login.financialengines.com Open in urlscan Pro
2600:9000:214f:5800:1:29d5:4480:93a1  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response login.financialengines.com/	3 KB 3 KB	506ms 325ms	Document text/html	2600:9000:214f:5800:1:29d5:4480:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.financialengines.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:5800:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f16136fd34965934c304d4941b1c78020770ba26330600b0c7db75bff2160c1b Request headers Host login.financialengines.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type text/html Content-Length 2623 Connection keep-alive Date Mon, 06 Jul 2020 19:17:26 GMT Last-Modified Thu, 02 Jul 2020 16:58:13 GMT ETag "16b6c268b027d03cc88364b9b37964f1" Server AmazonS3 X-Cache Miss from cloudfront Via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) X-Amz-Cf-Pop FRA53-C1 X-Amz-Cf-Id F105uyhxFR5eNlpPaU45EvcQz5CA9aOdOyL5O1m-gtMnPXuI8iFvhg==
GET H/1.1	200 OK	vendors~main.7010b402c31fd24d6b31.js Show response login.financialengines.com/	427 KB 428 KB	385ms 385ms	Script application/javascript	2600:9000:214f:5800:1:29d5:4480:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Requested by Host: login.financialengines.com URL: https://login.financialengines.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:5800:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 04e14411429ae29b32b4cf931bf7224a5a344e56e103890efe5b18398c62656a Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 06 Jul 2020 19:17:26 GMT Via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) Last-Modified Thu, 02 Jul 2020 16:58:13 GMT Server AmazonS3 X-Amz-Cf-Pop FRA53-C1 ETag "869fed817103f658f3e242081c8a4d51" X-Cache Miss from cloudfront Content-Type application/javascript Connection keep-alive Content-Length 437710 X-Amz-Cf-Id -UfD9k95IaDg05f1kTmagD6iKnbtJsYbEncKvz40m7ig3w9B-m5Qbg==
GET H/1.1	200 OK	main.cc5a8dccdd11bb11bc41.js Show response login.financialengines.com/	300 KB 300 KB	408ms 393ms	Script application/javascript	2600:9000:214f:5800:1:29d5:4480:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.financialengines.com/main.cc5a8dccdd11bb11bc41.js Requested by Host: login.financialengines.com URL: https://login.financialengines.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:5800:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f849b39442dd1ab2c58e0d11da1b61ec119a60ff6218c0a752ddeb7854148dac Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 06 Jul 2020 19:17:26 GMT Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Last-Modified Thu, 02 Jul 2020 16:58:13 GMT Server AmazonS3 X-Amz-Cf-Pop FRA53-C1 ETag "6126b548a237bd53c890d82e7b0a836e" X-Cache Miss from cloudfront Content-Type application/javascript Connection keep-alive Content-Length 307196 X-Amz-Cf-Id 3KMmwURqsfaCd364wckiTswo7j747WV2uI7egyIDNi-CbnGCH0N67A==
GET H2	200	heap-2504404970.js Show response cdn.heapanalytics.com/js/	90 KB 37 KB	335ms 309ms	Script application/javascript	13.224.102.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/heap-2504404970.js Requested by Host: login.financialengines.com URL: https://login.financialengines.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.102.111 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 3b00f27dd1c4ad2a459a2c6894d46799cac263f9c9e74f870d0954a4dab5fa78 Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 06 Jul 2020 19:17:25 GMT content-encoding gzip server nginx x-amz-cf-pop ZRH50-C1 etag W/"16739-rCpr5RX2k+yLdc3eyv5aNA" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 status 200 cache-control public, max-age=120 x-amz-cf-id PCQHmvAcQi7bndQboNq9_rzYdTIaDUaG01QyYOXE3JcOKqiyWS2LpA== via 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
POST H/1.1	200 OK	collector Show response http-inputs-financialengines.splunkcloud.com/services/	27 B 476 B	748ms 186ms	XHR application/json	52.27.59.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://http-inputs-financialengines.splunkcloud.com/services/collector Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.59.77 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Splunkd / Resource Hash 3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 06 Jul 2020 19:17:27 GMT X-Content-Type-Options nosniff Server Splunkd Access-Control-Allow-Headers Authorization X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods POST,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://login.financialengines.com Access-Control-Allow-Credentials true Connection keep-alive Vary Authorization, Origin Content-Length 27
GET H2	200	pageframe Show response gateway.financialengines.com/advisor/api/v1/	5 KB 3 KB	770ms 730ms	XHR application/json	13.35.254.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gateway.financialengines.com/advisor/api/v1/pageframe?namespace=login Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.254.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 5e8dfa6cb36aee5fd46758488f1e66833b145ccc193eab4bc11c79821335727b Request headers x-spa-name login Accept application/json, text/plain, */* Cache-Control no-cache Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 x-spa-state / Response headers date Mon, 06 Jul 2020 19:17:27 GMT content-encoding gzip vary origin,Accept-Encoding x-amzn-remapped-content-length 1626 x-amz-cf-pop FRA6-C1 x-amzn-requestid 036e15e1-6d9a-4dd5-ad89-57eea898992d x-cache Miss from cloudfront status 200 x-amz-apigw-id PQ_PMHfWSK4Fq6g= content-length 1626 x-amz-cf-id Ofe85KsNC4Rmxizg1JA1U1AIf3vco1q8AZCsvIzar6LsfKN7MBnyow== access-control-allow-origin https://login.financialengines.com access-control-max-age 85000 access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT content-type application/json;charset=UTF-8 via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) x-amzn-remapped-server Apache x-fngn-requestid b5e2dd9b-7681-4462-a873-2065dbe7bd7e access-control-allow-credentials true access-control-allow-headers x-amzn-remapped-date Mon, 06 Jul 2020 19:17:27 GMT x-amzn-remapped-connection keep-alive
GET H2	200	h heapanalytics.com/	37 B 212 B	338ms 112ms	Image image/gif	54.85.106.126 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/h?a=2504404970&u=3150911402210748&v=8782589873663944&s=284097821299044&b=web&tv=4.0&z=0&g=%23%2F&h=%2F&d=login.financialengines.com&t=Login%20%7C%20Edelman%20Financial%20Engines&ts=1594063046387&pr=%2F&st=1594063046388&ei=110&et=default_control Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.85.106.126 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 06 Jul 2020 19:17:26 GMT server nginx etag W/"25-PqzQEyMQ6kTK11azeKO8Bw" content-type image/gif status 200 cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate content-length 37
GET H2	200	h heapanalytics.com/	37 B 212 B	335ms 113ms	Image image/gif	54.85.106.126 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/h?a=2504404970&u=3150911402210748&v=5637882820508429&s=284097821299044&b=web&tv=4.0&z=2&g=%23%2F&h=%2F&d=login.financialengines.com&t=Login%20%7C%20Edelman%20Financial%20Engines&ts=1594063046392&pr=%2F&sp=z&sp=0&sp=ts&sp=1594063046387&sp=d&sp=login.financialengines.com&sp=h&sp=%2F&sp=t&sp=Login%20%7C%20Edelman%20Financial%20Engines&sp=g&sp=%23%2F&st=1594063046392&ei=110&et=default_control Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.85.106.126 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Mon, 06 Jul 2020 19:17:26 GMT server nginx etag W/"25-PqzQEyMQ6kTK11azeKO8Bw" content-type image/gif status 200 cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate content-length 37
GET H/1.1	200 OK	vendors~route-create-credentials~route-login.d1a31585f1955ad6109d.js Show response login.financialengines.com/	46 KB 46 KB	169ms 169ms	Script application/javascript	2600:9000:214f:5800:1:29d5:4480:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.financialengines.com/vendors~route-create-credentials~route-login.d1a31585f1955ad6109d.js Requested by Host: login.financialengines.com URL: https://login.financialengines.com/main.cc5a8dccdd11bb11bc41.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:5800:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 972d5f7c3235a151842c2ac83ee2b1a90c755b96fe5d726b24ec53826a08de98 Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 06 Jul 2020 19:17:28 GMT Via 1.1 8d31bbd9d6638cdacab37047b8045da4.cloudfront.net (CloudFront) Last-Modified Thu, 02 Jul 2020 16:58:13 GMT Server AmazonS3 X-Amz-Cf-Pop FRA53-C1 ETag "fced9064b663df85b3a4b4ddfb046c0f" X-Cache RefreshHit from cloudfront Content-Type application/javascript Connection keep-alive Content-Length 46660 X-Amz-Cf-Id sirf31dEji-C5IYL4o-PoDA7S-FXSRjvv6Lvdd2GqAN-uXbwFM8hhQ==
GET H/1.1	200 OK	login-route-settings~route-create-credentials~route-forgot-password~route-login.8d2bf9cf0580c0baef2d.js Show response login.financialengines.com/	15 KB 15 KB	240ms 239ms	Script application/javascript	2600:9000:214f:5800:1:29d5:4480:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.financialengines.com/login-route-settings~route-create-credentials~route-forgot-password~route-login.8d2bf9cf0580c0baef2d.js Requested by Host: login.financialengines.com URL: https://login.financialengines.com/main.cc5a8dccdd11bb11bc41.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:5800:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 92f2bac9d429135d63b4c8d743fb5b3eb4881928abb2a2fcd425589bb6b6328f Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 06 Jul 2020 19:17:28 GMT Via 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront) Last-Modified Thu, 02 Jul 2020 16:58:13 GMT Server AmazonS3 X-Amz-Cf-Pop FRA53-C1 ETag "3ff15bd10358a69fb021ea356a0a95c8" X-Cache Miss from cloudfront Content-Type application/javascript Connection keep-alive Content-Length 15172 X-Amz-Cf-Id Y_cbqlxIDrEggx68h1fqYQD1zbDXAO8iZh5Gk1zgVesmenWGq_DcQg==
GET H/1.1	200 OK	route-create-credentials~route-login.9a0c8f36a2d074a29b8c.js Show response login.financialengines.com/	41 KB 42 KB	409ms 394ms	Script application/javascript	2600:9000:214f:5800:1:29d5:4480:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.financialengines.com/route-create-credentials~route-login.9a0c8f36a2d074a29b8c.js Requested by Host: login.financialengines.com URL: https://login.financialengines.com/main.cc5a8dccdd11bb11bc41.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:5800:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b51fc4333b6adc8f78ed4350e9aba633c6548346b0321be530b3bab36eca33c3 Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 06 Jul 2020 19:17:29 GMT Via 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront) Last-Modified Thu, 02 Jul 2020 16:58:13 GMT Server AmazonS3 X-Amz-Cf-Pop FRA53-C1 ETag "27a948425b4de978ec729a4cffa9abaa" X-Cache Miss from cloudfront Content-Type application/javascript Connection keep-alive Content-Length 42084 X-Amz-Cf-Id bf4qM9xsZmPX4eLH0yh5nGCVAjFQpYDvTZ0Pl5dvCDgJwnKna3zq7Q==
GET H/1.1	200 OK	route-login.b0594d8ead68c031a0ae.js Show response login.financialengines.com/	37 KB 37 KB	250ms 233ms	Script application/javascript	2600:9000:214f:5800:1:29d5:4480:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://login.financialengines.com/route-login.b0594d8ead68c031a0ae.js Requested by Host: login.financialengines.com URL: https://login.financialengines.com/main.cc5a8dccdd11bb11bc41.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:5800:1:29d5:4480:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2a0c06cb8e56f3501fc1ed9e3d890cb9cce6380d85efe8ec6c243363d39bbb94 Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 06 Jul 2020 19:17:28 GMT Via 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront) Last-Modified Thu, 02 Jul 2020 16:58:13 GMT Server AmazonS3 X-Amz-Cf-Pop FRA53-C1 ETag "65c205681a40865bf5fa528ae3dc6583" X-Cache Miss from cloudfront Content-Type application/javascript Connection keep-alive Content-Length 37430 X-Amz-Cf-Id HdhnPRGN0Y4QsFHN6yUQ6_q8LtY3nuQOcQc-8nDnSw0rTpSw-B1v7g==
GET DATA	200 OK	truncated /	7 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 70098e0c88953ed2274aadd120a81b06bf6a68cfe634c982437ba5b71e357f12 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a9b819240fac368d452a1b1365bf5c285afdd51e401875e5c41be31d48fd44a3 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c58a5b3355be6e3a3cfdc44a2b0166115d27465483391cd755be3484ddd91629 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
POST H/1.1	200 OK	collector Show response http-inputs-financialengines.splunkcloud.com/services/	27 B 476 B	186ms 186ms	XHR application/json	52.27.59.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://http-inputs-financialengines.splunkcloud.com/services/collector Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.59.77 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Splunkd / Resource Hash 3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 06 Jul 2020 19:17:28 GMT X-Content-Type-Options nosniff Server Splunkd Access-Control-Allow-Headers Authorization X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods POST,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://login.financialengines.com Access-Control-Allow-Credentials true Connection keep-alive Vary Authorization, Origin Content-Length 27
POST H/1.1	200 OK	collector Show response http-inputs-financialengines.splunkcloud.com/services/	27 B 476 B	186ms 186ms	XHR application/json	52.27.59.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://http-inputs-financialengines.splunkcloud.com/services/collector Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.59.77 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Splunkd / Resource Hash 3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 06 Jul 2020 19:17:28 GMT X-Content-Type-Options nosniff Server Splunkd Access-Control-Allow-Headers Authorization X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods POST,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://login.financialengines.com Access-Control-Allow-Credentials true Connection keep-alive Vary Authorization, Origin Content-Length 27
GET H2	200	status Show response gateway.financialengines.com/auth/v1/session/	121 B 830 B	470ms 470ms	XHR application/json	13.35.254.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gateway.financialengines.com/auth/v1/session/status?d=1594063047785 Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.254.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 53e904c853e412f0ba1f84ae9265b32ed823ed3714a363060bafd2946f7b89ee Request headers Accept application/json, text/plain, */* Cache-Control no-cache, no-store, must-revalidate Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 06 Jul 2020 19:17:28 GMT content-encoding UTF-8 vary origin x-amz-cf-pop FRA6-C1 x-amzn-requestid 2da6de48-576a-4950-bc3d-a0adb79d1ee0 x-cache Miss from cloudfront status 200 x-amz-apigw-id PQ_PXH_1yK4Fi_w= content-length 121 access-control-allow-origin https://login.financialengines.com x-amzn-trace-id Root=1-5f0378c8-9f264dba1ac1d42cf730f1d6;Sampled=0 access-control-max-age 86500 access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT content-type application/json;charset=UTF-8 via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) access-control-allow-credentials true access-control-allow-headers Content-Type,X-Amz-Date,Authorization,Cookie,X-Api-Key,X-Amz-Security-Token,x-fe-client,x-fe-context,x-fe-poid,x-fe-uuid,x-fe-env,x-spa-name,x-spa-guid,cache-control,expires,if-modified-since,pragma x-amz-cf-id j_jQzqhdqi-Zu63-8vY6cyuBb6yZqk1YjQrjP54WsiuPJigs4wtLCg==
GET		ARSMaquettePro-Bold.otf fonts.financialengines.io/	0 0
GET		ARSMaquettePro-Regular.otf fonts.financialengines.io/	0 0
GET H2	200	idpinfo Show response gateway.financialengines.com/identity/v1/credentials/	717 B 1 KB	499ms 499ms	XHR application/json	13.35.254.34 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gateway.financialengines.com/identity/v1/credentials/idpinfo?d=1594063048376 Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.35.254.34 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash c75506c80f35f51d45c6b90e95bb58e4355f7b27a00da0bf9392ec20a275e01a Request headers x-spa-name RETAIL_SITE Accept application/json, text/plain, */* Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers fngn-timer et=1 via 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront) vary origin x-amz-cf-pop FRA6-C1 x-amzn-requestid 2240b3bb-e29f-41da-83b3-ce7acadf2651 x-cache Miss from cloudfront status 200 date Mon, 06 Jul 2020 19:17:29 GMT x-amz-apigw-id PQ_PeFoxyK4FTrg= content-length 717 x-amzn-trace-id Root=1-5f0378c9-0c83acec7b1a56743221853c;Sampled=1 access-control-max-age 86500 access-control-allow-methods DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT content-type application/json;charset=UTF-8 access-control-allow-origin https://login.financialengines.com access-control-allow-credentials true access-control-allow-headers Content-Type,X-Amz-Date,Authorization,Cookie,X-Api-Key,X-Amz-Security-Token,x-fe-client,x-spa-name,x-fe-context,x-fe-poid,x-fe-uuid x-amz-cf-id WGRjXdoJgJx-z3B5uNHBi8GtfLC6q59kmJoTQuZZgg8PlhqX7M0LOQ==
POST H/1.1	200 OK	collector Show response http-inputs-financialengines.splunkcloud.com/services/	27 B 476 B	186ms 186ms	XHR application/json	52.27.59.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://http-inputs-financialengines.splunkcloud.com/services/collector Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.59.77 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Splunkd / Resource Hash 3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 06 Jul 2020 19:17:29 GMT X-Content-Type-Options nosniff Server Splunkd Access-Control-Allow-Headers Authorization X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods POST,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://login.financialengines.com Access-Control-Allow-Credentials true Connection keep-alive Vary Authorization, Origin Content-Length 27
POST H/1.1	200 OK	collector Show response http-inputs-financialengines.splunkcloud.com/services/	27 B 476 B	370ms 186ms	XHR application/json	52.27.59.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://http-inputs-financialengines.splunkcloud.com/services/collector Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.59.77 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Splunkd / Resource Hash 3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 06 Jul 2020 19:17:29 GMT X-Content-Type-Options nosniff Server Splunkd Access-Control-Allow-Headers Authorization X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods POST,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://login.financialengines.com Access-Control-Allow-Credentials true Connection keep-alive Vary Authorization, Origin Content-Length 27
POST H/1.1	200 OK	collector Show response http-inputs-financialengines.splunkcloud.com/services/	27 B 476 B	368ms 186ms	XHR application/json	52.27.59.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://http-inputs-financialengines.splunkcloud.com/services/collector Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.59.77 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Splunkd / Resource Hash 3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 06 Jul 2020 19:17:29 GMT X-Content-Type-Options nosniff Server Splunkd Access-Control-Allow-Headers Authorization X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods POST,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://login.financialengines.com Access-Control-Allow-Credentials true Connection keep-alive Vary Authorization, Origin Content-Length 27
POST H/1.1	200 OK	collector Show response http-inputs-financialengines.splunkcloud.com/services/	27 B 476 B	197ms 197ms	XHR application/json	52.27.59.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://http-inputs-financialengines.splunkcloud.com/services/collector Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.59.77 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Splunkd / Resource Hash 3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 06 Jul 2020 19:17:29 GMT X-Content-Type-Options nosniff Server Splunkd Access-Control-Allow-Headers Authorization X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods POST,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://login.financialengines.com Access-Control-Allow-Credentials true Connection keep-alive Vary Authorization, Origin Content-Length 27
POST H/1.1	200 OK	collector Show response http-inputs-financialengines.splunkcloud.com/services/	27 B 476 B	187ms 187ms	XHR application/json	52.27.59.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://http-inputs-financialengines.splunkcloud.com/services/collector Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.59.77 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Splunkd / Resource Hash 3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 06 Jul 2020 19:17:29 GMT X-Content-Type-Options nosniff Server Splunkd Access-Control-Allow-Headers Authorization X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods POST,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://login.financialengines.com Access-Control-Allow-Credentials true Connection keep-alive Vary Authorization, Origin Content-Length 27
GET H2	200	okta-sign-in.min.js Show response global.oktacdn.com/okta-signin-widget/4.1.1/js/	1 MB 331 KB	116ms 38ms	Script application/x-javascript	13.224.102.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://global.oktacdn.com/okta-signin-widget/4.1.1/js/okta-sign-in.min.js Requested by Host: login.financialengines.com URL: https://login.financialengines.com/route-create-credentials~route-login.9a0c8f36a2d074a29b8c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.102.35 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 13f3150bab7d70649fd91363b560607bad391f2310e301fc7b6a32beb10e2f5a Security Headers Name Value Strict-Transport-Security max-age=315360000 X-Content-Type-Options nosniff Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 06 Jul 2020 04:34:14 GMT content-encoding gzip x-content-type-options nosniff age 52996 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED strict-transport-security max-age=315360000 access-control-allow-origin * last-modified Sat, 30 May 2020 04:41:37 GMT server AmazonS3 vary Accept-Encoding x-amz-version-id jT5LUKkQ_7I.QQwBIXmEjxHjFFK.BUp7 via 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront) cache-control public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop ZRH50-C1 content-type application/x-javascript x-amz-cf-id Ix1-ZTs7tM3fvkohqcaI9aZxMHae8URyWazDP8amGcqfAqnl5oOINw==
GET H2	200	okta-sign-in.min.css global.oktacdn.com/okta-signin-widget/4.1.1/css/	183 KB 26 KB	116ms 38ms	Stylesheet text/css	13.224.102.35 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://global.oktacdn.com/okta-signin-widget/4.1.1/css/okta-sign-in.min.css Requested by Host: login.financialengines.com URL: https://login.financialengines.com/route-create-credentials~route-login.9a0c8f36a2d074a29b8c.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 13.224.102.35 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7cddd47762b57d413b15b195f8d497bac49a25556c4380ac88d90b8ae71b24d5 Security Headers Name Value Strict-Transport-Security max-age=315360000 X-Content-Type-Options nosniff Request headers Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 06 Jul 2020 15:50:13 GMT content-encoding gzip x-content-type-options nosniff age 12437 x-cache Hit from cloudfront status 200 x-amz-replication-status COMPLETED strict-transport-security max-age=315360000 access-control-allow-origin * last-modified Sat, 30 May 2020 04:41:37 GMT server AmazonS3 vary Accept-Encoding x-amz-version-id OcsCkC08XOzaKdKHxu7L2djVOWtWvXi7 via 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f749.cloudfront.net (CloudFront) cache-control public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop ZRH50-C1 content-type text/css x-amz-cf-id -cxf_qI2jxlrOmIV9vjkD79japWueKRmabM5yFZafzItcWfgCWFDWw==
POST H/1.1	200 OK	collector Show response http-inputs-financialengines.splunkcloud.com/services/	27 B 476 B	188ms 188ms	XHR application/json	52.27.59.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://http-inputs-financialengines.splunkcloud.com/services/collector Requested by Host: login.financialengines.com URL: https://login.financialengines.com/vendors~main.7010b402c31fd24d6b31.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.27.59.77 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Splunkd / Resource Hash 3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Accept application/json, text/plain, */* Referer https://login.financialengines.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Authorization Splunk 9F8BDE0C-3ED2-4001-8C3A-2B425E129E65 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 06 Jul 2020 19:17:30 GMT X-Content-Type-Options nosniff Server Splunkd Access-Control-Allow-Headers Authorization X-Frame-Options SAMEORIGIN Access-Control-Allow-Methods POST,OPTIONS Content-Type application/json; charset=UTF-8 Access-Control-Allow-Origin https://login.financialengines.com Access-Control-Allow-Credentials true Connection keep-alive Vary Authorization, Origin Content-Length 27

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.financialengines.io

URL

https://fonts.financialengines.io/ARSMaquettePro-Bold.otf

Domain

fonts.financialengines.io

URL

https://fonts.financialengines.io/ARSMaquettePro-Regular.otf

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| heap object| wbpkJsonP object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| FEI_THEME object| global object| System function| asap function| Observable object| regeneratorRuntime boolean| _babelPolyfill object| Backbone function| jQueryCourage function| OktaSignIn

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
fonts.financialengines.io
gateway.financialengines.com
global.oktacdn.com
heapanalytics.com
http-inputs-financialengines.splunkcloud.com
login.financialengines.com
fonts.financialengines.io
13.224.102.111
13.224.102.35
13.35.254.34
2600:9000:214f:5800:1:29d5:4480:93a1
52.27.59.77
54.85.106.126
04e14411429ae29b32b4cf931bf7224a5a344e56e103890efe5b18398c62656a
13f3150bab7d70649fd91363b560607bad391f2310e301fc7b6a32beb10e2f5a
2a0c06cb8e56f3501fc1ed9e3d890cb9cce6380d85efe8ec6c243363d39bbb94
3b00f27dd1c4ad2a459a2c6894d46799cac263f9c9e74f870d0954a4dab5fa78
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
53e904c853e412f0ba1f84ae9265b32ed823ed3714a363060bafd2946f7b89ee
5e8dfa6cb36aee5fd46758488f1e66833b145ccc193eab4bc11c79821335727b
70098e0c88953ed2274aadd120a81b06bf6a68cfe634c982437ba5b71e357f12
7cddd47762b57d413b15b195f8d497bac49a25556c4380ac88d90b8ae71b24d5
92f2bac9d429135d63b4c8d743fb5b3eb4881928abb2a2fcd425589bb6b6328f
972d5f7c3235a151842c2ac83ee2b1a90c755b96fe5d726b24ec53826a08de98
a9b819240fac368d452a1b1365bf5c285afdd51e401875e5c41be31d48fd44a3
b51fc4333b6adc8f78ed4350e9aba633c6548346b0321be530b3bab36eca33c3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c58a5b3355be6e3a3cfdc44a2b0166115d27465483391cd755be3484ddd91629
c75506c80f35f51d45c6b90e95bb58e4355f7b27a00da0bf9392ec20a275e01a
f16136fd34965934c304d4941b1c78020770ba26330600b0c7db75bff2160c1b
f849b39442dd1ab2c58e0d11da1b61ec119a60ff6218c0a752ddeb7854148dac