025-08-20`	a year	crt.sh
edge.adobedc.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-22` - `2025-11-22`	a year	crt.sh
*.google-analytics.com WR2	`2024-11-04` - `2025-01-27`	3 months	crt.sh
cookielaw.org WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
geolocation.onetrust.com WE1	`2024-12-09` - `2025-03-09`	3 months	crt.sh
gateway.financialengines.com Amazon RSA 2048 M03	`2024-03-03` - `2025-04-01`	a year	crt.sh
*.financialengines.splunkcloud.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-22` - `2025-09-24`	a year	crt.sh
somtr.financialengines.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-04-09` - `2025-05-10`	a year	crt.sh
mypurecloud.com Amazon RSA 2048 M02	`2024-07-18` - `2025-08-14`	a year	crt.sh
images.financialengines.com Amazon RSA 2048 M02	`2024-01-27` - `2025-02-24`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.financialengines.com/app/enc/
Frame ID: 04D0E15ABF78CAFAF3814B764C906C8F
Requests: 53 HTTP requests in this frame

Frame: https://apps.mypurecloud.com/messenger/thirdparty-plugins.html
Frame ID: 3E2081060CD134A5BC809936381746D5
Requests: 1 HTTP requests in this frame

Frame: https://apps.mypurecloud.com/messenger/messenger.html
Frame ID: 6CA0D03D3B0151E0F8EED66E686D3AEC
Requests: 1 HTTP requests in this frame

Frame: https://apps.mypurecloud.com/messenger/messenger-renderer.html
Frame ID: 976B3E7CCBCDCC4FFBD1162FAD75800E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Confirm Identity | Edelman Financial Engines

Page URL History Show full URLs

https://click.mail.edelmanfinancialengines.com/?qs=e17c87636c3fc0a7017223976266a890376f5d5905d1c0cca4fcf42e643b97c6b971c581... HTTP 302
https://www.financialengines.com/framework/emaillogin.act?&tok=ex3vkrjoayku27xvz628dwrrbqdty3fo&type=TWO_FACT... HTTP 302
https://www.financialengines.com/app/enc/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Genesys Cloud (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

apps\.mypurecloud\.\w+

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

60
Requests

100 %
HTTPS

44 %
IPv6

10
Domains

16
Subdomains

16
IPs

2
Countries

1353 kB
Transfer

4159 kB
Size

16
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://legaldocs.financialengines.io/Master/FEA_PrivacyPolicy_MA.pdf
Title: Privacy Policy.

Search URL Search Domain Scan URL

URL: https://www.edelmanfinancialengines.com/about-us/edelman-financial-engines
Title: About Edelman Financial Engines

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/OnlinePrivacyStatement.pdf
Title: Online Privacy Statement

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/Chat_Usage_terms.pdf
Title: Chat Usage Terms

Search URL Search Domain Scan URL

URL: https://www.edelmanfinancialengines.com/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.mail.edelmanfinancialengines.com/?qs=e17c87636c3fc0a7017223976266a890376f5d5905d1c0cca4fcf42e643b97c6b971c58154c40571a0fc832f31fd2a7db1793271e425298b505bc49ba489ab4d HTTP 302
https://www.financialengines.com/framework/emaillogin.act?&tok=ex3vkrjoayku27xvz628dwrrbqdty3fo&type=TWO_FACTOR_LOGIN&s_cid=em:FMR:comcast:Nurture_Non_Member_QRU:NON_MEMBER_QRU:NON_MEMBER_QRU_NEED_INFO:382630|9780797|1664 HTTP 302
https://www.financialengines.com/app/enc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.financialengines.com/app/enc/
Redirect Chain

https://click.mail.edelmanfinancialengines.com/?qs=e17c87636c3fc0a7017223976266a890376f5d5905d1c0cca4fcf42e643b97c6b971c58154c40571a0fc832f31fd2a7db1793271e425298b505bc49ba489ab4d
https://www.financialengines.com/framework/emaillogin.act?&tok=ex3vkrjoayku27xvz628dwrrbqdty3fo&type=TWO_FACTOR_LOGIN&s_cid=em:FMR:comcast:Nurture_Non_Member_QRU:NON_MEMBER_QRU:NON_MEMBER_QRU_NEED_...
https://www.financialengines.com/app/enc/

4 KB
2 KB

205ms
205ms

Document
text/html

2a02:26f0:480:598::2d5b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.financialengines.com/app/enc/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:598::2d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c16b356505200a8ab6991b091d501aaf2a1d4aa952d05423dadd979e60ccf587

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1503
Content-Type: text/html
Date: Thu, 12 Dec 2024 16:06:28 GMT
ETag: "99fe1a036619651647a509e5f0d8e760-gzip"
Last-Modified: Thu, 05 Dec 2024 21:12:47 GMT
Server: AmazonS3
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
x-amz-id-2: vHo5OqAM8MDwJD9tzXm7WaJXS0NUUplJLxMTh2SfTBpBMY4WsUs+1lEi0Qdbp6BIruOD6tqMhK8=
x-amz-request-id: 46JP6NZ1TPD0PXQC

Redirect headers

Connection: keep-alive
Content-Language: de-DE
Content-Length: 0
Date: Thu, 12 Dec 2024 16:06:28 GMT
Location: /app/enc/#/enrollment/confirm-identity?s_cid=em%3AFMR%3Acomcast%3ANurture_Non_Member_QRU%3ANON_MEMBER_QRU%3ANON_MEMBER_QRU_NEED_INFO%3A382630%7C9780797%7C1664&fromPoint=&type=TWO_FACTOR_LOGIN&tok=ex3vkrjoayku27xvz628dwrrbqdty3fo&purlParamInfo=
Server: Apache
X-Frame-Options: SAMEORIGIN

GET
H2 200 launch-ENc8ac787d61af47d3b077ad4b56448bf9.min.js Show response
assets.adobedtm.com/ 200 KB
61 KB 43ms
11ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/launch-ENc8ac787d61af47d3b077ad4b56448bf9.min.js

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

b58fd13f604dcac90236f5c87abf065ec7193b15741a25f7ddcda54866349e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

cache-control: max-age=3600
timing-allow-origin: *
content-encoding: gzip
etag: "81abba37d166f87a0b9495a699fc38c0:1715271012.196552"
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 17:06:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.financialengines.com
content-length: 62224
date: Thu, 12 Dec 2024 16:06:28 GMT
content-type: application/x-javascript
last-modified: Thu, 09 May 2024 16:10:12 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

GET
H2 200 common~ds.c6f558e344b80f34.css
cdn.financialengines.com/app/enc/ 4 KB
939 B 82ms
11ms Stylesheet
text/css 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/common~ds.c6f558e344b80f34.css

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3125184c50dbf78a4f8eab80080291b004105745c43df3bf89907231f0e8cc42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-encoding: br
etag: W/"0f6b7f7a1a82eb9113a5f8bb8f20eb77"
age: 31628
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: arZiK1y1IWvB87RqYPJUWJ_u7gsc5axRk0ms4tjpuoj56DtLiWuMTg==
date: Thu, 12 Dec 2024 07:19:21 GMT
content-type: text/css
vary: accept-encoding, Origin
last-modified: Thu, 05 Dec 2024 21:12:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 28f8e84a396255d768dd04c506bf86f0.cloudfront.net (CloudFront)
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 runtime.051ddc5e22d439be.js Show response
cdn.financialengines.com/app/enc/ 4 KB
3 KB 84ms
14ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/runtime.051ddc5e22d439be.js

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

11e9d44177b2e438f445421e3b5827719fee9139f41db6431feeb612292193ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"238f3ed6e0eef0178829ea5d44840a58"
age: 31628
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: ivIfpbzqbs6b2gysryyxO_zxvteRBoxZ0478vIrT7ABS-SgPx2R3nQ==
date: Thu, 12 Dec 2024 07:19:21 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 polyfills.js Show response
cdn.financialengines.com/app/enc/ 97 KB
37 KB 96ms
26ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/polyfills.js

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

87a1aa1897d0c9e343a201a522968491a68738a2e93e9efac466e0bd61caef69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"216e564d1e280c52e51d50d635328693"
age: 31628
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: -nbSTwFEXjFH6TuiZ5mBasPpSqXC0zWQuy8KRj5WzaCF2ULnnv6K-g==
date: Thu, 12 Dec 2024 07:19:21 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor~react.11082ef6a56f21f8.js Show response
cdn.financialengines.com/app/enc/ 272 KB
82 KB 424ms
354ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/vendor~react.11082ef6a56f21f8.js

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bb705de922069a0f44704bc330ee3745240968a75220f13ad7a3451f6db8a829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"3a02080bba342eb0340502012b3f4dcc"
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: hjewHcLwQUI73HnrxpesYz13X3-w3-EBKEmZQLyqQ3pN-cy5ZjQHsg==
date: Thu, 12 Dec 2024 16:06:30 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 common~da.acb95e48f8711813.js Show response
cdn.financialengines.com/app/enc/ 44 KB
12 KB 423ms
353ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/common~da.acb95e48f8711813.js

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

eeb6f0984a39d737b374a6b9b45bf8e4b6cd8d866faace077e2b4e72a4173495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"d6dca922aa351f58280d4f62c856e566"
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: TuW1rMiHizTmLrqaYpzOJtGvSPMK8_ZV0qWXRxRXx8rR8AMSAbRVOQ==
date: Thu, 12 Dec 2024 16:06:30 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 common~ds.6f21c0802ee3f022.js Show response
cdn.financialengines.com/app/enc/ 519 KB
188 KB 383ms
314ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/common~ds.6f21c0802ee3f022.js

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

78f77a0616c10bc75601e3f23df6c84b6d74795b4f45073b4a752cd6abfd75b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"6bff90d3648d27fac2e057a4fa1305c9"
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: XCbB4eeX-hVIl0YfupWVTiR-R8RkDWjwU4bFPiUSXXRIBPLlKXMo7w==
date: Thu, 12 Dec 2024 16:06:30 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 common~domain.73ea7a0dd821cc91.js Show response
cdn.financialengines.com/app/enc/ 4 KB
2 KB 84ms
15ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/common~domain.73ea7a0dd821cc91.js

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c2b27871a7b1159dd37c3b5df64cb6b6aa2dfab22ebe59f9822f9252df93bfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"6701e30ca0cb64b2fb4398e516e4eb8f"
age: 12224
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: wYMUmRDqlyJmfyEcFvbg89---AAACkz1v6cDNavoVCOSYTS3QksViA==
date: Thu, 12 Dec 2024 12:42:45 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 vendor.e82232f741164c4f.js Show response
cdn.financialengines.com/app/enc/ 562 KB
184 KB 402ms
333ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa39e9a2bee23a1c6ff9dabd1ac9ba72c24cf937a6dc822608ba2bd231516c25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"a56e9ba52abf0ff54ec9b5c95bc72c7c"
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: Dor9671sd1-XHQWVsYgXMz0AAE5RxIZRPmWODIEkzWGChYJXaNk4ZA==
date: Thu, 12 Dec 2024 16:06:30 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 main.e7b2321ae6b1c75d.js Show response
cdn.financialengines.com/app/enc/ 137 KB
39 KB 86ms
17ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/main.e7b2321ae6b1c75d.js

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b0875b268800ca86f7dc68dfcfa074bf674b20c06e892969e24896326639932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"04e376348389f8bbbe3bf3c83eaeb5ec"
age: 31628
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: JJei4GJ8LA8GEseV6gRkE7ULSeG-qYC-tDYEwuRhf8hsrJ6YnWmnug==
date: Thu, 12 Dec 2024 07:19:21 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:480:f9d::1e80
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc8ac787d61af47d3b077ad4b56448bf9.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f9d::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

Software

AkamaiNetStorage /

Resource Hash

d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

cache-control: no-cache
timing-allow-origin: *
content-encoding: gzip
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
x-content-type-options: nosniff
expires: Thu, 12 Dec 2024 17:06:28 GMT
accept-ranges: bytes
access-control-allow-origin: https://www.financialengines.com
content-length: 12184
date: Thu, 12 Dec 2024 16:06:28 GMT
content-type: application/x-javascript
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
vary: Accept-Encoding

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 796 B
884 B 195ms
141ms Fetch
application/json 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=674ffd7f-72e8-4f60-b096-2b391b42af0f&requestId=f4f86dcd-58f8-4cc0-87ef-4bd60fc64e46

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc8ac787d61af47d3b077ad4b56448bf9.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

085437f55dc809f779801f55eab6b5ed87164008b6ccba7599f03e6797c1cd5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain; charset=UTF-8
Referer: https://www.financialengines.com/app/enc/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-request-id: f4f86dcd-58f8-4cc0-87ef-4bd60fc64e46
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-encoding: gzip
x-adobe-edge: IRL1;6
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.financialengines.com
date: Thu, 12 Dec 2024 16:06:28 GMT
x-xss-protection: 1; mode=block
x-konductor: 24.10.124-HOTFIXTARGETSESSIONID:b18afa1c5
vary: Origin
server: jag
content-type: application/json;charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 425 KB
131 KB 103ms
66ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P57D3K

Requested by

Host: www.financialengines.com
URL: https://www.financialengines.com/app/enc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc2e09bcc4aada991f18fb51301cf31c2b49baf054120a1cdf5bd8d266627336

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 12 Dec 2024 16:06:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 12 Dec 2024 15:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 133489
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 33ms
33ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5XE89XMR38&l=dataLayer&cx=c&gtm=45He4cb0v6598169za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P57D3K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

983d8344d06e5932e7127f2518af2d9ed3a106c86fe39a0c89c85a753d551a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 12 Dec 2024 16:06:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110022
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 66ms
37ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P57D3K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-md5: UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD1A2106D903F4
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 5
x-content-type-options: nosniff
expires: Fri, 13 Dec 2024 16:06:29 GMT
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: application/javascript
last-modified: Wed, 11 Dec 2024 20:18:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: cf91a70e-c01e-0092-0347-4c043c000000
cf-ray: 8f0ef6405d09d3a0-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7211
x-ms-blob-type: BlockBlob
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 88ms
29ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5XE89XMR38&gtm=45je4cb0v9168990218z86598169za200zb6598169&_p=1734019588978&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=1840495412.1734019589&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734019589&sct=1&seg=0&dl=https%3A%2F%2Fwww.financialengines.com%2Fapp%2Fenc%2F&dt=Edelman%20Financial%20Engines&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2664
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5XE89XMR38&l=dataLayer&cx=c&gtm=45He4cb0v6598169za200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.financialengines.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 1f903639-98cf-412a-8aba-943b574ecef4.json Show response
cdn.cookielaw.org/consent/1f903639-98cf-412a-8aba-943b574ecef4/ 4 KB
2 KB 72ms
32ms XHR
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1f903639-98cf-412a-8aba-943b574ecef4/1f903639-98cf-412a-8aba-943b574ecef4.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c2cfdaf008701f65dad57af18911098712d590981fd8fbac980a88f99349626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-md5: 8d/D93DwfZViOddmDL4Dfg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DAE9308619A1C1
age: 31629
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 13 Dec 2024 16:06:29 GMT
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: application/json
last-modified: Thu, 29 Dec 2022 00:06:24 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 0db4796c-d01e-004a-4c4c-26a3ed000000
cf-ray: 8f0ef6410d55d2d6-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1487
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 65ms
27ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer: https://www.financialengines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8f0ef6417be5dc9e-FRA
access-control-allow-origin: *
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 22ms
21ms Script
application/javascript 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-md5: uPFqyxtrxGqJsyAvB7RnSg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DADC66BDFA5EC7
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 36524
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: application/javascript
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 56f3a075-701e-00e6-0e84-40827a000000
cf-ray: 8f0ef641d975d3a0-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 93482
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 common~ds~async.4ed673cb1012ccde.js Show response
cdn.financialengines.com/app/enc/ 55 KB
16 KB 14ms
13ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/common~ds~async.4ed673cb1012ccde.js

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/runtime.051ddc5e22d439be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

239c94c64685ef35cf566bb64c83ed5e4c8477cb3bee4812f6be9655bbfbbd56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"300105dd180b1e62917ec694fafbaea1"
age: 7851
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: oMrpaHZENgnISH6TxULTx9tjLJyqYy23k0Sh4ync3DOAhRMmbux7tg==
date: Thu, 12 Dec 2024 13:55:39 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 common~async.895300c5c67dff33.js Show response
cdn.financialengines.com/app/enc/ 143 KB
40 KB 17ms
17ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/common~async.895300c5c67dff33.js

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/runtime.051ddc5e22d439be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

66c70ae84146ab883e16d9a5f95dafdce17303cbd1c0709e23eef61222a60d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"c4a49517a0515a2c22a6dace12400ffc"
age: 12223
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: Ke1uKBQEn3DT4uKkiivDVikTsmitIheceivPR4uI8-t6vHPHtt0y7w==
date: Thu, 12 Dec 2024 12:42:47 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:45 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 route-confirm-identity.fd8582b675acfc71.js Show response
cdn.financialengines.com/app/enc/ 1 KB
2 KB 318ms
318ms Script
text/javascript 2600:9000:26e8:b800:1f:d227:e8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.financialengines.com/app/enc/route-confirm-identity.fd8582b675acfc71.js

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/runtime.051ddc5e22d439be.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:26e8:b800:1f:d227:e8c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0c80038d75680020672c30a3f1c2f515838fa874a23ec2cf6847ec52908098f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://www.financialengines.com/

Response headers

access-control-max-age: 86400
content-encoding: br
etag: W/"42903f8939ff10d7c4c59a66debbe8ed"
access-control-allow-methods: GET
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: RefreshHit from cloudfront
x-amz-cf-id: QiUPuCXucXnvNi4QUtrVWnvsLrXaU0gTUw_6YU13vUEIn4ib31t3pg==
date: Thu, 12 Dec 2024 16:06:30 GMT
content-type: text/javascript
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 21:12:46 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cache-control: max-age=86400
referrer-policy: strict-origin-when-cross-origin
via: 1.1 47bf742fc3975367a1788e300150d028.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-amz-cf-pop: FRA56-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

OPTIONS
H2 204 pageframe
gateway.financialengines.com/advisor/api/v1/ Frame 0
0 747ms
589ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/advisor/api/v1/pageframe?namespace=evaluation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method: GET
Origin: https://www.financialengines.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-fe-client,x-fe-env,x-spa-name
access-control-allow-methods: GET
access-control-allow-origin: https://www.financialengines.com
access-control-expose-headers: x-amzn-requestId, x-fngn-requestid
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-language: de-DE
date: Thu, 12 Dec 2024 16:06:30 GMT
vary: Accept-Encoding,Origin
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-apigw-id: Cr6A_FuMyK4EZmw=
x-amz-cf-id: xdmWzs_oG3ZCHxPJvZllo1xLe35nKCF7Y_3RoIiIqOdoBDmPz42rEw==
x-amz-cf-pop: FRA50-C1
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-date: Thu, 12 Dec 2024 16:06:30 GMT
x-amzn-remapped-server: Apache
x-amzn-requestid: b7fc102e-85f4-4cff-b64f-30c4f67ff5d4
x-cache: Miss from cloudfront
x-fngn-requestid: cdda4017-bda9-47b1-93b5-e0972f91ff52

OPTIONS
H2 204 graphql
gateway.financialengines.com/apollo-graphql/v2/ Frame 0
0 638ms
481ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/apollo-graphql/v2/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method: POST
Origin: https://www.financialengines.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-FE-IDTOKEN,Content-Type,X-Amz-Date,x-fe-client,x-spa-name,x-fe-uuid,x-fe-poid,x-fe-env,X-SPA-GUID,Authorization,Cookie,X-Api-Key,X-Amz-Security-Token,x-fe-client-consistency-token,x-fe-user-context
access-control-allow-methods: GET,HEAD,OPTIONS,POST
access-control-allow-origin: https://www.financialengines.com
access-control-max-age: 86400
date: Thu, 12 Dec 2024 16:06:29 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-apigw-id: Cr6A_EfLSK4EGFw=
x-amz-cf-id: C2RZ1alVLxJOAGsoiw_pNy-HKMWopljM65nfclu2_mu6lpRy7YtIkw==
x-amz-cf-pop: FRA50-C1
x-amzn-remapped-content-length: 406
x-amzn-requestid: a693d1fa-fa25-47cd-b6e6-910434b7dc79
x-amzn-trace-id: Root=1-675b0a05-7386433500a958ee1f40224f;Parent=2360a01b8c92d7b8;Sampled=0;Lineage=1:874db843:0
x-cache: Miss from cloudfront

GET
H2 200 pageframe Show response
gateway.financialengines.com/advisor/api/v1/ 7 KB
3 KB 1108ms
1107ms XHR
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/advisor/api/v1/pageframe?namespace=evaluation
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: /
Resource Hash: 318c30799df30209d8bc12429d8f51a1bafc640fe7af115813013725ad69be1f

Request headers

X-FE-CLIENT: CUSTOMER_SITE
Referer: https://www.financialengines.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-FE-ENV: production
X-SPA-NAME: evaluation

Response headers

x-amzn-remapped-content-length: 2038
content-encoding: gzip
x-amzn-remapped-connection: keep-alive
x-fngn-requestid: 9e06ea9f-be4c-47c7-b98c-74968ccb65ac
x-amzn-requestid: f1f5a715-0956-4fcc-ab8f-6859419b17cb
x-amzn-remapped-server: Apache
x-cache: Miss from cloudfront
x-amz-cf-id: x1AhuFjJuInuIBPWHtfLWW8LK6eGj1sk9rGVoIc74iKr4y9O--N0xA==
date: Thu, 12 Dec 2024 16:06:31 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding,Origin
x-amz-apigw-id: Cr6BFFIYSK4EEfQ=
x-amzn-remapped-date: Thu, 12 Dec 2024 16:06:31 GMT
access-control-allow-credentials: true
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.financialengines.com
content-length: 2038
content-language: de-DE
x-amz-cf-pop: FRA50-C1

POST
H2 200 graphql Show response
gateway.financialengines.com/apollo-graphql/v2/ 160 B
651 B 993ms
973ms XHR
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/apollo-graphql/v2/graphql
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: /
Resource Hash: 44bbbeda3225f135f03d3a6050d4007338e9f65bc0c9952bad559354104ef35a

Request headers

x-fe-client: ENROLLMENT_SITE
Referer: https://www.financialengines.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
x-fe-env: production
x-spa-name: ENROLLMENT_SITE

Response headers

x-amzn-remapped-content-length: 160
x-amz-apigw-id: Cr6BEHAySK4EBEQ=
x-amzn-trace-id: Root=1-675b0a06-5406b8f403958c9a031a5f7c;Parent=46775265ac4d8db8;Sampled=0;Lineage=2:874db843:0
access-control-allow-credentials: true
x-amzn-requestid: bdd2b4ba-5641-4ca9-870d-3cf55a9da1fd
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.financialengines.com
x-cache: Miss from cloudfront
content-length: 160
x-amz-cf-id: Z2m8qOL4j9GUZmBjxHQtGKFhWhjMgQhkwVi9GcE4ln8pOy9r7qOIGA==
date: Thu, 12 Dec 2024 16:06:30 GMT
content-type: application/json; charset=utf-8
x-amz-cf-pop: FRA50-C1

GET
H/1.1 200
OK favicon.ico
www.financialengines.com/ 33 KB
2 KB 279ms
279ms Other
image/vnd.microsoft.icon 2a02:26f0:480:598::2d5b
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.financialengines.com/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:598::2d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software: Apache /
Resource Hash: 3470ec6805030e8d99a5d22177d738fca763659c54c1cff26360cb7c751d50c8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/app/enc/

Response headers

Content-Encoding: gzip
ETag: "84ba-628f9200db180"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2128
Date: Thu, 12 Dec 2024 16:06:29 GMT
Content-Type: image/vnd.microsoft.icon
Last-Modified: Wed, 11 Dec 2024 06:58:30 GMT
Server: Apache
Vary: Accept-Encoding

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/1f903639-98cf-412a-8aba-943b574ecef4/f0d094ae-2be0-4450-8632-8cb74b91a751/ 66 KB
14 KB 30ms
30ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/1f903639-98cf-412a-8aba-943b574ecef4/f0d094ae-2be0-4450-8632-8cb74b91a751/en.json

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7e6af85ff45a143d5ff6698fa50b5ea71f47f601f17743c6f5855cd50e435fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-md5: nqrJOQCNWHRMvP07CX3iMw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DAE9308874EE80
age: 31629
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 13 Dec 2024 16:06:29 GMT
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: application/json
last-modified: Thu, 29 Dec 2022 00:06:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 416f1cad-101e-007e-064c-260c45000000
cf-ray: 8f0ef6421873d2d6-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14349
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 13 KB
3 KB 17ms
17ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otFlat.json

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-md5: vO8A/abKpoPacUrvSk9OSw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DADC66B7AF38D0
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 31629
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: application/json
last-modified: Mon, 12 Dec 2022 17:31:35 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 6ade9742-e01e-0018-4872-79e6e4000000
cf-ray: 8f0ef6426968d2d6-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3020
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/ 62 KB
13 KB 21ms
21ms Fetch
application/json 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/v2/otPcTab.json

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2390acb31de1fd7a3714ea1f198e07648a684d9ad3c36b6f7e697d451354088d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-md5: Rth2PXh7B9Ohvuun2MX33g==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DADC66B943F40E
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 31629
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: application/json
last-modified: Mon, 12 Dec 2022 17:31:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 832cc89f-701e-0047-64b4-c04ce1000000
cf-ray: 8f0ef6426969d2d6-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 13335
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 19ms
19ms Fetch
text/css 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e742a29ab02f35ebd0fe4d7e3b929faca09ab1f0282415406dcb4e0486253f5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-md5: XcxlleAcPGO2n5kTZrHH2Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-lease-status: unlocked
cf-bgj: minify
cf-cache-status: HIT
x-ms-version: 2009-09-19
age: 31629
content-encoding: gzip
x-content-type-options: nosniff
cf-polished: origSize=21721
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: text/css
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 19eda9e5-b01e-0067-294e-79297f000000
cf-ray: 8f0ef642696ad2d6-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 ot_guard_logo.svg Show response
cdn.cookielaw.org/logos/static/ 497 B
490 B 24ms
24ms Fetch
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-md5: tXyZydHjxQshFMbbBT1/8A==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 31629
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: image/svg+xml
last-modified: Wed, 11 Dec 2024 20:18:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 44b9a888-101e-0031-0860-4cc85d000000
cf-ray: 8f0ef64299ead2d6-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 download.png
cdn.cookielaw.org/logos/f3f42f40-1fe1-4537-9fda-7e9fc8281b78/fcd65f62-a167-4121-a7f4-f519dd59ae73/5a3fcdf1-ff0a-400e-b433-b3fe37cc950e/ 4 KB
4 KB 30ms
29ms Image
image/png 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/f3f42f40-1fe1-4537-9fda-7e9fc8281b78/fcd65f62-a167-4121-a7f4-f519dd59ae73/5a3fcdf1-ff0a-400e-b433-b3fe37cc950e/download.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af719e684661590abadee25c69c7aace88730c6a7f5b97ee9150858c84d73443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-md5: VPnCVuCfrdHhxhd4f5re3w==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
etag: 0x8D8D80D71B2C2C2
age: 25437
cf-cache-status: HIT
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: image/png
last-modified: Tue, 23 Feb 2021 15:12:32 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: f14ae4a4-f01e-0049-5a8d-0c7b68000000
cf-ray: 8f0ef642ac40d3a0-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4357
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 28ms
28ms Image
image/svg+xml 2606:4700::6812:572a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:572a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

content-md5: Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 38924
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 12 Dec 2024 16:06:29 GMT
content-type: image/svg+xml
last-modified: Wed, 11 Dec 2024 04:55:23 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 7aa1e03c-a01e-00ef-57c9-4b98f4000000
cf-ray: 8f0ef642ac41d3a0-FRA
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

OPTIONS
H2 204 forKeys
gateway.financialengines.com/advisor/api/v1/texts/ Frame 0
0 579ms
579ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/advisor/api/v1/texts/forKeys
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method: POST
Origin: https://www.financialengines.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-fe-client,x-fe-env,x-spa-name
access-control-allow-methods: POST
access-control-allow-origin: https://www.financialengines.com
access-control-expose-headers: x-amzn-requestId, x-fngn-requestid
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-language: de-DE
date: Thu, 12 Dec 2024 16:06:30 GMT
vary: Accept-Encoding,Origin
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-apigw-id: Cr6BBHpbyK4ECQg=
x-amz-cf-id: E3CPyNv47GY6uR3-0sS1eS3PUMxdxv2cJdbdFNSVImIkqfvBFF2EGw==
x-amz-cf-pop: FRA50-C1
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-date: Thu, 12 Dec 2024 16:06:30 GMT
x-amzn-remapped-server: Apache
x-amzn-requestid: d75e742e-be01-4e96-a5aa-db55e3a05ef0
x-cache: Miss from cloudfront
x-fngn-requestid: fe06cd49-2265-4dba-b4ff-cc9ceaf2d3c1

OPTIONS
H2 204 graphql
gateway.financialengines.com/apollo-graphql/v2/ Frame 0
0 630ms
630ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/apollo-graphql/v2/graphql
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method: POST
Origin: https://www.financialengines.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-FE-IDTOKEN,Content-Type,X-Amz-Date,x-fe-client,x-spa-name,x-fe-uuid,x-fe-poid,x-fe-env,X-SPA-GUID,Authorization,Cookie,X-Api-Key,X-Amz-Security-Token,x-fe-client-consistency-token,x-fe-user-context
access-control-allow-methods: GET,HEAD,OPTIONS,POST
access-control-allow-origin: https://www.financialengines.com
access-control-max-age: 86400
date: Thu, 12 Dec 2024 16:06:30 GMT
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-apigw-id: Cr6BCH98SK4EbsA=
x-amz-cf-id: nHqvSMHZrdsj3irnLzhUajogAU5xhlQrLs5Jbqft_ASR3fWFEb9vRg==
x-amz-cf-pop: FRA50-C1
x-amzn-remapped-content-length: 406
x-amzn-requestid: a9d76758-39ad-46c7-9385-ac113e4861cb
x-amzn-trace-id: Root=1-675b0a06-1849be2c0c013dac14981ed2;Parent=5c36b624e393f46d;Sampled=0;Lineage=1:874db843:0
x-cache: Miss from cloudfront

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ Frame 0
0 745ms
174ms Preflight
text/plain 44.242.134.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.242.134.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-242-134-223.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: POST
Origin: https://www.financialengines.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://www.financialengines.com
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 0
Content-Type: text/plain; charset=UTF-8
Date: Thu, 12 Dec 2024 16:06:30 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

OPTIONS
H2 204 aggregate
gateway.financialengines.com/advisor/api/v1/planowners/comcast/ Frame 0
0 591ms
591ms Preflight 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/advisor/api/v1/planowners/comcast/aggregate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method: GET
Origin: https://www.financialengines.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-fe-client,x-fe-env,x-spa-name
access-control-allow-methods: GET
access-control-allow-origin: https://www.financialengines.com
access-control-expose-headers: x-amzn-requestId, x-fngn-requestid
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-language: de-DE
date: Thu, 12 Dec 2024 16:06:30 GMT
vary: Accept-Encoding,Origin
via: 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront)
x-amz-apigw-id: Cr6BBHzaSK4ELew=
x-amz-cf-id: 9yfZRuIn1fMGF7suCdAKtH6uOvTfdnDTu7LPiXL8OZkf0xJF9SRTKg==
x-amz-cf-pop: FRA50-C1
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-date: Thu, 12 Dec 2024 16:06:30 GMT
x-amzn-remapped-server: Apache
x-amzn-requestid: 7b2ea290-aed2-4009-8adb-dc55b0841f6f
x-cache: Miss from cloudfront
x-fngn-requestid: 836df635-a882-487d-a787-64a427568b9a

POST
H2 200 forKeys Show response
gateway.financialengines.com/advisor/api/v1/texts/ 36 KB
10 KB 1003ms
999ms XHR
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/advisor/api/v1/texts/forKeys
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: /
Resource Hash: 85a9f4b018b80a1aa6431179654d261895d4ddd2f27a9c453cb427416f31512f

Request headers

X-FE-CLIENT: CUSTOMER_SITE
Referer: https://www.financialengines.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json
X-FE-ENV: production
X-SPA-NAME: customer-site

Response headers

x-amzn-remapped-content-length: 9807
content-encoding: gzip
x-amzn-remapped-connection: keep-alive
x-fngn-requestid: 6d3bc4bd-0976-4cfb-9d55-5bcd6ed853fc
x-amzn-requestid: b9896323-3e8d-4845-9fa5-a5e7d1d3e46a
x-amzn-remapped-server: Apache
x-cache: Miss from cloudfront
x-amz-cf-id: QiWidJ7H64bRiNqeyTA75pboFaGpSiF-I-0ysy0Sbu0VhZ2L_Ap1pA==
date: Thu, 12 Dec 2024 16:06:31 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding,Origin
x-amz-apigw-id: Cr6BHGuSyK4EUwA=
x-amzn-remapped-date: Thu, 12 Dec 2024 16:06:31 GMT
access-control-allow-credentials: true
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.financialengines.com
content-length: 9807
content-language: de-DE
x-amz-cf-pop: FRA50-C1

POST
H2 200 graphql Show response
gateway.financialengines.com/apollo-graphql/v2/ 103 B
591 B 926ms
925ms XHR
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/apollo-graphql/v2/graphql
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: /
Resource Hash: fbac3aaf3d46681488af0d12355e938676f40fde7c781faa8e1b7a6e717fa775

Request headers

x-fe-client: ENROLLMENT_SITE
Referer: https://www.financialengines.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: application/json
x-fe-env: production
x-spa-name: ENROLLMENT_SITE

Response headers

x-amzn-remapped-content-length: 103
x-amz-apigw-id: Cr6BHGCaSK4EAOw=
x-amzn-trace-id: Root=1-675b0a06-569042923d0d9b6a26918eaa;Parent=13a5665a34d8239d;Sampled=0;Lineage=2:874db843:0
access-control-allow-credentials: true
x-amzn-requestid: a99bb064-9299-41ab-9909-31a6381b831f
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.financialengines.com
x-cache: Miss from cloudfront
content-length: 103
x-amz-cf-id: vm82g5r7-f9qbiV9FU0sapEz4T-fjRj8nEC6C9jstRgcE0oFm3uBJg==
date: Thu, 12 Dec 2024 16:06:31 GMT
content-type: application/json; charset=utf-8
x-amz-cf-pop: FRA50-C1

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
429 B 694ms
174ms XHR
application/json 44.242.134.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.242.134.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-242-134-223.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Authorization: Splunk A51B9F29-89C1-4FD3-B410-D1D1ED24839D
Referer: https://www.financialengines.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: text/plain;charset=UTF-8

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://www.financialengines.com
Content-Length: 27
Date: Thu, 12 Dec 2024 16:06:31 GMT
Content-Type: application/json; charset=UTF-8
Vary: Authorization, Origin
Server: Splunkd
X-Frame-Options: SAMEORIGIN

GET
H2 200 aggregate Show response
gateway.financialengines.com/advisor/api/v1/planowners/comcast/ 2 KB
2 KB 1287ms
1287ms XHR
application/json 143.204.98.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/advisor/api/v1/planowners/comcast/aggregate
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-3.fra50.r.cloudfront.net
Software: /
Resource Hash: 004827f1286c4821d503e56b1c1a5391eccc049d8a0e7fa4cfc85864ef8e2393

Request headers

X-FE-CLIENT: CUSTOMER_SITE
Referer: https://www.financialengines.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
X-FE-ENV: production
X-SPA-NAME: customer-site

Response headers

x-amzn-remapped-content-length: 794
content-encoding: gzip
x-amzn-remapped-connection: keep-alive
x-fngn-requestid: bbc35419-46fa-49bc-81af-962592b30bda
x-amzn-requestid: ca9af933-04e9-4da9-a962-8bd3daaaf1f2
x-amzn-remapped-server: Apache
x-cache: Miss from cloudfront
x-amz-cf-id: vbWOAvYa974ncUjk3zg2fgeJRYna63UYhNQbzz3h8dxbZmxi6RNhSg==
date: Thu, 12 Dec 2024 16:06:31 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding,Origin
x-amz-apigw-id: Cr6BHFInSK4EEfQ=
x-amzn-remapped-date: Thu, 12 Dec 2024 16:06:31 GMT
access-control-allow-credentials: true
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
access-control-allow-origin: https://www.financialengines.com
content-length: 794
content-language: de-DE
x-amz-cf-pop: FRA50-C1

GET
H2 200 s7789861958230
somtr.financialengines.com/b/ss/finengauthprod/1/JS-2.22.0-LDQM/ 43 B
372 B 98ms
20ms Image
image/gif 63.140.62.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://somtr.financialengines.com/b/ss/finengauthprod/1/JS-2.22.0-LDQM/s7789861958230?AQB=1&ndh=1&pf=1&t=12%2F11%2F2024%2017%3A6%3A29%204%20-60&vid=62598279&fid=5D155728DD2E5703-2E53A8F391D6D431&ce=UTF-8&ns=financialengines&cl=SESSION&pageName=enc-site%3Aenrollment%3Aconfirm-identity&g=https%3A%2F%2Fwww.financialengines.com%2Fapp%2Fenc%2F%23%2Fenrollment%2Fconfirm-identity%3Fs_cid%3Dem%253AFMR%253Acomcast%253ANurture_Non_Member_QRU%253ANON_MEMBER_QRU%253ANON_MEMBER_QRU_NEED_INFO%253A382630%257C9780797%257C1664%26fromPoint%3D%26type%3DTWO_FACTOR_LOGIN%26tok%3Dex3vkrjoayku27xvz628dwrrbqd&cc=USD&c2=comcast&v2=comcast&v5=62598279&c6=fmr&v6=fmr&c11=entry&v11=D%3Dc11&c14=comcast%3A20241212&v14=comcast%3A20241212&c15=enc-site%3Aenrollment%3Aconfirm-identity&v15=enc-site%3Aenrollment%3Aconfirm-identity&v32=em%3Afmr%3Acomcast%3Anurture_non_member_qru%3Anon_member_qru%3Anon_member_qru_need_info%3A382630%7C9780797%7C1664&v36=prospect&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=ty3fo%26purlParamInfo%3D&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.222 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-222.data.adobedc.net

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
etag: 3723778714930774016-4618515250568542054
x-content-type-options: nosniff
expires: Wed, 11 Dec 2024 16:06:30 GMT
access-control-allow-origin: *
p3p: CP="This is not a P3P policy"
content-length: 43
date: Thu, 12 Dec 2024 16:06:30 GMT
x-xss-protection: 1; mode=block
last-modified: Fri, 13 Dec 2024 16:06:30 GMT
vary: *
server: jag
content-type: image/gif;charset=utf-8

GET
H2 200 genesys.min.js Show response
apps.mypurecloud.com/genesys-bootstrap/ 272 KB
87 KB 460ms
219ms Script
text/javascript 100.25.67.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.com/genesys-bootstrap/genesys.min.js

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/main.e7b2321ae6b1c75d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.67.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-67-126.compute-1.amazonaws.com

Software

nginx /

Resource Hash

79d97764cf07e9c5a1e43d3eb37157f6a03bb705f6cfed006146651983499b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=0, no-cache
content-encoding: gzip
x-amz-version-id: W2UpDuzVKbhL.HRnDgLhbikx8C5TonKI
etag: "161a12530eb8dfc886d2a08aa625d52e"
x-amz-request-id: 46JQXFCY6W4VVR8V
content-length: 88919
date: Thu, 12 Dec 2024 16:06:31 GMT
content-type: text/javascript
last-modified: Tue, 19 Nov 2024 11:03:35 GMT
server: nginx
x-amz-id-2: 5XWPHRNCvaILJjudYfXIiQMch1N5EfSRI+F9Mphnau7AwslLjBLrdNGBcWqZ28p96MtOPFkKU9AelL6vMC4r2hzoNKD/TvpT

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fff80ae6a4d0d96864ff25f684ecc08f31b7408e801d0bec3d56b322e6ef96b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 comcast-small.png
images.financialengines.com/public-assets/images/logos/sponsors/ 5 KB
6 KB 672ms
549ms Image
image/png 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.financialengines.com/public-assets/images/logos/sponsors/comcast-small.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 061fef957c926ddee685b66a32b8861d4e8439da9adec443637ae1a78e6a8c78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

x-amz-version-id: BXZ98jn6DLeC96pX2wl1UUuZdXL7ic5w
etag: "74b72a98d11edac85f9c0a995c824ed3"
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
content-length: 5481
x-amz-cf-id: 4nD30lolaBWd9yNIdqNQctTMN37XeyOJmJXQl0Pr5VXDAu9QabTEoA==
date: Thu, 12 Dec 2024 16:06:32 GMT
content-type: image/png
last-modified: Thu, 05 Dec 2024 07:23:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 64a91b582353719d88b2ba3f778b15fdbd89124b04ab573de908874504cce0d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 NimbusSanNov-Bol.ttf
images.financialengines.com/public-assets/fonts/ 119 KB
56 KB 138ms
18ms Font
font/ttf 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.financialengines.com/public-assets/fonts/NimbusSanNov-Bol.ttf
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/common~ds.c6f558e344b80f34.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53daa8c9df17f424c53c1ab0c2b2ee552fb16074e2beee86b3583bcd1ac17558

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://cdn.financialengines.com/

Response headers

access-control-max-age: 31536000
access-control-expose-headers: ETag
content-encoding: br
x-amz-version-id: yEDULuOtlAqKvvWvU0fgCRnDxAkqMX9R
etag: W/"79b01f8995344c6a667ee9ba21ceb7b7"
age: 7851
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: DG_9ftK2Lr136ZvPYQ5ch3CGSOhwtsusFC42QQFS8i7pxh6deCKD0w==
date: Thu, 12 Dec 2024 13:55:41 GMT
content-type: font/ttf
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 07:23:37 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 NimbusSanNov-Med.ttf
images.financialengines.com/public-assets/fonts/ 119 KB
57 KB 130ms
10ms Font
font/ttf 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.financialengines.com/public-assets/fonts/NimbusSanNov-Med.ttf
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/common~ds.c6f558e344b80f34.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6874c423b8566a340dcbbcfcf928e3b235f224345a3f489c907587e26fd59cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://cdn.financialengines.com/

Response headers

access-control-max-age: 31536000
access-control-expose-headers: ETag
content-encoding: br
x-amz-version-id: a5.TtblKvQSRW3okwOpx5OsezojE5Koq
etag: W/"463f72764c03eedd9ccb719c573ee255"
age: 7851
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: aLSxbXKNNE_-JrlvaAZNobEj1i_AF7_VHwUMqXNjfERNmDj4vfwTgw==
date: Thu, 12 Dec 2024 13:55:41 GMT
content-type: font/ttf
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 07:23:37 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 BebasNeuePro-Bold.otf
images.financialengines.com/public-assets/fonts/ 59 KB
37 KB 23ms
23ms Font
font/otf 143.204.98.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.financialengines.com/public-assets/fonts/BebasNeuePro-Bold.otf
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/common~ds.c6f558e344b80f34.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-90.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e6d32a90a98ed772b857d09f86d8bc867bbd6657ed51d49dc44192a5812cba4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.financialengines.com
Referer: https://cdn.financialengines.com/

Response headers

access-control-max-age: 31536000
access-control-expose-headers: ETag
content-encoding: br
x-amz-version-id: hRl2sOhBSb9DGTPqClQHBr7ZuxtsEjyy
etag: W/"07bdc1176b15675d8be8564a5b24d302"
age: 7850
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: RkU1TvHu0IzUY0cCW2ig9Gptc90iEqFmwPdTbPy8NDX_dl62gxbbXw==
date: Thu, 12 Dec 2024 13:55:42 GMT
content-type: font/otf
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
last-modified: Thu, 05 Dec 2024 07:23:37 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK domains.json Show response
api-cdn.mypurecloud.com/webdeployments/v1/deployments/514670be-9f0c-4064-92c3-de6c5b7a9d0f/ 44 B
694 B 378ms
332ms XHR
application/json 108.138.26.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-cdn.mypurecloud.com/webdeployments/v1/deployments/514670be-9f0c-4064-92c3-de6c5b7a9d0f/domains.json
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78bd6ee8a2fce4c0294729fa7db73d0d370298f2f5738b53ecbf229f85171942

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

ETag: "bd0b814b289c55fd0f2d0cd84ca3acd5"
Access-Control-Allow-Methods: GET, POST, PUT
X-Cache: RefreshHit from cloudfront
X-Amz-Cf-Id: YX8GRC-J7XZdUUUvfz0K23e7Tnt-BTYUSt_cI4CFcAB33tHrES-DMA==
Date: Thu, 12 Dec 2024 16:06:33 GMT
Content-Type: application/json
Vary: Origin,accept-encoding
Last-Modified: Fri, 16 Sep 2022 18:38:51 GMT
Cache-Control: max-age=120,s-maxage=120
Connection: keep-alive
Via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 44
X-Amz-Cf-Pop: FRA56-P7
Server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
429 B 176ms
174ms XHR
application/json 44.242.134.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.242.134.223 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-242-134-223.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Authorization: Splunk A51B9F29-89C1-4FD3-B410-D1D1ED24839D
Referer: https://www.financialengines.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: text/plain;charset=UTF-8

Response headers

Connection: keep-alive
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://www.financialengines.com
Content-Length: 27
Date: Thu, 12 Dec 2024 16:06:32 GMT
Content-Type: application/json; charset=UTF-8
Vary: Authorization, Origin
Server: Splunkd
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK config.json Show response
api-cdn.mypurecloud.com/webdeployments/v1/deployments/514670be-9f0c-4064-92c3-de6c5b7a9d0f/ 755 B
1 KB 311ms
310ms XHR
application/json 108.138.26.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-cdn.mypurecloud.com/webdeployments/v1/deployments/514670be-9f0c-4064-92c3-de6c5b7a9d0f/config.json
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-5.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bc0f3538ebd2c4b7b586a87f4d8516f0e834a4282b7f706553da9f6b692ca66c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

ETag: "403b54f5456c867d37e5d5a8e2ade91f"
Access-Control-Allow-Methods: GET, POST, PUT
X-Cache: RefreshHit from cloudfront
X-Amz-Cf-Id: MKlN-rWSl1Tk-sxCpt9m4X_i0POluvq_xR1KpboT6H3dR42iFEZJhg==
Date: Thu, 12 Dec 2024 16:06:33 GMT
Content-Type: application/json
Vary: Origin,accept-encoding
Last-Modified: Fri, 16 Sep 2022 18:38:51 GMT
Cache-Control: max-age=120,s-maxage=120
Connection: keep-alive
Via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 755
X-Amz-Cf-Pop: FRA56-P7
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 journey.min.js Show response
apps.mypurecloud.com/journey/messenger-plugins/ 64 KB
16 KB 100ms
99ms Script
text/javascript 100.25.67.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.com/journey/messenger-plugins/journey.min.js

Requested by

Host: apps.mypurecloud.com
URL: https://apps.mypurecloud.com/genesys-bootstrap/genesys.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.67.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-67-126.compute-1.amazonaws.com

Software

nginx /

Resource Hash

ec5ab956078f3d5415d591f59bdacecea4e7569ad374d71eaa0a24cbe244bf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age: 600
content-encoding: gzip
x-amz-version-id: pR2XcIbIhZWlj7VQwbiqfQ1wzP6yApnt
etag: "931a95cad6e4fb1fb22e558161532883"
x-amz-request-id: WYB7JCCE691S2HZ1
content-length: 16442
date: Thu, 12 Dec 2024 16:06:32 GMT
content-type: text/javascript
last-modified: Fri, 29 Nov 2024 09:43:40 GMT
server: nginx
x-amz-id-2: 95z2KjJYbEoyrVH5D+ZRl/ijuLYr9Fjb7DPQgXw+IObvMXSqdoGHR6IXLbpsHqFielkjH8zcqwc=

GET
H2 200 offersHelper.min.js Show response
apps.mypurecloud.com/journey/messenger-plugins/ 13 KB
6 KB 98ms
98ms Script
text/javascript 100.25.67.126
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.com/journey/messenger-plugins/offersHelper.min.js

Requested by

Host: apps.mypurecloud.com
URL: https://apps.mypurecloud.com/genesys-bootstrap/genesys.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.67.126 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-67-126.compute-1.amazonaws.com

Software

nginx /

Resource Hash

83a7f85c092e56846e6b509c9600d2b8c70abbf5b40400fc10553dc00d9ddd62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age: 600
content-encoding: gzip
x-amz-version-id: j1wmtIjro01WGldSgKtVPNePZ56yeJP.
etag: "608b29334f3c62a231896f2ee645aa16"
x-amz-request-id: WYB0GPDZ1QQ19RED
content-length: 5417
date: Thu, 12 Dec 2024 16:06:32 GMT
content-type: text/javascript
last-modified: Fri, 29 Nov 2024 09:43:40 GMT
server: nginx
x-amz-id-2: GMhufmIM4qHHLr8bE95kPYCzt5QAu8j4NJIEZl7bkc9+QE5qzaO7r/1wGigW09NFN7/KzshqDvM=

GET
H2 200 thirdparty-plugins.html
apps.mypurecloud.com/messenger/ Frame 3E20 0
0 296ms
99ms Document
text/html 44.194.24.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.com/messenger/thirdparty-plugins.html

Requested by

Host: apps.mypurecloud.com
URL: https://apps.mypurecloud.com/genesys-bootstrap/genesys.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.24.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-24-212.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.financialengines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 12 Dec 2024 16:06:32 GMT
etag: W/"7ee50443263c8689a19a181713070425"
last-modified: Fri, 22 Nov 2024 19:36:21 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: eOvc62iZeO4j7sEjKFmG8RdcFfG1+YE0Ux21KAX4P2sJ2zqyfvcfH7OFl7in+4aL65JKqOFrCPk=
x-amz-request-id: WYBBH6PQPY47B0WK
x-amz-version-id: 40gyVAmImkk.ObySM_rAmcxWeWL9P.A8

GET
H2 200 messenger.html
apps.mypurecloud.com/messenger/ Frame 6CA0 0
0 296ms
100ms Document
text/html 44.194.24.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.com/messenger/messenger.html

Requested by

Host: apps.mypurecloud.com
URL: https://apps.mypurecloud.com/genesys-bootstrap/genesys.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.24.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-24-212.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.financialengines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 12 Dec 2024 16:06:32 GMT
etag: W/"abca33675ece3036e2022fe6aceb9d38"
last-modified: Fri, 22 Nov 2024 19:36:20 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: OpChQ19XG67MfalF1UM42SUdt0IIA5RmNBU26dT5cG8wAhIDDNDb55reKKBtbgPHzISlTP0LR4o=
x-amz-request-id: 46JQ175RR1WZA33J
x-amz-version-id: cNIX1Xae7Rz0e9gu4ZQ0GW2lKay28PqP

GET
H2 200 messenger-renderer.html
apps.mypurecloud.com/messenger/ Frame 976B 0
0 296ms
101ms Document
text/html 44.194.24.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://apps.mypurecloud.com/messenger/messenger-renderer.html

Requested by

Host: apps.mypurecloud.com
URL: https://apps.mypurecloud.com/genesys-bootstrap/genesys.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.194.24.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-194-24-212.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.financialengines.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Thu, 12 Dec 2024 16:06:32 GMT
etag: W/"2401414f0bbc4b37c665dc7f804b77c5"
last-modified: Fri, 22 Nov 2024 19:36:20 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-id-2: oxrqiQiOhyDC0/Kc1mP5/6pZg6k4oy1Q4jZQtwK777hL8hRJy0dKSxfGfhNFvf7Y2jfDGfUZOaw=
x-amz-request-id: 1ZJN6D5G2XCACG69
x-amz-version-id: npNqONfh3k0iNQQfGp1EtoPO3phZHL5A

POST
H/1.1 204
No Content beacons
api.mypurecloud.com/api/v2/journey/deployments/514670be-9f0c-4064-92c3-de6c5b7a9d0f/customers/3ef34a86-7a36-4181-a1df-7e10b8ab4f20/ 0
862 B 295ms
143ms Ping
text/plain 13.32.27.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mypurecloud.com/api/v2/journey/deployments/514670be-9f0c-4064-92c3-de6c5b7a9d0f/customers/3ef34a86-7a36-4181-a1df-7e10b8ab4f20/beacons?data=eyJfdiI6IjIuMTQ4My4wIiwiX2FjdG11IjoiM2VmMzRhODYtN2EzNi00MTgxLWExZGYtN2UxMGI4YWI0ZjIwIiwiYXR0Ijp7fSwiY2lkIjoiM2VmMzRhODYtN2EzNi00MTgxLWExZGYtN2UxMGI4YWI0ZjIwIiwiY3ZjIjoiMSIsImRrIjpudWxsLCJkbCI6Imh0dHBzOi8vd3d3LmZpbmFuY2lhbGVuZ2luZXMuY29tL2FwcC9lbmMvIy9lbnJvbGxtZW50L2NvbmZpcm0taWRlbnRpdHk%2Fc19jaWQ9ZW0lM0FGTVIlM0Fjb21jYXN0JTNBTnVydHVyZV9Ob25fTWVtYmVyX1FSVSUzQU5PTl9NRU1CRVJfUVJVJTNBTk9OX01FTUJFUl9RUlVfTkVFRF9JTkZPJTNBMzgyNjMwJTdDOTc4MDc5NyU3QzE2NjQmZnJvbVBvaW50PSZ0eXBlPVRXT19GQUNUT1JfTE9HSU4mdG9rPWV4M3ZrcmpvYXlrdTI3eHZ6NjI4ZHdycmJxZHR5M2ZvJnB1cmxQYXJhbUluZm89IiwiZG4iOiJlbiIsImRydSI6bnVsbCwiZHQiOiJDb25maXJtIElkZW50aXR5IHwgRWRlbG1hbiBGaW5hbmNpYWwgRW5naW5lcyIsImZmIjpmYWxzZSwiZmoiOmZhbHNlLCJmcCI6dHJ1ZSwiZnciOnRydWUsInNiYyI6MSwic2giOjEyMDAsInNpZCI6IjBlMGRmMzMwLWI4YTMtMTFlZi1hZjJjLTE1ZGU0OTFhYmIxMSIsInNwYyI6MSwic3J1IjpudWxsLCJzc2YiOjAsInNzcCI6MCwic3ciOjE2MDAsInQiOiJwYWdldmlldyIsInRiYyI6MSwidHBjIjoxLCJ0dHMiOnt9LCJ2aCI6MTIwMCwidnciOjE2MDB9&type=pageview

Requested by

Host: apps.mypurecloud.com
URL: https://apps.mypurecloud.com/journey/messenger-plugins/journey.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-68.fra56.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Max-Age: 86400
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Expose-Headers: Retry-After,inin-correlation-id
ININ-Correlation-Id: 30318145-e89a-4bd8-8135-300ce16924f0
Connection: keep-alive
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
Via: 1.1 cb1bcb02f5d0667fafd0890701965f18.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: https://www.financialengines.com
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: toGm5qssg8LY9mPWtPyAHvDArW3FC0npMOoK_SERSk44g0_uwAK2EA==
Date: Thu, 12 Dec 2024 16:06:33 GMT
X-Amz-Cf-Pop: FRA56-C2
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, DNT, User-Agent, Keep-Alive, Cache-Control, ININ-Client-Path, Genesys-App

POST
H2 204 collect Show response
region1.google-analytics.com/g/ 0
57 B 18ms
18ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5XE89XMR38&gtm=45je4cb0v9168990218za200zb6598169&_p=1734019588978&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485&cid=1840495412.1734019589&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1734019589&sct=1&seg=0&dl=https%3A%2F%2Fwww.financialengines.com%2Fapp%2Fenc%2F&dt=Edelman%20Financial%20Engines&en=scroll&epn.percent_scrolled=90&_et=6&tfd=7672
Requested by: Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.financialengines.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 12 Dec 2024 16:06:34 GMT
content-type: text/plain
server: Golfe2

GET
H/1.1 200
OK ping Show response
api.mypurecloud.com/api/v2/journey/deployments/514670be-9f0c-4064-92c3-de6c5b7a9d0f/customers/3ef34a86-7a36-4181-a1df-7e10b8ab4f20/ 14 B
920 B 124ms
107ms XHR
application/json 13.32.27.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mypurecloud.com/api/v2/journey/deployments/514670be-9f0c-4064-92c3-de6c5b7a9d0f/customers/3ef34a86-7a36-4181-a1df-7e10b8ab4f20/ping?sessionId=0e0df330-b8a3-11ef-af2c-15de491abb11&t=1734019594878&dl=https%3A%2F%2Fwww.financialengines.com%2Fapp%2Fenc%2F%23%2Fenrollment%2Fconfirm-identity%3Fs_cid%3Dem%253AFMR%253Acomcast%253ANurture_Non_Member_QRU%253ANON_MEMBER_QRU%253ANON_MEMBER_QRU_NEED_INFO%253A382630%257C9780797%257C1664%26fromPoint%3D%26type%3DTWO_FACTOR_LOGIN%26tok%3Dex3vkrjoayku27xvz628dwrrbqdty3fo%26purlParamInfo%3D&dt=Confirm%20Identity%20%7C%20Edelman%20Financial%20Engines

Requested by

Host: cdn.financialengines.com
URL: https://cdn.financialengines.com/app/enc/vendor.e82232f741164c4f.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-68.fra56.r.cloudfront.net

Software

Resource Hash

7d357b0ef1f85ba71c5ccebb6671b0c34f4b3950f5b21d2af7b4a3d4e9dcd570

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.financialengines.com/

Response headers

Access-Control-Max-Age: 86400
Access-Control-Expose-Headers: Retry-After,inin-correlation-id
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: YQgQRKA62GBVLt5NQzYF8jB1qyo35dPuiNShcyF9DrmOJ5-8Oo3Ikg==
Date: Thu, 12 Dec 2024 16:06:34 GMT
Content-Type: application/json
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, DNT, User-Agent, Keep-Alive, Cache-Control, ININ-Client-Path, Genesys-App
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, no-store, must-revalidate
ININ-Correlation-Id: 2bc5265b-3076-455a-8e00-095b0dad0a07
Connection: keep-alive
Via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: https://www.financialengines.com
Content-Length: 14
X-Amz-Cf-Pop: FRA56-C2

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.financialengines.com/	1969-12-31 23:59:59	Name: sessFlag Value: true
.financialengines.com/	1969-12-31 23:59:59	Name: sessionToken Value: prod-sess-aac81f81-2c36-446a-ad27-3bf88ca8f0cf
.financialengines.com/	1969-12-31 23:59:59	Name: authType Value: aws
.financialengines.com/	1969-12-31 23:59:59	Name: s Value: GW-PRD-20241212-0806-0000492
.financialengines.com/	1969-12-31 23:59:59	Name: sessionId Value: GW-PRD-20241212-0806-0000492
.financialengines.com/	1969-12-31 23:59:59	Name: daVars Value: %7B%22sponsorDateStamp%22%3A%22comcast%3A20241212%22%2C%22enrStatus%22%3A%22PROSPECT%22%2C%22envType%22%3A%22USER_PROD%22%2C%22providerId%22%3A%22FMR%22%2C%22sponsorId%22%3A%22comcast%22%2C%22namespace%22%3A%22%22%2C%22userType%22%3A%22USER%22%2C%22sessionId%22%3A%22GW-PRD-20241212-0806-0000492%22%2C%22isUserTemp%22%3A%22false%22%2C%22pageName%22%3A%22%22%2C%22userId%22%3A%2262598279%22%7D
.financialengines.com/	1970-01-21 11:09:07	Name: kndctr_2F8627E253DAF2480A490D4E_AdobeOrg_identity Value: CiY2NTE5OTczNTgxMzg3OTQzMjczMjA0ODU4MjkxMjU4NjM5MjkzNlITCIPI_Ny7MhABGAEqBElSTDEwAPABg8j83Lsy
.financialengines.com/	1970-01-21 01:40:21	Name: kndctr_2F8627E253DAF2480A490D4E_AdobeOrg_cluster Value: irl1
.financialengines.com/	1970-01-21 11:16:19	Name: _ga Value: GA1.1.1840495412.1734019589
.financialengines.com/	1970-01-21 11:16:19	Name: _ga_5XE89XMR38 Value: GS1.1.1734019589.1.0.1734019589.0.0.0
.financialengines.com/	1970-01-21 10:25:55	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Dec+12+2024+17%3A06%3A29+GMT%2B0100+(Mitteleurop%C3%A4ische+Normalzeit)&version=202211.2.0&isIABGlobal=false&hosts=&consentId=e02a01ad-be0f-46a9-b14d-024a123f7424&interactionCount=0&landingPath=https%3A%2F%2Fwww.financialengines.com%2Fapp%2Fenc%2F%23%2Fenrollment%2Fconfirm-identity%3Fs_cid%3Dem%253AFMR%253Acomcast%253ANurture_Non_Member_QRU%253ANON_MEMBER_QRU%253ANON_MEMBER_QRU_NEED_INFO%253A382630%257C9780797%257C1664%26fromPoint%3D%26type%3DTWO_FACTOR_LOGIN%26tok%3Dex3vkrjoayku27xvz628dwrrbqdty3fo%26purlParamInfo%3D&groups=C0001%3A1%2CC0004%3A1%2CC0002%3A1%2CC0003%3A1
.financialengines.com/	1969-12-31 23:59:59	Name: s_fid Value: 5D155728DD2E5703-2E53A8F391D6D431
.financialengines.com/	1969-12-31 23:59:59	Name: c11 Value: enc-site%3Aenrollment%3Aconfirm-identity
.financialengines.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.financialengines.com/	1970-01-21 11:16:19	Name: ptc Value: "72e83154-c4fa-4b0c-b0d7-d680d3123104::1734019590821"
www.financialengines.com/	1970-01-21 01:40:20	Name: _dd_s Value: rum=0&expire=1734020489399

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-cdn.mypurecloud.com
api.mypurecloud.com
apps.mypurecloud.com
assets.adobedtm.com
cdn.cookielaw.org
cdn.financialengines.com
click.mail.edelmanfinancialengines.com
edge.adobedc.net
gateway.financialengines.com
geolocation.onetrust.com
http-inputs-financialengines.splunkcloud.com
images.financialengines.com
region1.google-analytics.com
somtr.financialengines.com
www.financialengines.com
www.googletagmanager.com
100.25.67.126
108.138.26.5
13.111.148.97
13.32.27.68
143.204.98.3
143.204.98.90
2001:4860:4802:32::36
2600:9000:26e8:b800:1f:d227:e8c0:93a1
2606:4700:4400::ac40:9b77
2606:4700::6812:572a
2a00:1450:4001:803::2008
2a02:26f0:480:598::2d5b
2a02:26f0:480:f9d::1e80
44.194.24.212
44.242.134.223
63.140.62.222
004827f1286c4821d503e56b1c1a5391eccc049d8a0e7fa4cfc85864ef8e2393
061fef957c926ddee685b66a32b8861d4e8439da9adec443637ae1a78e6a8c78
085437f55dc809f779801f55eab6b5ed87164008b6ccba7599f03e6797c1cd5f
0b0875b268800ca86f7dc68dfcfa074bf674b20c06e892969e24896326639932
0c80038d75680020672c30a3f1c2f515838fa874a23ec2cf6847ec52908098f0
0e6d32a90a98ed772b857d09f86d8bc867bbd6657ed51d49dc44192a5812cba4
11e9d44177b2e438f445421e3b5827719fee9139f41db6431feeb612292193ea
1c2cfdaf008701f65dad57af18911098712d590981fd8fbac980a88f99349626
1df323c03e742ff217794c8ace2c647f3f0cf868c91d4396c166262ca1075acc
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2390acb31de1fd7a3714ea1f198e07648a684d9ad3c36b6f7e697d451354088d
239c94c64685ef35cf566bb64c83ed5e4c8477cb3bee4812f6be9655bbfbbd56
3125184c50dbf78a4f8eab80080291b004105745c43df3bf89907231f0e8cc42
318c30799df30209d8bc12429d8f51a1bafc640fe7af115813013725ad69be1f
3470ec6805030e8d99a5d22177d738fca763659c54c1cff26360cb7c751d50c8
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
44bbbeda3225f135f03d3a6050d4007338e9f65bc0c9952bad559354104ef35a
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
53daa8c9df17f424c53c1ab0c2b2ee552fb16074e2beee86b3583bcd1ac17558
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
64a91b582353719d88b2ba3f778b15fdbd89124b04ab573de908874504cce0d7
66c70ae84146ab883e16d9a5f95dafdce17303cbd1c0709e23eef61222a60d6f
6874c423b8566a340dcbbcfcf928e3b235f224345a3f489c907587e26fd59cf4
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
78bd6ee8a2fce4c0294729fa7db73d0d370298f2f5738b53ecbf229f85171942
78f77a0616c10bc75601e3f23df6c84b6d74795b4f45073b4a752cd6abfd75b5
79d97764cf07e9c5a1e43d3eb37157f6a03bb705f6cfed006146651983499b0a
7d357b0ef1f85ba71c5ccebb6671b0c34f4b3950f5b21d2af7b4a3d4e9dcd570
83a7f85c092e56846e6b509c9600d2b8c70abbf5b40400fc10553dc00d9ddd62
85a9f4b018b80a1aa6431179654d261895d4ddd2f27a9c453cb427416f31512f
87a1aa1897d0c9e343a201a522968491a68738a2e93e9efac466e0bd61caef69
983d8344d06e5932e7127f2518af2d9ed3a106c86fe39a0c89c85a753d551a1e
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
af719e684661590abadee25c69c7aace88730c6a7f5b97ee9150858c84d73443
b58fd13f604dcac90236f5c87abf065ec7193b15741a25f7ddcda54866349e50
b7e6af85ff45a143d5ff6698fa50b5ea71f47f601f17743c6f5855cd50e435fe
bb705de922069a0f44704bc330ee3745240968a75220f13ad7a3451f6db8a829
bc0f3538ebd2c4b7b586a87f4d8516f0e834a4282b7f706553da9f6b692ca66c
bc2e09bcc4aada991f18fb51301cf31c2b49baf054120a1cdf5bd8d266627336
c16b356505200a8ab6991b091d501aaf2a1d4aa952d05423dadd979e60ccf587
c2b27871a7b1159dd37c3b5df64cb6b6aa2dfab22ebe59f9822f9252df93bfd4
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e742a29ab02f35ebd0fe4d7e3b929faca09ab1f0282415406dcb4e0486253f5c
ec5ab956078f3d5415d591f59bdacecea4e7569ad374d71eaa0a24cbe244bf81
eeb6f0984a39d737b374a6b9b45bf8e4b6cd8d866faace077e2b4e72a4173495
fa39e9a2bee23a1c6ff9dabd1ac9ba72c24cf937a6dc822608ba2bd231516c25
fbac3aaf3d46681488af0d12355e938676f40fde7c781faa8e1b7a6e717fa775
fff80ae6a4d0d96864ff25f684ecc08f31b7408e801d0bec3d56b322e6ef96b0

www.financialengines.com Open in urlscan Pro 2a02:26f0:480:598::2d5b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

44 %IPv6

10 Domains

16 Subdomains

16 IPs

2 Countries

1353 kBTransfer

4159 kBSize

16 Cookies

6 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.financialengines.com Open in urlscan Pro
2a02:26f0:480:598::2d5b Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

44 %
IPv6

10
Domains

16
Subdomains

16
IPs

2
Countries

1353 kB
Transfer

4159 kB
Size

16
Cookies

60 HTTP transactions
2 data transactions