pages.financialengines.com Open in urlscan Pro
54.93.101.66 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.mail.edelmanfinancialengines.com/?qs=e85dcc634a038a276429aadb9b3803789ec3935fc8a0725b9098e14d033e312303ea163156895de5b25697bc4f15...
Effective URL:
https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANO...
Submission: On December 16 via api (December 16th 2020, 7:18:35 pm UTC) from US

Summary HTTP 52 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 15 domains to perform 52 HTTP transactions. The main IP is 54.93.101.66, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.financialengines.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 5th 2020. Valid for: 3 months.

This is the only time pages.financialengines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.148.97 13.111.148.97	22606 (EXACT-7) (EXACT-7)
1 11	2a02:26f0:6c0... 2a02:26f0:6c00:2bf::2d5b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	54.93.101.66 54.93.101.66	16509 (AMAZON-02) (AMAZON-02)
2	54.230.206.127 54.230.206.127	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:201... 2600:9000:2016:8000:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a02:26f0:6c0... 2a02:26f0:6c00:294::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.109.66.152 104.109.66.152	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	52.222.190.53 52.222.190.53	16509 (AMAZON-02) (AMAZON-02)
1	34.224.248.58 34.224.248.58	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
10	52.88.36.255 52.88.36.255	16509 (AMAZON-02) (AMAZON-02)
1 5	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
52	18

1 13.111.148.97 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.mail.edelmanfinancialengines.com

click.mail.edelmanfinancialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a02:26f0:6c00:2bf::2d5b (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

www.financialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.101.66 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-101-66.eu-central-1.compute.amazonaws.com

pages.financialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.206.127 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-206-127.ham50.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2016:8000:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:294::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.66.152 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-66-152.deploy.static.akamaitechnologies.com

www.feitest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.190.53 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-190-53.ham50.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.224.248.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-248-58.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.88.36.255 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-36-255.us-west-2.compute.amazonaws.com

http-inputs-financialengines.splunkcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 15.237.136.106 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

somtr.financialengines.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	financialengines.com 3 redirects www.financialengines.com pages.financialengines.com somtr.financialengines.com	55 KB
10	splunkcloud.com http-inputs-financialengines.splunkcloud.com	2 KB
5	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	67 KB
4	gstatic.com fonts.gstatic.com	40 KB
4	crazyegg.com script.crazyegg.com	37 KB
3	adobedtm.com assets.adobedtm.com	56 KB
2	facebook.net connect.facebook.net	31 KB
2	unbounce.com builder-assets.unbounce.com	37 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	facebook.com www.facebook.com	377 B
1	ub-analytics.com events.ub-analytics.com	245 B
1	googletagmanager.com www.googletagmanager.com	59 KB
1	feitest.com www.feitest.com	73 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	7 KB
1	edelmanfinancialengines.com 1 redirects click.mail.edelmanfinancialengines.com	397 B
52	15

	Domain	Requested by
11	www.financialengines.com	1 redirects pages.financialengines.com www.feitest.com
10	http-inputs-financialengines.splunkcloud.com	www.feitest.com
5	somtr.financialengines.com	1 redirects pages.financialengines.com
4	fonts.gstatic.com	fonts.googleapis.com
4	script.crazyegg.com	pages.financialengines.com script.crazyegg.com www.googletagmanager.com
3	d9hhrg4mnvzow.cloudfront.net	pages.financialengines.com
3	assets.adobedtm.com	pages.financialengines.com assets.adobedtm.com
2	connect.facebook.net	pages.financialengines.com connect.facebook.net
2	d34qb8suadcc4g.cloudfront.net	pages.financialengines.com d34qb8suadcc4g.cloudfront.net
2	builder-assets.unbounce.com	pages.financialengines.com
2	pages.financialengines.com	1 redirects
1	fonts.googleapis.com	builder-assets.unbounce.com
1	www.facebook.com	pages.financialengines.com
1	events.ub-analytics.com	pages.financialengines.com
1	www.googletagmanager.com	pages.financialengines.com
1	www.feitest.com	pages.financialengines.com
1	stackpath.bootstrapcdn.com	pages.financialengines.com
1	click.mail.edelmanfinancialengines.com	1 redirects
52	18

This site contains links to these domains. Also see Links.

Domain
www.edelmanfinancialengines.com
legaldocs.financialengines.io
www.financialengines.com
edelmanfinancialengines.com
timetrade.com

Subject Issuer	Validity	Valid
pages.financialengines.com Let's Encrypt Authority X3	`2020-11-05` - `2021-02-03`	3 months	crt.sh
*.unbounce.com Amazon	`2020-04-08` - `2021-05-08`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
www.financialengines.com DigiCert SHA2 Extended Validation Server CA	`2019-01-31` - `2021-05-05`	2 years	crt.sh
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-09-22` - `2021-10-12`	a year	crt.sh
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA	`2019-10-22` - `2021-10-01`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
www.feitest.com DigiCert SHA2 Extended Validation Server CA	`2019-01-31` - `2021-05-05`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.ub-analytics.com Amazon	`2020-06-08` - `2021-07-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-10` - `2021-02-02`	3 months	crt.sh
*.splunkcloud.com DigiCert SHA2 Secure Server CA	`2019-05-01` - `2021-05-07`	2 years	crt.sh
somtr.financialengines.com DigiCert SHA2 Secure Server CA	`2020-05-19` - `2022-05-24`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Frame ID: C3D82155DBBF4A3159962363AAB0D61E
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.mail.edelmanfinancialengines.com/?qs=e85dcc634a038a276429aadb9b3803789ec3935fc8a0725b9098e14d033e312303ea1631... HTTP 302
https://www.financialengines.com/framework/emaillogin.act?&tok=3rs3qnsy2lgl95wd93vbggnjwnb2flhe&type=MARKETIN... HTTP 302
https://pages.financialengines.com/recency-bias?testGroup=&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%... HTTP 301
https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%... Page URL

Page Statistics

52
Requests

98 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

18
IPs

6
Countries

463 kB
Transfer

1387 kB
Size

18
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.edelmanfinancialengines.com/about-us/edelman-financial-engines
Title: About Edelman Financial Engines

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/FEA_PrivacyPolicy_MA.pdf
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/OnlinePrivacyStatement.pdf
Title: Online Privacy Statement

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/Chat_Usage_terms.pdf
Title: Chat Usage Terms

Search URL Search Domain Scan URL

URL: https://www.financialengines.com/FeContent?s=GW-PRD-20201216-1118-0000162&pact=welcome&br=561&act=survey&pt=legacyForSpa
Title: Feedback

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/DNSMPI.pdf
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://edelmanfinancialengines.com/patent-information
Title: https://edelmanfinancialengines.com/patent-information

Search URL Search Domain Scan URL

URL: https://timetrade.com/app/financialengines/workflows/financial0013/schedule/?locationId=hfinancialengine&appointmentTypeId=planning-forward-Q4
Title: Schedule an Appointment

Search URL Search Domain Scan URL

URL: https://www.edelmanfinancialengines.com/media/pdf/DNSMPI
Title: Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/FEA_ProfManagement_Terms.pdf
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Fidelity/Fidelity_Sponsor_Specific/Chubb/chubbfmr_Supp.pdf
Title: Supplement & Additional Disclosure

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/WebsiteTermsofService.pdf
Title: Website Terms of Service

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/SecurityStatement.pdf
Title: Security Statement

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/FEA_ADV2A_B.pdf
Title: Disclosure Brochure

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/TotalRetirementAdvice_Supplement.pdf
Title: Advice on Outside Accounts

Search URL Search Domain Scan URL

URL: https://legaldocs.financialengines.io/Master/FEA_CRS.pdf
Title: Form CRS

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.mail.edelmanfinancialengines.com/?qs=e85dcc634a038a276429aadb9b3803789ec3935fc8a0725b9098e14d033e312303ea163156895de5b25697bc4f150304af07427f5c057e82bdfdd02d7783c203 HTTP 302
https://www.financialengines.com/framework/emaillogin.act?&tok=3rs3qnsy2lgl95wd93vbggnjwnb2flhe&type=MARKETING_LANDING_PAGE&landingPageName=recency-bias&s_cid=em:FMR:chubbfmr:Wellbeing:NON_RECURRING:NONE:385866|7918636|336 HTTP 302
https://pages.financialengines.com/recency-bias?testGroup=&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336 HTTP 301
https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/s27999606873986?AQB=1&ndh=1&pf=1&t=16%2F11%2F2020%2020%3A18%3A18%203%20-60&D=D%3D&fid=7037983FF96EF37C-1F8AB3E936AF16C3&ce=UTF-8&ns=financialengines&pageName=recency-bias%3A%3Ad&g=https%3A%2F%2Fpages.financialengines.com%2Frecency-bias%2F%3FtestGroup%26poid%3Dchubbfmr%26s_cid%3Dem%253AFMR%253Achubbfmr%253AWellbeing%253ANON_RECURRING%253ANONE%253A385866%257C7918636%257C336&cc=USD&events=event1&c3=11%3A18%20am%20-%20wednesday&v3=D%3Dc3&c10=2.7&c11=entry&v11=D%3Dc11&c15=D%3Dpagename&v15=D%3Dpagename&v19=%2B1&v20=%2B1&v22=D%3Dg&v23=referrer%20not%20available&v24=D%3Duser-agent&v32=em%3Afmr%3Achubbfmr%3Awellbeing%3Anon_recurring%3Anone%3A385866%7C7918636%7C336&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/s27999606873986?AQB=1&pccr=true&vidn=2FED2EBD0515BB33-4000082699A5F7F5&ndh=1&pf=1&t=16%2F11%2F2020%2020%3A18%3A18%203%20-60&D=D%3D&fid=7037983FF96EF37C-1F8AB3E936AF16C3&ce=UTF-8&ns=financialengines&pageName=recency-bias%3A%3Ad&g=https%3A%2F%2Fpages.financialengines.com%2Frecency-bias%2F%3FtestGroup%26poid%3Dchubbfmr%26s_cid%3Dem%253AFMR%253Achubbfmr%253AWellbeing%253ANON_RECURRING%253ANONE%253A385866%257C7918636%257C336&cc=USD&events=event1&c3=11%3A18%20am%20-%20wednesday&v3=D%3Dc3&c10=2.7&c11=entry&v11=D%3Dc11&c15=D%3Dpagename&v15=D%3Dpagename&v19=%2B1&v20=%2B1&v22=D%3Dg&v23=referrer%20not%20available&v24=D%3Duser-agent&v32=em%3Afmr%3Achubbfmr%3Awellbeing%3Anon_recurring%3Anone%3A385866%7C7918636%7C336&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
pages.financialengines.com/recency-bias/
Redirect Chain

https://click.mail.edelmanfinancialengines.com/?qs=e85dcc634a038a276429aadb9b3803789ec3935fc8a0725b9098e14d033e312303ea163156895de5b25697bc4f150304af07427f5c057e82bdfdd02d7783c203
https://www.financialengines.com/framework/emaillogin.act?&tok=3rs3qnsy2lgl95wd93vbggnjwnb2flhe&type=MARKETING_LANDING_PAGE&landingPageName=recency-bias&s_cid=em:FMR:chubbfmr:Wellbeing:NON_RECURRIN...
https://pages.financialengines.com/recency-bias?testGroup=&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336

49 KB
11 KB

446ms
176ms

Document
text/html

54.93.101.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.93.101.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-101-66.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 7c3ed55379ec12c3a5a591759d049d9f1a5f5ebda59556f63130559e361d0a87

Request headers

Host: pages.financialengines.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: sessFlag=true; sessionToken=f67a8d3c-b019-452b-a716-475cfe800c3d; authType=aws; s=GW-PRD-20201216-1118-0000136; sessionId=GW-PRD-20201216-1118-0000136; daVars=%7B%22sponsorDateStamp%22%3A%22chubbfmr%3A20201216%22%2C%22enrStatus%22%3A%22MEMBER%22%2C%22envType%22%3A%22USER_PROD%22%2C%22providerId%22%3A%22FMR%22%2C%22sponsorId%22%3A%22chubbfmr%22%2C%22namespace%22%3A%22%22%2C%22userType%22%3A%22USER%22%2C%22sessionId%22%3A%22GW-PRD-20201216-1118-0000136%22%2C%22isUserTemp%22%3A%22false%22%2C%22pageName%22%3A%22%22%2C%22userId%22%3A%2250207228%22%7D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:17 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
p3p: CP="This is not a privacy policy."
x-unbounce-pageid: 98eb4ae2-dbf3-4c68-b193-ca9841f5ca6e
etag: aa44811a3e4f59bdade88a8e2d79241d
content-location: https://pages.financialengines.com/recency-bias/
x-unbounce-visitorid: 185.212.171.671609530813235790
last-modified: Fri, 04 Dec 2020 16:11:42 GMT
x-unbounce-variant: d
link: <https://pages.financialengines.com/recency-bias/>; rel="canonical"
set-cookie: ubpv=d%2C98eb4ae2-dbf3-4c68-b193-ca9841f5ca6e; Max-Age=15897600; Expires=Fri, 18 Jun 2021 19:18:17 GMT; Path=/recency-bias/; SameSite=Lax ubrs=weighted; Path=/recency-bias/; SameSite=Lax ubvs=185.212.171.671609530813235790; Max-Age=15552000; Expires=Mon, 14 Jun 2021 19:18:17 GMT; Path=/; SameSite=Lax ubvt=185.212.171.671609530813235790; Max-Age=259200; Expires=Sat, 19 Dec 2020 19:18:17 GMT; Path=/; Domain=financialengines.com; SameSite=Lax
content-encoding: gzip
x-proxy-backend: page-server
connection: close

Redirect headers

date: Wed, 16 Dec 2020 19:18:17 GMT
content-length: 0
p3p: CP="This is not a privacy policy."
location: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
x-proxy-backend: page-server
connection: close

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 462ms
165ms Stylesheet
text/css 54.230.206.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: pages.financialengines.com
URL: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-127.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 24 Nov 2020 03:11:27 GMT
content-encoding: gzip
last-modified: Tue, 13 Oct 2020 18:07:31 GMT
server: AmazonS3
age: 1958812
etag: "28fa98fe25303c5ad925ec69772dc187"
x-cache: Hit from cloudfront
x-amz-version-id: 4VmJ1x7od43SnXCa..jwUNq42n6sY1UH
via: 1.1 150f57582a5422af77de04444db8acf9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: eOENKI0I7mt4LKdoxThPIAWRZCmj56FeKt0DHrqvRy94fQSdkm572A==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 52ms
16ms Script
application/javascript 2600:9000:2016:8000:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293159
Requested by: Host: pages.financialengines.com
URL: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:8000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 23 Nov 2020 07:27:16 GMT
content-encoding: gzip
last-modified: Fri, 13 Nov 2020 18:45:36 GMT
server: AmazonS3
age: 2029862
etag: "91086183e2039359e4bf5622dfb57722"
x-cache: Hit from cloudfront
x-amz-version-id: D6xyQ1UlRnHjPycouA5Yb4DYOQiJWBkd
via: 1.1 a0c82b0230a7e14a68e3ce4ae3eed807.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 1992
x-amz-cf-id: vDdVwO0ARFOyFx5ZJO859zpIWuOJzX1gSm4wiqOYi5mi9RMYzrQApw==

GET
H/1.1 200
OK landing-page.616cfdfc103767f77eae.css
www.financialengines.com/app/landing-utils/ 26 KB
5 KB 9ms
8ms Stylesheet
text/css 2a02:26f0:6c00:2bf::2d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.financialengines.com/app/landing-utils/landing-page.616cfdfc103767f77eae.css

Requested by

Host: pages.financialengines.com
URL: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bf::2d5b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e015cd6e8ee38c307ccc401c6a7a40d891467ebdbf011d41c49001e867d58d58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 19:18:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 04 Dec 2020 22:24:29 GMT
Server: AmazonS3
x-amz-request-id: 26D7CA8CD328742D
ETag: "8938b77b93d4ae4b266603dd2f3cf79d-gzip"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Connection: keep-alive
Content-Length: 4921
x-amz-id-2: evMqU+jkMVifASkD/8CPOAnwSNrIR56/2TGRr1Lq23cXn81RK6rSsKu8MD+kabI3KCegqIvLRM8=
Expires: Sun, 10 Jan 2021 17:19:37 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 31ms
14ms Stylesheet
text/css 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 12 Dec 2018 18:35:20 GMT
etag: "1544639720"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7050

GET
H2 200 main.bundle-5c6e41c.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 172ms
172ms Script
application/javascript 54.230.206.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by: Host: pages.financialengines.com
URL: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.206.127 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-206-127.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 30 Nov 2020 02:11:19 GMT
content-encoding: gzip
last-modified: Tue, 13 Oct 2020 18:07:24 GMT
server: AmazonS3
age: 1444020
etag: "8f54ee429acc92c4ec90173c4494c176"
x-cache: Hit from cloudfront
x-amz-version-id: 3Tf5CLt4Hplptlwy2gR6SrQuS3YM4exc
via: 1.1 150f57582a5422af77de04444db8acf9.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C3
accept-ranges: bytes
content-type: application/javascript
content-length: 33645
x-amz-cf-id: N2NP3P_iFZW7ztZAzdn2zuZBQ7twJzpgu5wtiJSmPKW45BzNtI3XbQ==

GET
H2 200 satelliteLib-f5c5c34650a8490ac30a69d9a07c5f48ff96098e.js Show response
assets.adobedtm.com/a0e3941d5a9d6f0c3911ec5acd84602babe03b22/ 177 KB
36 KB 30ms
7ms Script
application/x-javascript 2a02:26f0:6c00:294::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a0e3941d5a9d6f0c3911ec5acd84602babe03b22/satelliteLib-f5c5c34650a8490ac30a69d9a07c5f48ff96098e.js
Requested by: Host: pages.financialengines.com
URL: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3adfc359f1ee9a7682f9a765b05e9e593c4624bf1062fc0686212b131d0d2002

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:17 GMT
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 20:56:02 GMT
server: AkamaiNetStorage
etag: "e8332e097a56f9404dbe2e68834f875a:1591304162.663524"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://pages.financialengines.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 36645
expires: Wed, 16 Dec 2020 20:18:17 GMT

GET
H2 200 4033.js Show response
script.crazyegg.com/pages/scripts/0014/ 3 KB
2 KB 36ms
19ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0014/4033.js
Requested by: Host: pages.financialengines.com
URL: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37000badf11efc14a49c2635c86f79cf25a05bc8ca6b1977757dfe38262c227

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 12659
cf-polished: origSize=2833
ce-version: 11.1.168
cf-request-id: 070e963d4e00002bf2f3809000000001
last-modified: Wed, 16 Dec 2020 15:47:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 602abfdbad822bf2-FRA
cf-bgj: minify

GET
H/1.1 200
OK main.616cfdfc103767f77eae.js Show response
www.feitest.com/app/landing-utils/ 260 KB
73 KB 542ms
137ms Script
application/javascript 104.109.66.152
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.109.66.152 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a104-109-66-152.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

7be8ce944d01ffcd8471634f93a652c77054cab3dfb71a7ac6108b2e47840217

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 19:18:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 16 Dec 2020 13:31:20 GMT
Server: AmazonS3
x-amz-request-id: 6524BC040589F078
ETag: "e3dbde324f8d0dd1cd470f2a52c0065c"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: max-age=1320
Connection: keep-alive
Content-Length: 74330
x-amz-id-2: eBAlaGd/BXdloe4JHklORMvEGPDDbC4dCgBQr+mEfUvYsXnyygnbkwGv6lUBq/w4+uGTCLTIRMs=
Expires: Wed, 16 Dec 2020 19:31:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 207 KB
59 KB 55ms
35ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P57D3K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c729c74777918365dbcebc25f1a714518d815bc87d345ad6fb8daac5d09d2fc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60210
x-xss-protection: 0
last-modified: Wed, 16 Dec 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 16 Dec 2020 19:18:18 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 16ms
16ms Script
application/javascript 2600:9000:2016:8000:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293159
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:8000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 01 Dec 2020 03:21:13 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 1353426
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 a0c82b0230a7e14a68e3ce4ae3eed807.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: q4u0dv2ZkMbONDJ8ZTwBlGA26TUnd260du7TlEk0RfGrUwkreZwgdg==

GET
H2 200 satellite-54fa41ef30663300162e0a00.js Show response
assets.adobedtm.com/a0e3941d5a9d6f0c3911ec5acd84602babe03b22/scripts/ 82 B
370 B 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:294::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a0e3941d5a9d6f0c3911ec5acd84602babe03b22/scripts/satellite-54fa41ef30663300162e0a00.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a0e3941d5a9d6f0c3911ec5acd84602babe03b22/satelliteLib-f5c5c34650a8490ac30a69d9a07c5f48ff96098e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0057f6effd37189f4535e1ee86aa10fceed6daceb5a98d6e11d7a496800e3429

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 20:56:03 GMT
server: AkamaiNetStorage
etag: "efbcb6cc22dc11b73cba59382fbab18d:1591304163.896181"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://pages.financialengines.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 99
expires: Wed, 16 Dec 2020 20:18:18 GMT

GET
H2 200 bfb6876e-1200-x-630-sell-or-ride-out-market-downturn_10uk0g20uk0cv00001l01o.jpg
d9hhrg4mnvzow.cloudfront.net/pages.financialengines.com/recency-bias/ 30 KB
31 KB 337ms
121ms Image
image/jpeg 52.222.190.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.financialengines.com/recency-bias/bfb6876e-1200-x-630-sell-or-ride-out-market-downturn_10uk0g20uk0cv00001l01o.jpg
Requested by: Host: pages.financialengines.com
URL: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.190.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-53.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5a67cc94c25a18930e18ed3a524332891a23fc26c382325cc0382c61cecd0f8

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 20:29:57 GMT
via: 1.1 9e9acb04b02acc35d5f161ce03745e26.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 16:11:42 GMT
server: AmazonS3
age: 82101
etag: "c157d730a845fb24485310122ce9ba1a"
x-cache: Hit from cloudfront
x-amz-version-id: _USJKAnPS1YBIufmb_MLwLtewwWPcpVd
cache-control: max-age=31557600
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-type: image/jpeg
content-length: 31120
x-amz-cf-id: gJTmasTkU9r1a_IPL2uFWKW3wHKPrTQIGagfKHEqcSI5p082MNGvSg==

GET
H/1.1 200
OK loader.gif
www.financialengines.com/app/landing-utils/images/ 12 KB
13 KB 10ms
9ms Image
image/gif 2a02:26f0:6c00:2bf::2d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.financialengines.com/app/landing-utils/images/loader.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bf::2d5b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

08dab7ccb9bedb2320454581f703d5a7c07f05f77a88e753e8e144a87ee85eb1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 19:18:18 GMT
Last-Modified: Fri, 16 Oct 2020 19:58:06 GMT
Server: AmazonS3
x-amz-request-id: F8CEF0B8905D8532
ETag: "ff81baf3f482ff35d044eebfbbe4f2d2"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=3024000
Connection: keep-alive
Content-Length: 12761
x-amz-id-2: n3FbJ6AwwPm9PPsXAMX4EOuiQJkHkowt2VrV7mmWkhxZxXrE0727GZf6t6DSjQuxgBMGAZKLGPA=
Expires: Tue, 05 Jan 2021 13:15:53 GMT

GET
H2 200 4033.json Show response
script.crazyegg.com/pages/data-scripts/0014/ 9 KB
2 KB 33ms
19ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0014/4033.json?t=5360487
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0014/4033.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 978d65e8fd7e111af1c24740d5a10dce9e18f2cc34d49f63a137e961fb7492bc

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 12650
ce-version: 11.1.168
content-length: 1208
cf-request-id: 070e963db100002b89de13a000000001
last-modified: Wed, 16 Dec 2020 15:47:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 602abfdc4c6b2b89-FRA

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 539ms
208ms Image
image/gif 34.224.248.58
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1608146298294&e=pv&url=https%3A%2F%2Fpages.financialengines.com%2Frecency-bias%2F%3FtestGroup%26poid%3Dchubbfmr%26s_cid%3Dem%253AFMR%253Achubbfmr%253AWellbeing%253ANON_RECURRING%253ANONE%253A385866%257C7918636%257C336&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=951d488b-c4be-4e5d-9c1b-edd876cd5ace&dtm=1608146298292&vp=1600x1200&ds=1600x3378&vid=1&sid=89701e7f-aabb-49d2-8fd2-91e3357b2f3d&duid=dfc4e1f4-097b-411a-a61b-10187f3cbd98&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiOThlYjRhZTItZGJmMy00YzY4LWIxOTMtY2E5ODQxZjVjYTZlIiwidmFyaWFudElkIjoiZCIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W119fV19
Requested by: Host: pages.financialengines.com
URL: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.248.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-248-58.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 16 Dec 2020 19:18:18 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
H2 200 4033.js Show response
script.crazyegg.com/pages/scripts/0014/ 3 KB
1 KB 15ms
14ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0014/4033.js?446707
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P57D3K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37000badf11efc14a49c2635c86f79cf25a05bc8ca6b1977757dfe38262c227

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 12659
cf-polished: origSize=2833
ce-version: 11.1.168
cf-request-id: 070e963dce00002bf26b23d000000001
last-modified: Wed, 16 Dec 2020 15:47:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 602abfdc7fdd2bf2-FRA
cf-bgj: minify

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 90 KB
24 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23366
x-xss-protection: 0
pragma: public
x-fb-debug: 5grQpELunfxQ1mKngUux6SLyYtWP96mcK6v1UwA49ai8XFkuCfjsQYORaomHXa7wQf7dSJsuFYEjhfMSUQSocw==
x-fb-trip-id: 436667874
x-frame-options: DENY
date: Wed, 16 Dec 2020 19:18:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 11.1.168.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 101 KB
33 KB 16ms
16ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.168.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0014/4033.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9178dafb986c66acf020750bea218b104054f797d99741bc131bdee6cb526a1e

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 07 Dec 2020 22:46:58 GMT
server: cloudflare
age: 13474
cf-polished: origSize=107473
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
cf-ray: 602abfdc7fe72bf2-FRA
cf-request-id: 070e963dd000002bf222abf000000001
cf-bgj: minify

GET
H2 200 373973092781882 Show response
connect.facebook.net/signals/config/ 25 KB
8 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/373973092781882?v=2.9.30&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01a8232bb2a3a1005829ce3d5b7705184e8d02dbcc09d9f51d542b34116a255b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 7437
x-xss-protection: 0
pragma: public
x-fb-debug: NQ25Kc9dpGmNSBZcBfa/XbpwuFI0HnzVfsEYlizFk7maxqATt2eLazjIVJvMZPUClbDu1qwm8zC3/qyg8GXrsg==
x-fb-trip-id: 436667874
x-frame-options: DENY
date: Wed, 16 Dec 2020 19:18:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1356147266
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=373973092781882&ev=PageView&dl=https%3A%2F%2Fpages.financialengines.com%2Frecency-bias%2F%3FtestGroup%26poid%3Dchubbfmr%26s_cid%3Dem%253AFMR%253Achubbfmr%253AWellbeing%253ANON_RECURRING%253ANONE%253A385866%257C7918636%257C336&rl=&if=false&ts=1608146298360&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=28&fbp=fb.1.1608146298359.1874911233&it=1608146298346&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 16 Dec 2020 19:18:18 GMT

GET
BLOB 200
OK 818db8b4-5145-4acf-aee9-8066cba836fe
https://pages.financialengines.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pages.financialengines.com/818db8b4-5145-4acf-aee9-8066cba836fe
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 40ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700%7CSource+Sans+Pro:italic

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ce85558940ecd1ba54bac9e84e1f241308f2ce26a121dbd19b5ca75b0bc2730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Dec 2020 19:18:18 GMT
server: ESF
date: Wed, 16 Dec 2020 19:18:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Dec 2020 19:18:18 GMT

GET
H2 200 ugpsdw-efe-primary-rgb-072219_104q00v000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.financialengines.com/recency-bias/ 2 KB
2 KB 227ms
221ms Image
image/png 52.222.190.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.financialengines.com/recency-bias/ugpsdw-efe-primary-rgb-072219_104q00v000000000000028.png
Requested by: Host: pages.financialengines.com
URL: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.190.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-53.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6556fd8351033d1f1085cdb622f043e1ccd5c847e8ba79c13daffe0fe5825a06

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:46:13 GMT
via: 1.1 9e9acb04b02acc35d5f161ce03745e26.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 16:11:42 GMT
server: AmazonS3
age: 95526
etag: "8959b70225acc8e3dc3ea16f641bc487"
x-cache: Hit from cloudfront
x-amz-version-id: nJngn.wWb2mcgYILokby1paEc.6r2tm8
cache-control: max-age=31557600
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-type: image/png
content-length: 1553
x-amz-cf-id: vLiaNThRXMzMzADUEHvhQJZYDX8W4CiL7C3clP9ekm1S0bcWljn52g==

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pages.financialengines.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700%7CSource+Sans+Pro:italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 14 Dec 2020 21:16:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 165734
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Tue, 14 Dec 2021 21:16:04 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 33ms
12ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pages.financialengines.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700%7CSource+Sans+Pro:italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Dec 2020 19:41:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 603401
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Thu, 09 Dec 2021 19:41:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 28ms
8ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pages.financialengines.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700%7CSource+Sans+Pro:italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 12 Dec 2020 13:46:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 365514
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Sun, 12 Dec 2021 13:46:24 GMT

GET
H2 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDJB9cme.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ 12 KB
13 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDJB9cme.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700%7CSource+Sans+Pro:italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7cc2c8a7bd96173ee2a862c122630ab8d45ad0676ad2ad60fc55307763782230

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://pages.financialengines.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:600,regular,700%7CSource+Sans+Pro:italic
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:51:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:03 GMT
server: sffe
age: 95225
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12656
x-xss-protection: 0
expires: Wed, 15 Dec 2021 16:51:13 GMT

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 1027ms
222ms Other
text/plain 52.88.36.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.88.36.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-255.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://pages.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://pages.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Wed, 16 Dec 2020 19:18:19 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 1048ms
228ms Other
text/plain 52.88.36.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.88.36.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-255.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://pages.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://pages.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Wed, 16 Dec 2020 19:18:19 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 1051ms
229ms Other
text/plain 52.88.36.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.88.36.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-255.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://pages.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://pages.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Wed, 16 Dec 2020 19:18:19 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 1070ms
258ms XHR
application/json 52.88.36.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: www.feitest.com
URL: https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.36.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-255.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Authorization: Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 16 Dec 2020 19:18:20 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 1067ms
261ms XHR
application/json 52.88.36.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: www.feitest.com
URL: https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.36.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-255.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Authorization: Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 16 Dec 2020 19:18:20 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 1087ms
271ms XHR
application/json 52.88.36.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: www.feitest.com
URL: https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.36.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-255.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Authorization: Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 16 Dec 2020 19:18:20 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

GET
H/1.1 200
OK aggregate Show response
www.financialengines.com/api/v1/planowners/chubbfmr/ 2 KB
2 KB 495ms
484ms XHR
application/json 2a02:26f0:6c00:2bf::2d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.financialengines.com/api/v1/planowners/chubbfmr/aggregate
Requested by: Host: www.feitest.com
URL: https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::2d5b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: e4c006d390dd3ff31c280b59a9d7111e6b02eaf5b6cfee476c39b818bc66004c

Request headers

Accept: application/json, text/plain, */*
Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fngn-RequestId: de492e53-c2f0-4df2-99ff-851a0ac9510c
Date: Wed, 16 Dec 2020 19:18:18 GMT
Content-Encoding: gzip
Server: Apache
Vary: origin,Accept-Encoding
Access-Control-Allow-Methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
Content-Language: en-US
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Max-Age: 85000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers
Content-Length: 961

GET
H2 200 s-code-contents-3bebe0edd6fd01472f2f8572d8075e33d5f4d051.js Show response
assets.adobedtm.com/a0e3941d5a9d6f0c3911ec5acd84602babe03b22/ 53 KB
19 KB 17ms
16ms Script
application/x-javascript 2a02:26f0:6c00:294::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a0e3941d5a9d6f0c3911ec5acd84602babe03b22/s-code-contents-3bebe0edd6fd01472f2f8572d8075e33d5f4d051.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a0e3941d5a9d6f0c3911ec5acd84602babe03b22/satelliteLib-f5c5c34650a8490ac30a69d9a07c5f48ff96098e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:294::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d502fe5d44028d6d164259b0e274cf0c279b4e4f02bec7207b92359dfa7f7390

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 20:56:03 GMT
server: AkamaiNetStorage
etag: "a15b82ed9639d1ee5e0a662ec708f06d:1591304163.414942"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://pages.financialengines.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 19566
expires: Wed, 16 Dec 2020 20:18:18 GMT

GET
H2

200

s27999606873986
somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/
Redirect Chain

https://somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/s27999606873986?AQB=1&ndh=1&pf=1&t=16%2F11%2F2020%2020%3A18%3A18%203%20-60&D=D%3D&fid=7037983FF96EF37C-1F8AB3E936AF16C3&ce=UTF-...
https://somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/s27999606873986?AQB=1&pccr=true&vidn=2FED2EBD0515BB33-4000082699A5F7F5&ndh=1&pf=1&t=16%2F11%2F2020%2020%3A18%3A18%203%20-60&D=D...

43 B
322 B

140ms
140ms

Image
image/gif

15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/s27999606873986?AQB=1&pccr=true&vidn=2FED2EBD0515BB33-4000082699A5F7F5&ndh=1&pf=1&t=16%2F11%2F2020%2020%3A18%3A18%203%20-60&D=D%3D&fid=7037983FF96EF37C-1F8AB3E936AF16C3&ce=UTF-8&ns=financialengines&pageName=recency-bias%3A%3Ad&g=https%3A%2F%2Fpages.financialengines.com%2Frecency-bias%2F%3FtestGroup%26poid%3Dchubbfmr%26s_cid%3Dem%253AFMR%253Achubbfmr%253AWellbeing%253ANON_RECURRING%253ANONE%253A385866%257C7918636%257C336&cc=USD&events=event1&c3=11%3A18%20am%20-%20wednesday&v3=D%3Dc3&c10=2.7&c11=entry&v11=D%3Dc11&c15=D%3Dpagename&v15=D%3Dpagename&v19=%2B1&v20=%2B1&v22=D%3Dg&v23=referrer%20not%20available&v24=D%3Duser-agent&v32=em%3Afmr%3Achubbfmr%3Awellbeing%3Anon_recurring%3Anone%3A385866%7C7918636%7C336&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 17 Dec 2020 19:18:19 GMT
server: jag
xserver: anedge-f7bfdfcfd-ptl5j
etag: 3453467880779513856-4621724538546656048
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 15 Dec 2020 19:18:19 GMT

Redirect headers

date: Wed, 16 Dec 2020 19:18:18 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
location: https://somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/s27999606873986?AQB=1&pccr=true&vidn=2FED2EBD0515BB33-4000082699A5F7F5&ndh=1&pf=1&t=16%2F11%2F2020%2020%3A18%3A18%203%20-60&D=D%3D&fid=7037983FF96EF37C-1F8AB3E936AF16C3&ce=UTF-8&ns=financialengines&pageName=recency-bias%3A%3Ad&g=https%3A%2F%2Fpages.financialengines.com%2Frecency-bias%2F%3FtestGroup%26poid%3Dchubbfmr%26s_cid%3Dem%253AFMR%253Achubbfmr%253AWellbeing%253ANON_RECURRING%253ANONE%253A385866%257C7918636%257C336&cc=USD&events=event1&c3=11%3A18%20am%20-%20wednesday&v3=D%3Dc3&c10=2.7&c11=entry&v11=D%3Dc11&c15=D%3Dpagename&v15=D%3Dpagename&v19=%2B1&v20=%2B1&v22=D%3Dg&v23=referrer%20not%20available&v24=D%3Duser-agent&v32=em%3Afmr%3Achubbfmr%3Awellbeing%3Anon_recurring%3Anone%3A385866%7C7918636%7C336&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
last-modified: Thu, 17 Dec 2020 19:18:18 GMT
server: jag
xserver: anedge-f7bfdfcfd-ksf8z
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 15 Dec 2020 19:18:18 GMT

GET
H/1.1 200
OK authenticationstatus Show response
www.financialengines.com/api/v1/userlogin/ 531 B
2 KB 174ms
174ms XHR
application/json 2a02:26f0:6c00:2bf::2d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.financialengines.com/api/v1/userlogin/authenticationstatus
Requested by: Host: www.feitest.com
URL: https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::2d5b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 56d540ed6ef2ad7a6fbbbd032ccee02250cb05ae0e0e09c3da44a2003270a545

Request headers

Accept: application/json, text/plain, */*
Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fngn-RequestId: 133ff248-29b0-4c59-bacb-64edff474886
Date: Wed, 16 Dec 2020 19:18:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: origin,Accept-Encoding
Access-Control-Allow-Methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
Content-Language: en-US
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Max-Age: 85000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers
Content-Length: 225

GET
H2 200 s21089963816817
somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/ 43 B
256 B 110ms
109ms Image
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/s21089963816817?AQB=1&ndh=1&pf=1&t=16%2F11%2F2020%2020%3A18%3A18%203%20-60&D=D%3D&fid=7037983FF96EF37C-1F8AB3E936AF16C3&ce=UTF-8&ns=financialengines&pageName=recency-bias%3A%3Ad&g=https%3A%2F%2Fpages.financialengines.com%2Frecency-bias%2F%3FtestGroup%26poid%3Dchubbfmr%26s_cid%3Dem%253AFMR%253Achubbfmr%253AWellbeing%253ANON_RECURRING%253ANONE%253A385866%257C7918636%257C336&cc=USD&pe=lnk_o&pev2=link%20clicked&events=event318&c3=11%3A18%20am%20-%20wednesday&v3=D%3Dc3&c10=2.7&c11=recency-bias%3A%3Ad&v11=D%3Dc11&c15=D%3Dpagename&v15=D%3Dpagename&v22=D%3Dg&v23=referrer%20not%20available&v24=D%3Duser-agent&v28=recency-bias%3A%3Ad&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 17 Dec 2020 19:18:19 GMT
server: jag
xserver: anedge-f7bfdfcfd-4h7cs
etag: 3453467880779513856-4621757564535164501
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 15 Dec 2020 19:18:19 GMT

OPTIONS
H/1.1 200
OK /
www.financialengines.com/api/v1/pageframe/ 0
0 182ms
167ms Other 2a02:26f0:6c00:2bf::2d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.financialengines.com/api/v1/pageframe/?namespace=landing-flow
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:2bf::2d5b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-fe-env,x-spa-name
Origin: https://pages.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-fe-env,x-spa-name
Access-Control-Allow-Methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Max-Age: 85000
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Content-Language: en-US
Server: Apache
Vary: origin
x-fngn-RequestId: 9d49ec11-8274-4722-b4b1-a2801d0e9487
Content-Length: 0
Date: Wed, 16 Dec 2020 19:18:19 GMT
Connection: keep-alive

OPTIONS
H/1.1 200
OK forKeys
www.financialengines.com/api/v1/texts/ 0
0 182ms
167ms Other 2a02:26f0:6c00:2bf::2d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.financialengines.com/api/v1/texts/forKeys
Protocol: HTTP/1.1
Server: 2a02:26f0:6c00:2bf::2d5b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-fe-env,x-spa-name
Origin: https://pages.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-fe-env,x-spa-name
Access-Control-Allow-Methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Max-Age: 85000
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Content-Language: en-US
Server: Apache
Vary: origin
x-fngn-RequestId: b358ea3e-7d8f-440d-a106-7c6a2dc676bf
Content-Length: 0
Date: Wed, 16 Dec 2020 19:18:19 GMT
Connection: keep-alive

GET
H/1.1 200
OK / Show response
www.financialengines.com/api/v1/pageframe/ 7 KB
3 KB 595ms
595ms XHR
application/json 2a02:26f0:6c00:2bf::2d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.financialengines.com/api/v1/pageframe/?namespace=landing-flow
Requested by: Host: www.feitest.com
URL: https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::2d5b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: 7e2d83584c603ca7e4ab0e388b3156633109fa9e255d812cd8411dacef8fc39f

Request headers

x-spa-name: landing-flow
Accept: application/json, text/plain, */*
Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
x-fe-env: production
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fngn-RequestId: e5fe9c84-4c18-44c5-98b1-139eb9c4ee38
Date: Wed, 16 Dec 2020 19:18:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: origin,Accept-Encoding
Access-Control-Allow-Methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
Content-Language: en-US
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Max-Age: 85000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers
Content-Length: 2005

POST
H/1.1 200
OK forKeys Show response
www.financialengines.com/api/v1/texts/ 15 KB
5 KB 376ms
365ms XHR
application/json 2a02:26f0:6c00:2bf::2d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.financialengines.com/api/v1/texts/forKeys
Requested by: Host: www.feitest.com
URL: https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2bf::2d5b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Apache /
Resource Hash: c92a481ec97fd0829cc66aa7dcfdd51ca67825b4c3562b093faf7a8661bd2af8

Request headers

x-spa-name: landing-flow
Accept: application/json, text/plain, */*
Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
x-fe-env: production
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

x-fngn-RequestId: dcbe6949-b82a-4b0b-92bb-ce47dcdbc830
Date: Wed, 16 Dec 2020 19:18:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: origin,Accept-Encoding
Access-Control-Allow-Methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
Content-Language: en-US
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Max-Age: 85000
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Headers
Content-Length: 3511

GET
H2 200 s27495872719441
somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/ 43 B
255 B 88ms
87ms Image
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/s27495872719441?AQB=1&ndh=1&pf=1&t=16%2F11%2F2020%2020%3A18%3A18%203%20-60&D=D%3D&fid=7037983FF96EF37C-1F8AB3E936AF16C3&ce=UTF-8&ns=financialengines&pageName=recency-bias%3A%3Ad&g=https%3A%2F%2Fpages.financialengines.com%2Frecency-bias%2F%3FtestGroup%26poid%3Dchubbfmr%26s_cid%3Dem%253AFMR%253Achubbfmr%253AWellbeing%253ANON_RECURRING%253ANONE%253A385866%257C7918636%257C336&cc=USD&pe=lnk_o&pev2=link%20clicked&c3=11%3A18%20am%20-%20wednesday&v3=D%3Dc3&c10=2.7&c11=recency-bias%3A%3Ad&v11=D%3Dc11&c15=D%3Dpagename&v15=D%3Dpagename&v22=D%3Dg&v23=referrer%20not%20available&v24=D%3Duser-agent&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 17 Dec 2020 19:18:19 GMT
server: jag
xserver: anedge-f7bfdfcfd-tmjrl
etag: 3453467880779513856-4621618220918596444
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 15 Dec 2020 19:18:19 GMT

GET
H2 200 s29062327919556
somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/ 43 B
238 B 82ms
81ms Image
image/gif 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://somtr.financialengines.com/b/ss/finengauthdev/1/JS-1.4.2-D7QN/s29062327919556?AQB=1&ndh=1&pf=1&t=16%2F11%2F2020%2020%3A18%3A18%203%20-60&D=D%3D&fid=7037983FF96EF37C-1F8AB3E936AF16C3&ce=UTF-8&ns=financialengines&pageName=recency-bias%3A%3Ad&g=https%3A%2F%2Fpages.financialengines.com%2Frecency-bias%2F%3FtestGroup%26poid%3Dchubbfmr%26s_cid%3Dem%253AFMR%253Achubbfmr%253AWellbeing%253ANON_RECURRING%253ANONE%253A385866%257C7918636%257C336&cc=USD&pe=lnk_o&pev2=link%20clicked&events=event383&c3=11%3A18%20am%20-%20wednesday&v3=D%3Dc3&c10=2.7&c11=recency-bias%3A%3Ad&v11=D%3Dc11&c15=D%3Dpagename&v15=D%3Dpagename&v22=D%3Dg&v23=referrer%20not%20available&v24=D%3Duser-agent&v28=recency-bias%3A%3Ad&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Dec 2020 19:18:18 GMT
x-content-type-options: nosniff
x-c: master-1404.I1e61f9.M0-468
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 17 Dec 2020 19:18:19 GMT
server: jag
xserver: anedge-f7bfdfcfd-ksf8z
etag: 3453467880779513856-4621441051375565380
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 15 Dec 2020 19:18:19 GMT

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 308ms
308ms Other
text/plain 52.88.36.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.88.36.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-255.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://pages.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://pages.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Wed, 16 Dec 2020 19:18:20 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

OPTIONS
H/1.1 200
OK collector
http-inputs-financialengines.splunkcloud.com/services/ 0
0 306ms
306ms Other
text/plain 52.88.36.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Protocol

HTTP/1.1

Server

52.88.36.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-255.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization
Origin: https://pages.financialengines.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: POST,OPTIONS
Access-Control-Allow-Origin: https://pages.financialengines.com
Allow: POST,OPTIONS
Content-Type: text/plain; charset=UTF-8
Date: Wed, 16 Dec 2020 19:18:20 GMT
Server: Splunkd
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Length: 0
Connection: keep-alive

GET
H/1.1 200
OK t.gif
www.financialengines.com/app/landing-utils/images/ 43 B
501 B 8ms
8ms Image
image/gif 2a02:26f0:6c00:2bf::2d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.financialengines.com/app/landing-utils/images/t.gif

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bf::2d5b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 19:18:19 GMT
Last-Modified: Fri, 16 Oct 2020 19:58:08 GMT
Server: AmazonS3
x-amz-request-id: 7E4DB79C889CCE42
ETag: "fc94fb0c3ed8a8f909dbc7630a0987ff"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=3024000
Connection: keep-alive
Content-Length: 43
x-amz-id-2: Eq+sN3P8h25Uzkw0nGKtULjdaCtJQAe/dbLAysq0ZVLH+LE4VKUs907plrA9NUtgTFNgxS7kLY0=
Expires: Tue, 05 Jan 2021 12:16:35 GMT

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 586ms
260ms XHR
application/json 52.88.36.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: www.feitest.com
URL: https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.36.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-255.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Authorization: Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 16 Dec 2020 19:18:20 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

POST
H/1.1 200
OK collector Show response
http-inputs-financialengines.splunkcloud.com/services/ 27 B
431 B 574ms
264ms XHR
application/json 52.88.36.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://http-inputs-financialengines.splunkcloud.com/services/collector

Requested by

Host: www.feitest.com
URL: https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.36.255 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-255.us-west-2.compute.amazonaws.com

Software

Splunkd /

Resource Hash

3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
Authorization: Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 16 Dec 2020 19:18:20 GMT
X-Content-Type-Options: nosniff
Server: Splunkd
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: POST,OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://pages.financialengines.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Vary: Authorization, Origin
Content-Length: 27

GET
H/1.1 200
OK efe_rebrand_logo.png
www.financialengines.com/app/landing-utils/images/logos/ 9 KB
9 KB 8ms
8ms Image
image/png 2a02:26f0:6c00:2bf::2d5b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.financialengines.com/app/landing-utils/images/logos/efe_rebrand_logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00:2bf::2d5b , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

AmazonS3 /

Resource Hash

355458507aa67b0ed502a04ccea4c573fb080827df6dd267ae9718d950b1aa9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 16 Dec 2020 19:18:19 GMT
Last-Modified: Fri, 16 Oct 2020 19:58:06 GMT
Server: AmazonS3
x-amz-request-id: B8A98FAE3BDC4FC8
ETag: "381f37a5076ce5e0470a62b4c5b82940"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=3024000
Connection: keep-alive
Content-Length: 9244
x-amz-id-2: zAUTPTrLMWzNHJ6Z0BmxeqIHwsqfb99V53dTdeYW6u6sFpeWcl6kq5z2UK+fVVWGzugTZq0VAII=
Expires: Tue, 05 Jan 2021 13:15:56 GMT

GET
H2 200 ugpsdw-efe-primary-rgb-072219_104q00v000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.financialengines.com/recency-bias/ 2 KB
2 KB 151ms
150ms Image
image/png 52.222.190.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/pages.financialengines.com/recency-bias/ugpsdw-efe-primary-rgb-072219_104q00v000000000000028.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.190.53 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-190-53.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6556fd8351033d1f1085cdb622f043e1ccd5c847e8ba79c13daffe0fe5825a06

Request headers

Referer: https://pages.financialengines.com/recency-bias/?testGroup&poid=chubbfmr&s_cid=em%3AFMR%3Achubbfmr%3AWellbeing%3ANON_RECURRING%3ANONE%3A385866%7C7918636%7C336
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 15 Dec 2020 16:46:13 GMT
via: 1.1 9e9acb04b02acc35d5f161ce03745e26.cloudfront.net (CloudFront)
last-modified: Fri, 04 Dec 2020 16:11:42 GMT
server: AmazonS3
age: 95528
etag: "8959b70225acc8e3dc3ea16f641bc487"
x-cache: Hit from cloudfront
x-amz-version-id: nJngn.wWb2mcgYILokby1paEc.6r2tm8
cache-control: max-age=31557600
x-amz-cf-pop: HAM50-C2
accept-ranges: bytes
content-type: image/png
content-length: 1553
x-amz-cf-id: 2bS4CTsoGiRrR0gSlPL0cbwa-JcE4MU9EBO_OhVKdQFBTkgSF6p_tw==

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.financialengines.com/	1969-12-31 23:59:59	Name: sessionId Value: GW-PRD-20201216-1118-0000162
.financialengines.com/	1969-12-31 23:59:59	Name: s Value: GW-PRD-20201216-1118-0000162
.financialengines.com/	1969-12-31 23:59:59	Name: sessionToken Value: 5f15b394-8508-4f9b-a487-6b8fb818ab26
.financialengines.com/	1969-12-31 23:59:59	Name: sessFlag Value: true
.financialengines.com/	1970-01-21 10:31:52	Name: s_fid Value: 7037983FF96EF37C-1F8AB3E936AF16C3
.financialengines.com/	1970-01-20 08:13:38	Name: s_vi Value: [CS]v1\|2FED2EBD0515BB33-4000082699A5F7F5[CE]
.financialengines.com/	1969-12-31 23:59:59	Name: authType Value: aws
.financialengines.com/	1970-01-20 03:40:02	Name: ptc Value: "188fee3d-d914-48c0-9e7c-374061e52f12::1608146298579"
.financialengines.com/	1970-01-19 16:52:02	Name: _fbp Value: fb.1.1608146298359.1874911233
pages.financialengines.com/	1969-12-31 23:59:59	Name: _sdsat_eVar47 Value:
.financialengines.com/	1970-01-21 10:30:26	Name: v12 Value: 1765826298528
pages.financialengines.com/	1969-12-31 23:59:59	Name: _sdsat_eVar28 Value: recency-bias::d
pages.financialengines.com/	1970-01-20 08:13:38	Name: _sp_id.9f64 Value: dfc4e1f4-097b-411a-a61b-10187f3cbd98.1608146298.1.1608146298.1608146298.89701e7f-aabb-49d2-8fd2-91e3357b2f3d
.financialengines.com/	1969-12-31 23:59:59	Name: daVars Value: %7B%22sponsorDateStamp%22%3A%22chubbfmr%3A20201216%22%2C%22enrStatus%22%3A%22MEMBER%22%2C%22envType%22%3A%22USER_PROD%22%2C%22providerId%22%3A%22FMR%22%2C%22sponsorId%22%3A%22chubbfmr%22%2C%22namespace%22%3A%22%22%2C%22userType%22%3A%22USER%22%2C%22sessionId%22%3A%22GW-PRD-20201216-1118-0000162%22%2C%22isUserTemp%22%3A%22false%22%2C%22pageName%22%3A%22%22%2C%22userId%22%3A%2250207228%22%7D
.financialengines.com/	1970-01-19 14:42:28	Name: c11 Value: recency-bias%3A%3Ad
.financialengines.com/	1969-12-31 23:59:59	Name: s_cc Value: true
pages.financialengines.com/	1969-12-31 23:59:59	Name: _sdsat_enrStatus Value:
pages.financialengines.com/	1970-01-19 14:42:28	Name: _sp_ses.9f64 Value: *

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://assets.adobedtm.com/a0e3941d5a9d6f0c3911ec5acd84602babe03b22/satelliteLib-f5c5c34650a8490ac30a69d9a07c5f48ff96098e.js(Line 4) Message: Debugg::triggered!!
console-api	log	URL: https://www.feitest.com/app/landing-utils/main.616cfdfc103767f77eae.js(Line 15) Message: AuthenticationStatus [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
builder-assets.unbounce.com
click.mail.edelmanfinancialengines.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
http-inputs-financialengines.splunkcloud.com
pages.financialengines.com
script.crazyegg.com
somtr.financialengines.com
stackpath.bootstrapcdn.com
www.facebook.com
www.feitest.com
www.financialengines.com
www.googletagmanager.com
104.109.66.152
13.111.148.97
15.237.136.106
2001:4de0:ac19::1:b:2b
2600:9000:2016:8000:1d:11cf:5800:93a1
2606:4700::6813:9308
2a00:1450:4001:808::2008
2a00:1450:4001:81d::200a
2a00:1450:4001:81e::2003
2a02:26f0:6c00:294::1e80
2a02:26f0:6c00:2bf::2d5b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.224.248.58
52.222.190.53
52.88.36.255
54.230.206.127
54.93.101.66
0057f6effd37189f4535e1ee86aa10fceed6daceb5a98d6e11d7a496800e3429
01a8232bb2a3a1005829ce3d5b7705184e8d02dbcc09d9f51d542b34116a255b
08dab7ccb9bedb2320454581f703d5a7c07f05f77a88e753e8e144a87ee85eb1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
355458507aa67b0ed502a04ccea4c573fb080827df6dd267ae9718d950b1aa9b
3adfc359f1ee9a7682f9a765b05e9e593c4624bf1062fc0686212b131d0d2002
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
56d540ed6ef2ad7a6fbbbd032ccee02250cb05ae0e0e09c3da44a2003270a545
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
5ce85558940ecd1ba54bac9e84e1f241308f2ce26a121dbd19b5ca75b0bc2730
6556fd8351033d1f1085cdb622f043e1ccd5c847e8ba79c13daffe0fe5825a06
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7be8ce944d01ffcd8471634f93a652c77054cab3dfb71a7ac6108b2e47840217
7c3ed55379ec12c3a5a591759d049d9f1a5f5ebda59556f63130559e361d0a87
7cc2c8a7bd96173ee2a862c122630ab8d45ad0676ad2ad60fc55307763782230
7e2d83584c603ca7e4ab0e388b3156633109fa9e255d812cd8411dacef8fc39f
9178dafb986c66acf020750bea218b104054f797d99741bc131bdee6cb526a1e
978d65e8fd7e111af1c24740d5a10dce9e18f2cc34d49f63a137e961fb7492bc
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a37000badf11efc14a49c2635c86f79cf25a05bc8ca6b1977757dfe38262c227
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
c729c74777918365dbcebc25f1a714518d815bc87d345ad6fb8daac5d09d2fc5
c92a481ec97fd0829cc66aa7dcfdd51ca67825b4c3562b093faf7a8661bd2af8
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
d502fe5d44028d6d164259b0e274cf0c279b4e4f02bec7207b92359dfa7f7390
e015cd6e8ee38c307ccc401c6a7a40d891467ebdbf011d41c49001e867d58d58
e4c006d390dd3ff31c280b59a9d7111e6b02eaf5b6cfee476c39b818bc66004c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5a67cc94c25a18930e18ed3a524332891a23fc26c382325cc0382c61cecd0f8

pages.financialengines.com Open in urlscan Pro 54.93.101.66 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

52 Requests

98 %HTTPS

56 %IPv6

15 Domains

18 Subdomains

18 IPs

6 Countries

463 kBTransfer

1387 kBSize

18 Cookies

16 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

pages.financialengines.com Open in urlscan Pro
54.93.101.66 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

98 %
HTTPS

56 %
IPv6

15
Domains

18
Subdomains

18
IPs

6
Countries

463 kB
Transfer

1387 kB
Size

18
Cookies

52 HTTP transactions
1 data transactions