login.financialengines.com Open in urlscan Pro
2600:9000:2104:1a00:1:29d5:4480:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.email.edelmanfinancialengines.com/?qs=5cf6158f67844986d4fc0c73650e8a8ab6410ed28c759314cee8bd7d1f8e7e4a6764405bb34bd9309667bdfac93b...
Effective URL:
https://login.financialengines.com/
Submission: On March 02 via manual (March 2nd 2021, 12:04:39 am UTC) from US

Summary HTTP 37 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 7 IPs in 1 countries across 6 domains to perform 37 HTTP transactions. The main IP is 2600:9000:2104:1a00:1:29d5:4480:93a1, located in United States and belongs to AMAZON-02, US. The main domain is login.financialengines.com.
TLS certificate: Issued by Amazon on July 6th 2020. Valid for: a year.

This is the only time login.financialengines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	68.232.203.70 68.232.203.70	22606 (EXACT-7) (EXACT-7)
7	2600:9000:210... 2600:9000:2104:1a00:1:29d5:4480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.187.53 65.9.187.53	16509 (AMAZON-02) (AMAZON-02)
18	52.25.208.77 52.25.208.77	16509 (AMAZON-02) (AMAZON-02)
6	65.9.83.13 65.9.83.13	16509 (AMAZON-02) (AMAZON-02)
1	52.0.163.213 52.0.163.213	14618 (AMAZON-AES) (AMAZON-AES)
2	13.225.78.18 13.225.78.18	16509 (AMAZON-02) (AMAZON-02)
37	7

1 68.232.203.70 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.s6.exacttarget.com

click.email.edelmanfinancialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2104:1a00:1:29d5:4480:93a1 (United States)

ASN16509 (AMAZON-02, US)

login.financialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.187.53 (United States)

ASN16509 (AMAZON-02, US)

cdn.heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.25.208.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-208-77.us-west-2.compute.amazonaws.com

http-inputs-financialengines.splunkcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.83.13 (United States)

ASN16509 (AMAZON-02, US)

gateway.financialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.0.163.213 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-163-213.compute-1.amazonaws.com

heapanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-18.fra2.r.cloudfront.net

global.oktacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	splunkcloud.com http-inputs-financialengines.splunkcloud.com	4 KB
13	financialengines.com login.financialengines.com gateway.financialengines.com	936 KB
2	oktacdn.com global.oktacdn.com	358 KB
2	heapanalytics.com cdn.heapanalytics.com heapanalytics.com	40 KB
1	edelmanfinancialengines.com 1 redirects click.email.edelmanfinancialengines.com	231 B
0	financialengines.io Failed fonts.financialengines.io Failed
37	6

	Domain	Requested by
18	http-inputs-financialengines.splunkcloud.com	login.financialengines.com
7	login.financialengines.com	login.financialengines.com
6	gateway.financialengines.com	login.financialengines.com
2	global.oktacdn.com	login.financialengines.com
1	heapanalytics.com
1	cdn.heapanalytics.com	login.financialengines.com
1	click.email.edelmanfinancialengines.com	1 redirects
0	fonts.financialengines.io Failed	login.financialengines.com
37	8

This site contains links to these domains. Also see Links.

Domain
client.schwab.com
www.advisorclient.com
app.trustamerica.com
login.fidelity.com
www.edelmanfinancialengines.com

Subject Issuer	Validity	Valid
login.financialengines.com Amazon	`2020-07-06` - `2021-08-06`	a year	crt.sh
cdn.heapanalytics.com Amazon	`2020-09-24` - `2021-10-26`	a year	crt.sh
*.splunkcloud.com DigiCert SHA2 Secure Server CA	`2019-05-01` - `2021-05-07`	2 years	crt.sh
gateway.financialengines.com Amazon	`2020-05-14` - `2021-06-14`	a year	crt.sh
heapanalytics.com Amazon	`2020-12-24` - `2022-01-22`	a year	crt.sh
*.oktacdn.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-15` - `2022-01-15`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.financialengines.com/
Frame ID: 7CD933EFAB978724D3AFFB2F644A27F0
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://click.email.edelmanfinancialengines.com/?qs=5cf6158f67844986d4fc0c73650e8a8ab6410ed28c759314cee8bd7d1f8e7e4a6764405b... HTTP 302
https://login.financialengines.com/ Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Heap (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /heap-\d+\.js/i

Page Statistics

37
Requests

95 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

7
IPs

1
Countries

1338 kB
Transfer

2361 kB
Size

2
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://client.schwab.com/
Title: Charles Schwab

Search URL Search Domain Scan URL

URL: https://www.advisorclient.com/login
Title: TD Ameritrade

Search URL Search Domain Scan URL

URL: https://app.trustamerica.com/liberty
Title: E.TRADE

Search URL Search Domain Scan URL

URL: https://login.fidelity.com/ftgw/Fidelity/RtlCust/Login/Init
Title: Fidelity

Search URL Search Domain Scan URL

URL: https://www.edelmanfinancialengines.com/legal-information
Title: Legal Information

Search URL Search Domain Scan URL

URL: https://www.edelmanfinancialengines.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.edelmanfinancialengines.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.edelmanfinancialengines.com/media/pdf/edelman-financial-engines-adv
Title: Edelman Financial Engines ADV

Search URL Search Domain Scan URL

URL: https://www.edelmanfinancialengines.com/business-continuity
Title: Business Continuity

Search URL Search Domain Scan URL

URL: https://www.edelmanfinancialengines.com/media/pdf/wrap-fee-brochure
Title: Wrap Fee Brochure

Search URL Search Domain Scan URL

URL: https://www.edelmanfinancialengines.com/media/pdf/DNSMPI
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.email.edelmanfinancialengines.com/?qs=5cf6158f67844986d4fc0c73650e8a8ab6410ed28c759314cee8bd7d1f8e7e4a6764405bb34bd9309667bdfac93b744c71d0126f2b0c9af3 HTTP 302
https://login.financialengines.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
login.financialengines.com/
Redirect Chain

http://click.email.edelmanfinancialengines.com/?qs=5cf6158f67844986d4fc0c73650e8a8ab6410ed28c759314cee8bd7d1f8e7e4a6764405bb34bd9309667bdfac93b744c71d0126f2b0c9af3
https://login.financialengines.com/

3 KB
3 KB

413ms
326ms

Document
text/html

2600:9000:2104:1a00:1:29d5:4480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.financialengines.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:1a00:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 362e7e5baffe466d44a59a6944e56a836c2a507a67f739da8edffda3639170e2

Request headers

Host: login.financialengines.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html
Content-Length: 2623
Connection: keep-alive
Last-Modified: Tue, 23 Feb 2021 02:13:27 GMT
Server: AmazonS3
Date: Tue, 02 Mar 2021 00:04:22 GMT
ETag: "2ab8896b941c300a21d993aa1a747bff"
X-Cache: RefreshHit from cloudfront
Via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: tEUw7C1yPEKxXjQbF55FrIc3QtDcSDyQsU1fMa1A-QC2fMgSPYBCBw==

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://login.financialengines.com/#/?siteContext=retail
Date: Tue, 02 Mar 2021 00:04:21 GMT
X-Cnection: close
Content-Length: 173

GET
H/1.1 200
OK vendors~main.e00f0759a7f8e9885b03.js Show response
login.financialengines.com/ 447 KB
448 KB 310ms
309ms Script
application/javascript 2600:9000:2104:1a00:1:29d5:4480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js
Requested by: Host: login.financialengines.com
URL: https://login.financialengines.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:1a00:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4bdd1ff0e5f8bee8c3b3386ce85ac01eee51934478e940ebaf87cde1a344f1b6

Request headers

Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 00:04:23 GMT
Via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Feb 2021 02:13:27 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
ETag: "d9fc9289981b087f819f78d66135cfc6"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 457875
X-Amz-Cf-Id: 6WO-PNbLRPpL9c5tekYvCL8ZROkjQZIWJiAsvVMWOvpU-CpOLk5aFA==

GET
H/1.1 200
OK main.50881d427385389894b6.js Show response
login.financialengines.com/ 347 KB
348 KB 342ms
312ms Script
application/javascript 2600:9000:2104:1a00:1:29d5:4480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.financialengines.com/main.50881d427385389894b6.js
Requested by: Host: login.financialengines.com
URL: https://login.financialengines.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:1a00:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f60ca3c9def0530380a2bf797fee847eb3804de8629cc89a9c657c8b92abe0b

Request headers

Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 00:04:23 GMT
Via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Feb 2021 02:13:27 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
ETag: "8686fdaabd394e3444e7f3014b0916db"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 355560
X-Amz-Cf-Id: BG9-QsyXzvGN87aarfq8rY0khOwFul3AxAqUVmnYYiXUzg0ML-ZP1g==

GET
H2 200 heap-2504404970.js Show response
cdn.heapanalytics.com/js/ 100 KB
40 KB 237ms
130ms Script
application/javascript 65.9.187.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.heapanalytics.com/js/heap-2504404970.js

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.187.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a6b4b9efe49f7fa7a55309dd5e732f54b71f6dbaddccf51937b3dadd21016a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 00:04:16 GMT
content-encoding: gzip
server: nginx
age: 6
etag: W/"19139-ivS2rC7YHIT7lQqUENxPxA"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 7e8e21f463faf38ee9cfcd5ec5e09b6d.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: ZAG50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: cQ2SXaxH2cPVowKzviv8FTbnsPphKWZDTAsB4LalkbZ49wck-1Wx_w==

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 750ms
181ms Other
text/plain 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://login.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Tue, 02 Mar 2021 00:04:22 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 715ms
178ms XHR
application/json 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
Authorization: Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Mar 2021 00:04:23 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://login.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

OPTIONS
H2 204 pageframe
gateway.financialengines.com/advisor/api/v1/ 0
0 685ms
565ms Other 65.9.83.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/advisor/api/v1/pageframe?namespace=login
Protocol: H2
Server: 65.9.83.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-fe-client,x-fe-env,x-spa-name
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 02 Mar 2021 00:04:22 GMT
x-amzn-requestid: 02387129-42c3-42d7-8e90-8be99c1bb2e2
x-fngn-requestid: f9249756-1a1e-47b3-b762-93962598727d
access-control-allow-origin: https://login.financialengines.com
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
access-control-allow-headers: x-fe-client,x-fe-env,x-spa-name
content-language: en-US
x-amzn-remapped-connection: keep-alive
x-amz-apigw-id: biEZEEsoSK4FqWA=
vary: Accept-Encoding,Origin
x-amzn-remapped-server: Apache
access-control-allow-methods: GET
access-control-expose-headers: x-amzn-requestId, x-fngn-requestid
access-control-max-age: 3600
x-amzn-remapped-date: Tue, 02 Mar 2021 00:04:22 GMT
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: GouMq26jAAWz3jZPgefgCwsIXplh77JG3aKm7B8ba7p649Jwyn__Ew==

GET
H2 200 pageframe Show response
gateway.financialengines.com/advisor/api/v1/ 5 KB
3 KB 865ms
789ms XHR
application/json 65.9.83.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/advisor/api/v1/pageframe?namespace=login
Requested by: Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.83.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8936028bbb28188194b226ec37087c0c0c153363ed4a5efa07beabcd135c5a43

Request headers

X-SPA-NAME: login
Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
X-FE-ENV: production
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-FE-CLIENT: CUSTOMER_SITE

Response headers

date: Tue, 02 Mar 2021 00:04:23 GMT
content-encoding: gzip
x-amzn-remapped-content-length: 1623
x-amzn-remapped-date: Tue, 02 Mar 2021 00:04:23 GMT
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: fdf44310-6f29-4edd-90dd-bcd29c70ce6b
x-cache: Miss from cloudfront
x-amz-apigw-id: biEZLEvoSK4Fn_A=
content-length: 1623
access-control-allow-origin: https://login.financialengines.com
vary: Accept-Encoding,Origin
content-language: en-US
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
x-amzn-remapped-server: Apache
x-fngn-requestid: 3a73341b-992c-41b6-b8ec-10e8c545e481
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
x-amz-cf-id: ciHaZT4ikgm3S-J3jXPcVjFxezqgXkaes7pgj-mFM9WBLeCqAHscBw==
x-amzn-remapped-connection: keep-alive

GET
H2 200 h
heapanalytics.com/ 37 B
259 B 311ms
104ms Image
image/gif 52.0.163.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://heapanalytics.com/h?a=2504404970&u=6131092284022144&v=1186517882483472&s=1820685309465934&b=web&tv=4.0&z=0&g=%23%2F%3FsiteContext%3Dretail&h=%2F&d=login.financialengines.com&t=Login%20%7C%20Edelman%20Financial%20Engines&ts=1614643462287&st=1614643462288

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.0.163.213 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-0-163-213.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 Mar 2021 00:04:22 GMT
server: nginx
etag: W/"25-PqzQEyMQ6kTK11azeKO8Bw"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-length: 37

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 195ms
195ms Other
text/plain 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://login.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Tue, 02 Mar 2021 00:04:23 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 376ms
181ms Other
text/plain 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://login.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Tue, 02 Mar 2021 00:04:24 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

OPTIONS
H2 200 status
gateway.financialengines.com/auth/v1/session/ 0
0 475ms
475ms Other
application/json 65.9.83.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/auth/v1/session/status?d=1614643463860
Protocol: H2
Server: 65.9.83.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Tue, 02 Mar 2021 00:04:24 GMT
x-amzn-requestid: 7f6a7aba-8f38-45b2-9f22-c96a43adaf36
access-control-allow-origin: https://login.financialengines.com
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,Cookie,X-Api-Key,X-Amz-Security-Token,x-fe-client,x-fe-context,x-fe-poid,x-fe-uuid,x-fe-env,x-spa-name,x-spa-guid,cache-control,expires,if-modified-since,pragma
x-amz-apigw-id: biEZTGNdyK4FVCA=
vary: origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-trace-id: Root=1-603d8108-7cba553943050ceb7acb4b31;Sampled=0
access-control-max-age: 86500
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 8wL5nTiRII1eZJ-1n3w8mrS-SKBJGu2Vjyjbl5JihbG4998XgUpDwQ==

GET
H/1.1 200
OK vendors~route-create-credentials~route-login.43076d16d63c1cf12c6a.js Show response
login.financialengines.com/ 34 KB
34 KB 308ms
307ms Script
application/javascript 2600:9000:2104:1a00:1:29d5:4480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.financialengines.com/vendors~route-create-credentials~route-login.43076d16d63c1cf12c6a.js
Requested by: Host: login.financialengines.com
URL: https://login.financialengines.com/main.50881d427385389894b6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:1a00:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 479be398592d7dd12cde290d20f55354d04fef1adff01fc1326f22a852e67024

Request headers

Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 00:04:25 GMT
Via: 1.1 e79fcd7f3f0a842841acfca75e35ea79.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Feb 2021 02:13:27 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
ETag: "419969e59fd2e53e58a057f0daef115a"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 34419
X-Amz-Cf-Id: BVw-khf-_00Cc40YLuf8ybVvZY3cs4mHQBUCA9hm9FHzl_NblCUMlA==

GET
H/1.1 200
OK login-route-settings~route-create-credentials~route-forgot-password~route-login.aa02dfa08db8ce7147de.js Show response
login.financialengines.com/ 17 KB
17 KB 321ms
320ms Script
application/javascript 2600:9000:2104:1a00:1:29d5:4480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.financialengines.com/login-route-settings~route-create-credentials~route-forgot-password~route-login.aa02dfa08db8ce7147de.js
Requested by: Host: login.financialengines.com
URL: https://login.financialengines.com/main.50881d427385389894b6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:1a00:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e93d51a1dd5627bf2ade0a5e7a0d35894bfb826e137ea9d685e73af05e63967

Request headers

Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 00:04:25 GMT
Via: 1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Feb 2021 02:13:27 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
ETag: "41c88a4a33c8cd5fb9aeff7fae3426cb"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 17152
X-Amz-Cf-Id: bxO_D_FpG__NIOOcKyAaMa3PCriNdGrxlKdU3eBTAFHHs9ACpXcADA==

GET
H/1.1 200
OK route-create-credentials~route-login.dacb0d075aa233918ff3.js Show response
login.financialengines.com/ 59 KB
59 KB 224ms
193ms Script
application/javascript 2600:9000:2104:1a00:1:29d5:4480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.financialengines.com/route-create-credentials~route-login.dacb0d075aa233918ff3.js
Requested by: Host: login.financialengines.com
URL: https://login.financialengines.com/main.50881d427385389894b6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:1a00:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd28bfd55b1253c0e3fc97e62461b6678f60dee683e4b05d563d52e952c4d5a4

Request headers

Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 00:04:24 GMT
Via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Feb 2021 02:13:27 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
ETag: "4cebac90dc5c3ddd6fe20311a9782e85"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 60421
X-Amz-Cf-Id: n4Qb4nljtZ1naUNO0SG448PIgowDW2iEk9VZ_5QYDj2A_lY5jBy-pg==

GET
H/1.1 200
OK route-login.4fa5b20fdd0d68704026.js Show response
login.financialengines.com/ 22 KB
22 KB 385ms
354ms Script
application/javascript 2600:9000:2104:1a00:1:29d5:4480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.financialengines.com/route-login.4fa5b20fdd0d68704026.js
Requested by: Host: login.financialengines.com
URL: https://login.financialengines.com/main.50881d427385389894b6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:1a00:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aff860fa0c0c69a9a26d5e9499b26f96ac9d47a657232092e23db5aabf128a76

Request headers

Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 02 Mar 2021 00:04:25 GMT
Via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Feb 2021 02:13:27 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
ETag: "0a49e0bb27b176bd1b79eb2797fb4104"
X-Cache: RefreshHit from cloudfront
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 22275
X-Amz-Cf-Id: xKy3VhwEvUb4qr5NjM920sUM-JoKyhvULWNvzSFWv7ZsGDf3jWFDRA==

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70098e0c88953ed2274aadd120a81b06bf6a68cfe634c982437ba5b71e357f12

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9b819240fac368d452a1b1365bf5c285afdd51e401875e5c41be31d48fd44a3

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 6 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c58a5b3355be6e3a3cfdc44a2b0166115d27465483391cd755be3484ddd91629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 177ms
177ms XHR
application/json 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
Authorization: Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Mar 2021 00:04:24 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://login.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 183ms
183ms XHR
application/json 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
Authorization: Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Mar 2021 00:04:24 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://login.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

GET
H2 200 status Show response
gateway.financialengines.com/auth/v1/session/ 121 B
831 B 620ms
619ms XHR
application/json 65.9.83.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/auth/v1/session/status?d=1614643463860
Requested by: Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.83.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 53e904c853e412f0ba1f84ae9265b32ed823ed3714a363060bafd2946f7b89ee

Request headers

Accept: application/json, text/plain, */*
Cache-Control: no-cache, no-store, must-revalidate
Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 00:04:24 GMT
content-encoding: UTF-8
vary: origin
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: b631a36d-11f6-4774-bed3-63ad3a2c4e4d
x-cache: Miss from cloudfront
x-amz-apigw-id: biEZZHPmyK4FfRA=
content-length: 121
access-control-allow-origin: https://login.financialengines.com
x-amzn-trace-id: Root=1-603d8108-1ee6226d5b4b1c347826346d;Sampled=0
access-control-max-age: 86500
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json;charset=UTF-8
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,Cookie,X-Api-Key,X-Amz-Security-Token,x-fe-client,x-fe-context,x-fe-poid,x-fe-uuid,x-fe-env,x-spa-name,x-spa-guid,cache-control,expires,if-modified-since,pragma
x-amz-cf-id: labtONUZiC_HTQuUIHtIFoEeV_KZFPCNYjlp1Gv_7A0XIXEqah5s1g==

GET ARSMaquettePro-Bold.otf
fonts.financialengines.io/ 0
0

GET ARSMaquettePro-Regular.otf
fonts.financialengines.io/ 0
0

GET
H2 200 idpinfo Show response
gateway.financialengines.com/identity/v1/credentials/ 717 B
1 KB 502ms
502ms XHR
application/json 65.9.83.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/identity/v1/credentials/idpinfo?d=1614643464253
Requested by: Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.83.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a2dcbb91f8cdab8218a7185d655092be05180684e07eb48872b5b7d2295a69f9

Request headers

x-spa-name: RETAIL_SITE
Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 00:04:25 GMT
via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5915.cloudfront.net (CloudFront)
vary: origin
x-amz-cf-pop: AMS1-C1
x-amzn-requestid: a9b1ee45-bbcb-4b72-b131-3e6c5bcd4b64
x-cache: Miss from cloudfront
x-amz-apigw-id: biEZdGUTSK4FiIw=
content-length: 717
x-amzn-trace-id: Root=1-603d8109-1f72f1ea188cb847168f194b;Sampled=1
access-control-max-age: 86500
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: https://login.financialengines.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,Cookie,X-Api-Key,X-Amz-Security-Token,x-fe-client,x-spa-name,x-fe-context,x-fe-poid,x-fe-uuid
x-amz-cf-id: _D34UcFwhX4wcFJ1pMZCePDT1xO2yjJV1U-Grvk0qtRpcfR5kB5BEg==

OPTIONS
H2 200 idpinfo
gateway.financialengines.com/identity/v1/credentials/ 0
0 613ms
613ms Other
application/json 65.9.83.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.financialengines.com/identity/v1/credentials/idpinfo?d=1614643464253
Protocol: H2
Server: 65.9.83.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-spa-name
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Tue, 02 Mar 2021 00:04:24 GMT
x-amzn-requestid: 87c36101-9617-4883-baea-a9eb3296f12c
access-control-allow-origin: https://login.financialengines.com
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,Cookie,X-Api-Key,X-Amz-Security-Token,x-fe-client,x-spa-name,x-fe-context,x-fe-poid,x-fe-uuid
x-amz-apigw-id: biEZYE6jSK4FSHQ=
vary: origin
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-trace-id: Root=1-603d8108-506daa285cec76e25078be09;Sampled=0
access-control-max-age: 86500
access-control-allow-credentials: true
x-cache: Miss from cloudfront
via: 1.1 6d424430e2badcd8859fea1f1185697a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: yd99zdjHd69JjhfYgPWkZOVvc6_oyBiammhblNDDU62HV0_D8WsoxA==

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 181ms
181ms Other
text/plain 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://login.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Tue, 02 Mar 2021 00:04:25 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 185ms
184ms Other
text/plain 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://login.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Tue, 02 Mar 2021 00:04:25 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 358ms
181ms Other
text/plain 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://login.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Tue, 02 Mar 2021 00:04:25 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 177ms
177ms XHR
application/json 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
Authorization: Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Mar 2021 00:04:25 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://login.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 347ms
177ms XHR
application/json 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
Authorization: Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Mar 2021 00:04:25 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://login.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 353ms
179ms XHR
application/json 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
Authorization: Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Mar 2021 00:04:25 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://login.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 181ms
181ms Other
text/plain 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://login.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Tue, 02 Mar 2021 00:04:25 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 181ms
181ms XHR
application/json 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
Authorization: Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Mar 2021 00:04:25 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://login.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 287ms
178ms XHR
application/json 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
Authorization: Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Mar 2021 00:04:25 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://login.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 187ms
186ms Other
text/plain 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://login.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Tue, 02 Mar 2021 00:04:25 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

GET
H2 200 okta-sign-in.min.js Show response
global.oktacdn.com/okta-signin-widget/4.1.1/js/ 1 MB
332 KB 139ms
58ms Script
application/x-javascript 13.225.78.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/4.1.1/js/okta-sign-in.min.js

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/route-create-credentials~route-login.dacb0d075aa233918ff3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-18.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

13f3150bab7d70649fd91363b560607bad391f2310e301fc7b6a32beb10e2f5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 02:39:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77093
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=315360000
access-control-allow-origin: *
last-modified: Sat, 30 May 2020 04:41:37 GMT
server: AmazonS3
etag: W/"40e705caabcecd3e74fedeec1937dab7"
vary: Accept-Encoding
x-amz-version-id: jT5LUKkQ_7I.QQwBIXmEjxHjFFK.BUp7
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA2-C2
content-type: application/x-javascript
x-amz-cf-id: hyyx_bCVt3zm9MCJMbbtlliXMVS2hHrsH4dNsUzCA1Ypuc1PdDY7_Q==

GET
H2 200 okta-sign-in.min.css
global.oktacdn.com/okta-signin-widget/4.1.1/css/ 183 KB
26 KB 125ms
45ms Stylesheet
text/css 13.225.78.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://global.oktacdn.com/okta-signin-widget/4.1.1/css/okta-sign-in.min.css

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/route-create-credentials~route-login.dacb0d075aa233918ff3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-18.fra2.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

7cddd47762b57d413b15b195f8d497bac49a25556c4380ac88d90b8ae71b24d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.financialengines.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: OcsCkC08XOzaKdKHxu7L2djVOWtWvXi7
content-encoding: gzip
x-content-type-options: nosniff
age: 72760
x-cache: Hit from cloudfront
date: Mon, 01 Mar 2021 03:51:46 GMT
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=315360000
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified: Sat, 30 May 2020 04:41:37 GMT
server: AmazonS3
etag: W/"9dd4936b79238470b273a000ce0b234b"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000,s-maxage=1814400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: ujEe6GudRzxwybWEySMa6r3GckYguvSst-ufFC5mn9dk14ljzUUIDA==

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 184ms
184ms XHR
application/json 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: login.financialengines.com
URL: https://login.financialengines.com/vendors~main.e00f0759a7f8e9885b03.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://login.financialengines.com/
Authorization: Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 02 Mar 2021 00:04:25 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://login.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 185ms
185ms Other
text/plain 52.25.208.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.25.208.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-25-208-77.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://login.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://login.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Tue, 02 Mar 2021 00:04:25 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fonts.financialengines.io
URL: https://fonts.financialengines.io/ARSMaquettePro-Bold.otf

Domain: fonts.financialengines.io
URL: https://fonts.financialengines.io/ARSMaquettePro-Regular.otf

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.financialengines.com/	1970-01-19 16:30:45	Name: _hp2_ses_props.2504404970 Value: %7B%22z%22%3A0%2C%22ts%22%3A1614643462287%2C%22d%22%3A%22login.financialengines.com%22%2C%22h%22%3A%22%2F%22%2C%22t%22%3A%22Login%20%7C%20Edelman%20Financial%20Engines%22%2C%22g%22%3A%22%23%2F%3FsiteContext%3Dretail%22%7D
			.financialengines.com/	1970-01-20 01:58:41	Name: _hp2_id.2504404970 Value: %7B%22userId%22%3A%226131092284022144%22%2C%22pageviewId%22%3A%221186517882483472%22%2C%22sessionId%22%3A%221820685309465934%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
click.email.edelmanfinancialengines.com
fonts.financialengines.io
gateway.financialengines.com
global.oktacdn.com
heapanalytics.com
http-inputs-financialengines.splunkcloud.com
login.financialengines.com
fonts.financialengines.io
13.225.78.18
2600:9000:2104:1a00:1:29d5:4480:93a1
52.0.163.213
52.25.208.77
65.9.187.53
65.9.83.13
68.232.203.70
13f3150bab7d70649fd91363b560607bad391f2310e301fc7b6a32beb10e2f5a
2e93d51a1dd5627bf2ade0a5e7a0d35894bfb826e137ea9d685e73af05e63967
362e7e5baffe466d44a59a6944e56a836c2a507a67f739da8edffda3639170e2
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
479be398592d7dd12cde290d20f55354d04fef1adff01fc1326f22a852e67024
4bdd1ff0e5f8bee8c3b3386ce85ac01eee51934478e940ebaf87cde1a344f1b6
53e904c853e412f0ba1f84ae9265b32ed823ed3714a363060bafd2946f7b89ee
70098e0c88953ed2274aadd120a81b06bf6a68cfe634c982437ba5b71e357f12
7cddd47762b57d413b15b195f8d497bac49a25556c4380ac88d90b8ae71b24d5
7f60ca3c9def0530380a2bf797fee847eb3804de8629cc89a9c657c8b92abe0b
8936028bbb28188194b226ec37087c0c0c153363ed4a5efa07beabcd135c5a43
a2dcbb91f8cdab8218a7185d655092be05180684e07eb48872b5b7d2295a69f9
a6b4b9efe49f7fa7a55309dd5e732f54b71f6dbaddccf51937b3dadd21016a5a
a9b819240fac368d452a1b1365bf5c285afdd51e401875e5c41be31d48fd44a3
aff860fa0c0c69a9a26d5e9499b26f96ac9d47a657232092e23db5aabf128a76
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c58a5b3355be6e3a3cfdc44a2b0166115d27465483391cd755be3484ddd91629
fd28bfd55b1253c0e3fc97e62461b6678f60dee683e4b05d563d52e952c4d5a4

login.financialengines.com Open in urlscan Pro 2600:9000:2104:1a00:1:29d5:4480:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

95 %HTTPS

14 %IPv6

6 Domains

8 Subdomains

7 IPs

1 Countries

1338 kBTransfer

2361 kBSize

2 Cookies

11 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.financialengines.com Open in urlscan Pro
2600:9000:2104:1a00:1:29d5:4480:93a1 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

95 %
HTTPS

14 %
IPv6

6
Domains

8
Subdomains

7
IPs

1
Countries

1338 kB
Transfer

2361 kB
Size

2
Cookies

37 HTTP transactions
3 data transactions