urlscan.io logo urlscan.io
SecurityTrails logo

www.financialengines.com Open in urlscan Pro
2a02:26f0:3500:890::2d5b  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.mail.edelmanfinancialengines.com/?qs=b6e48053df71195adb0a7c6e1d5ad19676babd1c771a38d78641085d3d502e670b5d86f10e99a3d8211180dd080a...
Effective URL: https://www.financialengines.com/app/wprofile/
Submission: On September 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 40 HTTP transactions. The main IP is 2a02:26f0:3500:890::2d5b, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.financialengines.com. The Cisco Umbrella rank of the primary domain is 109507.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on May 11th 2022. Valid for: a year.
This is the only time www.financialengines.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.148.97 22606 (EXACT-7)
1 7 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a02:26f0:10e... 20940 (AKAMAI-ASN1)
2 143.204.89.24 16509 (AMAZON-02)
14 13.32.99.4 16509 (AMAZON-02)
12 52.88.44.30 16509 (AMAZON-02)
1 15.188.95.229 16509 (AMAZON-02)
1 52.34.173.191 16509 (AMAZON-02)
2 143.204.89.15 16509 (AMAZON-02)
40 9
1    13.111.148.97 (United States)

ASN22606 (EXACT-7, US)
PTR: click.mail.edelmanfinancialengines.com
click.mail.edelmanfinancialengines.com
7    2a02:26f0:3500:890::2d5b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.financialengines.com
2    2a02:26f0:10e:2ae::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    143.204.89.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-24.fra50.r.cloudfront.net
cdn.appdynamics.com
14    13.32.99.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-4.fra60.r.cloudfront.net
gateway.financialengines.com
12    52.88.44.30 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-44-30.us-west-2.compute.amazonaws.com
http-inputs-financialengines.splunkcloud.com
1    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
somtr.financialengines.com
1    52.34.173.191 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-173-191.us-west-2.compute.amazonaws.com
col.eum-appdynamics.com
2    143.204.89.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-15.fra50.r.cloudfront.net
images.financialengines.com
Apex Domain
Subdomains		 Transfer
24 financialengines.com
www.financialengines.com — Cisco Umbrella Rank: 109507
gateway.financialengines.com — Cisco Umbrella Rank: 203367
somtr.financialengines.com — Cisco Umbrella Rank: 122155
images.financialengines.com — Cisco Umbrella Rank: 972963
1 MB
12 splunkcloud.com
http-inputs-financialengines.splunkcloud.com — Cisco Umbrella Rank: 119807
3 KB
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 3146
45 KB
2 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 500
28 KB
1 eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 2174
719 B
1 edelmanfinancialengines.com
click.mail.edelmanfinancialengines.com — Cisco Umbrella Rank: 114661
379 B
40 6
Domain Requested by
14 gateway.financialengines.com cdn.appdynamics.com
12 http-inputs-financialengines.splunkcloud.com cdn.appdynamics.com
7 www.financialengines.com 1 redirects www.financialengines.com
cdn.appdynamics.com
2 images.financialengines.com
2 cdn.appdynamics.com www.financialengines.com
cdn.appdynamics.com
2 assets.adobedtm.com www.financialengines.com
assets.adobedtm.com
1 col.eum-appdynamics.com cdn.appdynamics.com
1 somtr.financialengines.com
1 click.mail.edelmanfinancialengines.com 1 redirects
40 9

This site contains links to these domains. Also see Links.

Domain
legaldocs.financialengines.io
Subject Issuer Validity Valid
www.financialengines.com
DigiCert SHA2 Extended Validation Server CA		 2022-05-11 -
2023-05-12		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-17 -
2023-07-22		 a year crt.sh
gateway.financialengines.com
Amazon		 2022-04-01 -
2023-04-29		 a year crt.sh
*.financialengines.splunkcloud.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-26 -
2023-08-29		 a year crt.sh
somtr.financialengines.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-28 -
2023-04-28		 a year crt.sh
*.eum-appdynamics.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-14 -
2023-07-15		 a year crt.sh
images.financialengines.com
Amazon		 2022-03-28 -
2023-04-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.financialengines.com/app/wprofile/
Frame ID: 20904E2E3DCFB8938E9F65541703857B
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Profile | Edelman Financial Engines

Page URL History Show full URLs

  1. https://click.mail.edelmanfinancialengines.com/?qs=b6e48053df71195adb0a7c6e1d5ad19676babd1c771a38d78641085d3d502e670b5d86f1... HTTP 302
    https://www.financialengines.com/framework/emaillogin.act?&tok=gu9b8quiplc6maanxat4t1top0lsola0&type=EDIT_EMA... HTTP 302
    https://www.financialengines.com/app/wprofile/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adrum

Page Statistics

40
Requests

100 %
HTTPS

22 %
IPv6

6
Domains

9
Subdomains

9
IPs

4
Countries

1175 kB
Transfer

3229 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.mail.edelmanfinancialengines.com/?qs=b6e48053df71195adb0a7c6e1d5ad19676babd1c771a38d78641085d3d502e670b5d86f10e99a3d8211180dd080a6be41369b0eb398689f493892af5aa832f12 HTTP 302
    https://www.financialengines.com/framework/emaillogin.act?&tok=gu9b8quiplc6maanxat4t1top0lsola0&type=EDIT_EMAIL_PREFERENCES&s_cid=em:vanguard:Ochsner:VANActionSimp:ECAMPAIGN:E_REMINDER:409765|9023185|1010 HTTP 302
    https://www.financialengines.com/app/wprofile/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.financialengines.com/app/wprofile/
Redirect Chain
  • https://click.mail.edelmanfinancialengines.com/?qs=b6e48053df71195adb0a7c6e1d5ad19676babd1c771a38d78641085d3d502e670b5d86f10e99a3d8211180dd080a6be41369b0eb398689f493892af5aa832f12
  • https://www.financialengines.com/framework/emaillogin.act?&tok=gu9b8quiplc6maanxat4t1top0lsola0&type=EDIT_EMAIL_PREFERENCES&s_cid=em:vanguard:Ochsner:VANActionSimp:ECAMPAIGN:E_REMINDER:409765|90231...
  • https://www.financialengines.com/app/wprofile/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.financialengines.com/app/wprofile/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:890::2d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f26d1ab44fb8d70886d52a8df33b82b2eac962287635163f0a327f35c6bc57a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=660
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1517
Content-Type
text/html
Date
Wed, 28 Sep 2022 19:15:30 GMT
ETag
"24b552602f6049f33a2a37b1a76768ee-gzip"
Expires
Wed, 28 Sep 2022 19:26:30 GMT
Last-Modified
Fri, 12 Aug 2022 17:08:58 GMT
Server
AmazonS3
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
x-amz-id-2
BcBz5w7mGbGU6tOb5RhOSmWj8gPVxBznKdfW7DRVp1Nyz+CUOJxIrknF0Qf+gZVGapDHPawrflk=
x-amz-request-id
HGPQ88P47NW6YV3D

Redirect headers

Connection
keep-alive
Content-Language
de-DE
Content-Length
0
Date
Wed, 28 Sep 2022 19:15:30 GMT
Location
https://www.financialengines.com/app/wprofile/#/modal/edit-email?target=pageview&s_cid=em%3Avanguard%3AOchsner%3AVANActionSimp%3AECAMPAIGN%3AE_REMINDER%3A409765%7C9023185%7C1010
Server
Apache
X-Frame-Options
SAMEORIGIN
launch-ENc8ac787d61af47d3b077ad4b56448bf9.min.js
assets.adobedtm.com/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-ENc8ac787d61af47d3b077ad4b56448bf9.min.js
Requested by
Host: www.financialengines.com
URL: https://www.financialengines.com/app/wprofile/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e:2ae::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
926a7692715a58ff4470b6174d8dc70f1c472f2860de1038e47288581e49be24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.financialengines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:15:31 GMT
content-encoding
gzip
last-modified
Mon, 26 Jul 2021 19:57:22 GMT
server
AkamaiNetStorage
etag
"e463eb775746cac2f61babe4dcd49d86:1627329442.434675"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.financialengines.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
15745
expires
Wed, 28 Sep 2022 20:15:31 GMT
adrum-4.5.2.1326.js
cdn.appdynamics.com/adrum/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Requested by
Host: www.financialengines.com
URL: https://www.financialengines.com/app/wprofile/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-24.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
982e3986bcc4d98f466b329d6cbb3f5f0ad6310f6493244075e0b6355f205274

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.financialengines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 20 Sep 2022 17:25:10 GMT
content-encoding
gzip
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
697821
x-cache
Hit from cloudfront
last-modified
Mon, 24 Sep 2018 23:54:42 GMT
server
nginx/1.16.1
etag
W/"5ba97942-10fd5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
WfeIN6bLBZ5htH_h_dncCcMn9YY0nWXbmiSaIODv_LipNYU035k9mw==
runtime.e4bcd92c7210c795.esm.js
www.financialengines.com/app/wprofile/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financialengines.com/app/wprofile/runtime.e4bcd92c7210c795.esm.js
Requested by
Host: www.financialengines.com
URL: https://www.financialengines.com/app/wprofile/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:890::2d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
258cc60991e19a41b4ab0bd229ffc9931fbe8587b097a38c7a1ad7c3f5486432
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.financialengines.com/app/wprofile/
Origin
https://www.financialengines.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 19:15:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Aug 2022 17:08:58 GMT
Server
AmazonS3
x-amz-request-id
T5TRSKGDQHG1VYHW
ETag
"40160f466a0fda030bb9f0676ce6f6b0"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=1320
Connection
keep-alive
Content-Length
1751
x-amz-id-2
sIXW9hONvOdgGqu3gJdZWdpRidUB/ogvr7dAlw/55Sy9LY5BK1RNRfv5hwVfcwcjAE+CohmsyiM=
Expires
Tue, 27 Sep 2022 21:11:39 GMT
polyfills.03ab6aadc427d1e3.esm.js
www.financialengines.com/app/wprofile/ 		169 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financialengines.com/app/wprofile/polyfills.03ab6aadc427d1e3.esm.js
Requested by
Host: www.financialengines.com
URL: https://www.financialengines.com/app/wprofile/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:890::2d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b49525ee1502e1c3b183fa9e3b7353159a1521e18724367c991c1238058851c9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.financialengines.com/app/wprofile/
Origin
https://www.financialengines.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 19:15:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Aug 2022 17:08:58 GMT
Server
AmazonS3
x-amz-request-id
V3EDZ2EF9BY8F1V3
ETag
"a22805ed315278a1cf654c0f92c868cc"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=1320
Connection
keep-alive
Content-Length
59443
x-amz-id-2
l4H+zJ3nnlRe+r4jNirXAkshuavcf8rp0T+ledfcCakM2AUPOS6kk67yzHEcIT3XjojPpzW1PKI=
Expires
Tue, 27 Sep 2022 19:43:48 GMT
main.de3d5a1c04029458.esm.js
www.financialengines.com/app/wprofile/ 		2 MB
597 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financialengines.com/app/wprofile/main.de3d5a1c04029458.esm.js
Requested by
Host: www.financialengines.com
URL: https://www.financialengines.com/app/wprofile/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:890::2d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34f065cb282f533b8c2204df7622337d8fd377c2f89cffd1fc456f26884f0697
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.financialengines.com/app/wprofile/
Origin
https://www.financialengines.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 19:15:30 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Aug 2022 17:08:58 GMT
Server
AmazonS3
x-amz-request-id
T5TQFXR1ZEGDQNDC
ETag
"bb99889f7a8b75d79373df98f8845961"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=1320
Connection
keep-alive
Content-Length
611208
x-amz-id-2
geuWSyUZtNedWh+sSCaFV5O8v/mwYNdfG9+1qXAtqNeGh017RrltKoInUWyrXnQ5Lk5yTTb9SL0=
Expires
Wed, 28 Sep 2022 00:54:57 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-ENc8ac787d61af47d3b077ad4b56448bf9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10e:2ae::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.financialengines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62
8096267
date
Wed, 28 Sep 2022 19:15:31 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://www.financialengines.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Wed, 28 Sep 2022 20:15:31 GMT
forKeys
gateway.financialengines.com/advisor/api/v1/texts/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/advisor/api/v1/texts/forKeys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method
POST
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-fe-client,x-fe-env,x-spa-name
access-control-allow-methods
POST
access-control-allow-origin
https://www.financialengines.com
access-control-expose-headers
x-amzn-requestId, x-fngn-requestid
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-language
en
date
Wed, 28 Sep 2022 19:15:32 GMT
vary
Accept-Encoding,Origin
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-apigw-id
ZL2FJHEESK4FmuQ=
x-amz-cf-id
YLeE-E2uUygi7YSyKa7tFQ0BPNVOm4vGbG59SPrS95s0AT-eB3PLdg==
x-amz-cf-pop
FRA60-P3
x-amzn-remapped-connection
keep-alive
x-amzn-remapped-date
Wed, 28 Sep 2022 19:15:32 GMT
x-amzn-remapped-server
Apache
x-amzn-requestid
3ba3cda0-0e71-46cc-b847-ce11c1cb70da
x-cache
Miss from cloudfront
x-fngn-requestid
e18f9743-62dc-4fb8-a8a8-500a8afcd2cd
customersitepageframe
gateway.financialengines.com/advisor/api/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/advisor/api/v1/customersitepageframe?namespace=pageframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method
GET
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-fe-client,x-fe-env,x-spa-name
access-control-allow-methods
GET
access-control-allow-origin
https://www.financialengines.com
access-control-expose-headers
x-amzn-requestId, x-fngn-requestid
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-language
en
date
Wed, 28 Sep 2022 19:15:32 GMT
vary
Accept-Encoding,Origin
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-apigw-id
ZL2FJFhYSK4Fv6g=
x-amz-cf-id
iXwcvjvhzW-FVrFUAkbSfbY5gpX4RTd6qetua-F1UIIr_tyVAKmORw==
x-amz-cf-pop
FRA60-P3
x-amzn-remapped-connection
keep-alive
x-amzn-remapped-date
Wed, 28 Sep 2022 19:15:32 GMT
x-amzn-remapped-server
Apache
x-amzn-requestid
9d88e4ea-7785-4783-aecd-b20ae97d12d4
x-cache
Miss from cloudfront
x-fngn-requestid
da7d1f95-8731-46ef-97b4-2d6b421d3d48
collector
http-inputs-financialengines.splunkcloud.com/services/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
https://www.financialengines.com
Allow
POST,OPTIONS
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=UTF-8
Date
Wed, 28 Sep 2022 19:15:32 GMT
Server
Splunkd
Vary
Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
status
gateway.financialengines.com/auth/v1/session/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/auth/v1/session/status?d=1664392531500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
cache-control
Access-Control-Request-Method
GET
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
cache-control
access-control-allow-methods
GET
access-control-allow-origin
https://www.financialengines.com
access-control-expose-headers
x-amzn-requestId, x-fngn-requestid
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
date
Wed, 28 Sep 2022 19:15:31 GMT
vary
Accept-Encoding, Origin
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-apigw-id
ZL2FJF-myK4FgKQ=
x-amz-cf-id
ldi5ZqZ3bdpIDOUhwqD6eIqhWaEVFJAQ7g26gPSvI-UYKR83W838PQ==
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
c7da41b8-db3d-456c-b64c-9e8fd93f24e9
x-amzn-trace-id
Root=1-63349d53-3bf95850054598506ca177e2;Sampled=0
x-cache
Miss from cloudfront
forKeys
gateway.financialengines.com/advisor/api/v1/texts/ 		204 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/advisor/api/v1/texts/forKeys
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash
a64724b9a21329072f00227aab78eb3b44a0b76d92a4a717dc4951e96268c773

Request headers

X-SPA-NAME
customer-site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-FE-CLIENT
CUSTOMER_SITE
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
X-FE-ENV
production

Response headers

date
Wed, 28 Sep 2022 19:15:32 GMT
content-encoding
gzip
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
128
x-amzn-remapped-server
Apache
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
33e55205-ec43-44ac-b05d-17638daeec5b
x-amzn-remapped-connection
keep-alive
x-cache
Miss from cloudfront
x-amz-apigw-id
ZL2FMGMRSK4FgUw=
content-length
128
vary
Accept-Encoding,Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.financialengines.com
content-language
de-DE
x-fngn-requestid
7c99d4fd-0ce5-44b3-9349-5033c2cdbabe
access-control-allow-credentials
true
x-amzn-remapped-date
Wed, 28 Sep 2022 19:15:32 GMT
x-amz-cf-id
9HAkxnEBPpDG9Imwypt95CRKRkhHxnopjVJeIc_2j3u2eatJGuJaUg==
customersitepageframe
gateway.financialengines.com/advisor/api/v1/ 		287 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/advisor/api/v1/customersitepageframe?namespace=pageframe
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash
2ef2553e1dcd9439bde306d0fa999f877052c4605416897125213d5ec1c56bff

Request headers

X-SPA-NAME
pageframe
Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
X-FE-ENV
production
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-FE-CLIENT
CUSTOMER_SITE

Response headers

date
Wed, 28 Sep 2022 19:15:33 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amzn-remapped-server
Apache
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
e77c6ecf-eabb-40b8-802b-a3b6bd09ac66
x-amzn-remapped-connection
close
x-cache
Error from cloudfront
x-amz-apigw-id
ZL2FPELUyK4FREA=
content-length
287
vary
Accept-Encoding,Origin
content-language
de-DE
access-control-allow-origin
https://www.financialengines.com
content-type
application/json;charset=UTF-8
x-fngn-requestid
ddc23adb-866d-4fae-bada-48bc776bbc5a
access-control-allow-credentials
true
x-amzn-remapped-date
Wed, 28 Sep 2022 19:15:33 GMT
x-amz-cf-id
Y8-d0DZPl40s9paRrTKC4FzR7U8n9gKxXgR786wu3Wh1_bmvcqnPQQ==
collector
http-inputs-financialengines.splunkcloud.com/services/ 		27 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
accept-language
de-DE,de;q=0.9
Authorization
Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 28 Sep 2022 19:15:32 GMT
X-Content-Type-Options
nosniff
Server
Splunkd
Vary
Authorization, Origin
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.financialengines.com
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
27
status
gateway.financialengines.com/auth/v1/session/ 		127 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/auth/v1/session/status?d=1664392531500
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash
65e52c8f48a36360de7e5cec8d2ea89d816b845f11e1fb6cb366c45a1ed5847f

Request headers

Accept
application/json, text/plain, */*
Cache-Control
no-cache, no-store, must-revalidate
Referer
https://www.financialengines.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 19:15:32 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amzn-trace-id
Root=1-63349d54-1ab304c51217b607152950ba;Sampled=0
x-amzn-requestid
69201090-9e08-40e2-bf6e-606606eeff66
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://www.financialengines.com
access-control-allow-credentials
true
x-amz-apigw-id
ZL2FOGvlyK4FpbQ=
content-length
127
x-amz-cf-id
BGmob6FfUi4KoCHAy0nSWIkiZc-FCK4T-q4dkZ_EsKbt03ETcl7HMQ==
settings
gateway.financialengines.com/advisor/api/v1/user/application/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/advisor/api/v1/user/application/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method
GET
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-fe-client,x-fe-env,x-spa-name
access-control-allow-methods
GET
access-control-allow-origin
https://www.financialengines.com
access-control-expose-headers
x-amzn-requestId, x-fngn-requestid
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-language
en
date
Wed, 28 Sep 2022 19:15:32 GMT
vary
Accept-Encoding,Origin
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-apigw-id
ZL2FJEGjyK4FrVQ=
x-amz-cf-id
90PUwrDPyJL_BvR_j-OKKzB6oCkLYTiKYG5mJ3Z6ELhi8MnTKUaGTA==
x-amz-cf-pop
FRA60-P3
x-amzn-remapped-connection
keep-alive
x-amzn-remapped-date
Wed, 28 Sep 2022 19:15:32 GMT
x-amzn-remapped-server
Apache
x-amzn-requestid
cc0b9b7e-d551-41d7-8398-bf3e84f9dcf4
x-cache
Miss from cloudfront
x-fngn-requestid
3d337df3-a91e-4a23-a3fb-d4feb4c77754
settings
gateway.financialengines.com/advisor/api/v1/user/application/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/advisor/api/v1/user/application/settings
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash
9914e1689ac42087e8948c2d6afee19a6d31a6df82cf43d3929a3db56d892e07

Request headers

X-SPA-NAME
customer-site
Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
X-FE-ENV
production
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-FE-CLIENT
CUSTOMER_SITE

Response headers

date
Wed, 28 Sep 2022 19:15:32 GMT
content-encoding
gzip
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
792
x-amzn-remapped-server
Apache
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
f74239a9-5c39-4a7e-bc96-65a0b3fba5ac
x-amzn-remapped-connection
keep-alive
x-cache
Miss from cloudfront
x-amz-apigw-id
ZL2FPEyLSK4Fr2Q=
content-length
792
vary
Accept-Encoding,Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.financialengines.com
content-language
de-DE
x-fngn-requestid
f5a01531-a15f-4bb3-aa47-c6550885ae28
access-control-allow-credentials
true
x-amzn-remapped-date
Wed, 28 Sep 2022 19:15:32 GMT
x-amz-cf-id
d81hWYlIOmxJYyGFHSV_eLX9adv66q0XSDtWeaBHDuyvzsLFu7Duxw==
adrum-ext.15ad9e12c414858a5e6cfdfb1f2331b1.js
cdn.appdynamics.com/ 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.15ad9e12c414858a5e6cfdfb1f2331b1.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-24.fra50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
c063cc48c10c59a43ee8f325053b7cf8041eec8704c02c2191d4d7c2be638121

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.financialengines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 01:00:42 GMT
content-encoding
gzip
via
1.1 cdb2dba3874dd4d7b53213b8c63a0996.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
1880089
x-cache
Hit from cloudfront
last-modified
Wed, 26 Sep 2018 23:59:21 GMT
server
nginx/1.16.1
etag
W/"5bac1d59-c890"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tjF0h82_NbOvg0JTG1K2OFxhZiy4zyMJZOE8_EvvjQmCaFuvk4YG7A==
s01345439216777
somtr.financialengines.com/b/ss/finengauthprod/1/JS-2.22.0-LBSQ/ 		43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://somtr.financialengines.com/b/ss/finengauthprod/1/JS-2.22.0-LBSQ/s01345439216777?AQB=1&ndh=1&pf=1&t=28%2F8%2F2022%2019%3A15%3A32%203%200&vid=59392452&fid=426CF5430F50CDDE-340E14FCB62AFEB5&ce=UTF-8&ns=financialengines&cl=SESSION&pageName=wp-profile%3Amodal%3Aedit-email&g=https%3A%2F%2Fwww.financialengines.com%2Fapp%2Fwprofile%2F%23%2Fmodal%2Fedit-email%3Ftarget%3Dpageview%26s_cid%3Dem%253Avanguard%253AOchsner%253AVANActionSimp%253AECAMPAIGN%253AE_REMINDER%253A409765%257C9023185%257C1010&cc=USD&c2=ochsner&v2=ochsner&v5=59392452&c6=vanguard&v6=vanguard&c11=entry&v11=D%3Dc11&c14=ochsner%3A20220928&v14=ochsner%3A20220928&c15=wp-profile%3Amodal%3Aedit-email&v15=wp-profile%3Amodal%3Aedit-email&v32=em%3Avanguard%3Aochsner%3Avanactionsimp%3Aecampaign%3Ae_reminder%3A409765%7C9023185%7C1010&v36=prospect&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.financialengines.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 19:15:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Thu, 29 Sep 2022 19:15:32 GMT
server
jag
etag
3574255746950430720-4619780460034474444
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 27 Sep 2022 19:15:32 GMT
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v2/AD-AAB-AAB-RKG/ 		0
719 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://col.eum-appdynamics.com/eumcollector/beacons/browser/v2/AD-AAB-AAB-RKG/adrum
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.15ad9e12c414858a5e6cfdfb1f2331b1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.34.173.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-173-191.us-west-2.compute.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.financialengines.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Sep 2022 19:15:33 GMT
x-content-type-options
nosniff
server
envoy
vary
*
content-type
text/html
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time
0
access-control-allow-headers
origin, content-type, accept
expires
0
collector
http-inputs-financialengines.splunkcloud.com/services/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
https://www.financialengines.com
Allow
POST,OPTIONS
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=UTF-8
Date
Wed, 28 Sep 2022 19:15:32 GMT
Server
Splunkd
Vary
Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
collector
http-inputs-financialengines.splunkcloud.com/services/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
https://www.financialengines.com
Allow
POST,OPTIONS
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=UTF-8
Date
Wed, 28 Sep 2022 19:15:32 GMT
Server
Splunkd
Vary
Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
collector
http-inputs-financialengines.splunkcloud.com/services/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
https://www.financialengines.com
Allow
POST,OPTIONS
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=UTF-8
Date
Wed, 28 Sep 2022 19:15:32 GMT
Server
Splunkd
Vary
Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
collector
http-inputs-financialengines.splunkcloud.com/services/ 		27 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
accept-language
de-DE,de;q=0.9
Authorization
Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 28 Sep 2022 19:15:33 GMT
X-Content-Type-Options
nosniff
Server
Splunkd
Vary
Authorization, Origin
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.financialengines.com
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
27
collector
http-inputs-financialengines.splunkcloud.com/services/ 		27 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
accept-language
de-DE,de;q=0.9
Authorization
Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 28 Sep 2022 19:15:33 GMT
X-Content-Type-Options
nosniff
Server
Splunkd
Vary
Authorization, Origin
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.financialengines.com
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
27
collector
http-inputs-financialengines.splunkcloud.com/services/ 		27 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
accept-language
de-DE,de;q=0.9
Authorization
Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 28 Sep 2022 19:15:33 GMT
X-Content-Type-Options
nosniff
Server
Splunkd
Vary
Authorization, Origin
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.financialengines.com
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
27
898.71e959fa8f6dd2b6.esm.js
www.financialengines.com/app/wprofile/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financialengines.com/app/wprofile/898.71e959fa8f6dd2b6.esm.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:890::2d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f78fe4a28172d8a14da800b5daac82ef78a9c0f51758a84a6f9674a3a6216481
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.financialengines.com/app/wprofile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 19:15:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Aug 2022 17:08:58 GMT
Server
AmazonS3
x-amz-request-id
F6RFV0V2Y4JV6QWQ
ETag
"64982388fad7f735c437cecb6b4c3e0d"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=1320
Connection
keep-alive
Content-Length
15395
x-amz-id-2
szvyu+faTP1wm63ogtljyu7iChaHC1h+jvyRTrYRctjx+iY4C4MyBOB/VEgBv6+OlIy97oAcbA0=
Expires
Wed, 28 Sep 2022 17:36:38 GMT
route-modal.8ba61e57609fa101.esm.js
www.financialengines.com/app/wprofile/ 		154 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.financialengines.com/app/wprofile/route-modal.8ba61e57609fa101.esm.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:890::2d5b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6e40d84ffab02cedb0089c62e4b7e0fd51f2bcaeddee0194677ccadb5d380aa
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.financialengines.com/app/wprofile/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 19:15:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Aug 2022 17:08:58 GMT
Server
AmazonS3
x-amz-request-id
X9G4RK07MVSFETPQ
ETag
"90dce92c53ee64ac12fe864cf8e425f3"
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
max-age=1320
Connection
keep-alive
Content-Length
38350
x-amz-id-2
2uI3ZRr7/D1o9rCeORM+LYhvNfyjDPjyufy9Fh1x0VmTtJ/iL5OGRYFaTQVU0a428ZU1DOVQv1c=
Expires
Wed, 28 Sep 2022 03:17:00 GMT
ARSMaquettePro-Regular.otf
images.financialengines.com/public-assets/fonts/ 		184 KB
184 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.financialengines.com/public-assets/fonts/ARSMaquettePro-Regular.otf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-15.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ea787416c6e0fb0ca61255835ce38931f96299ca742da0e3eb0f38680a1810b

Request headers

Referer
https://www.financialengines.com/
Origin
https://www.financialengines.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 02:55:03 GMT
x-amz-version-id
9fK5_oc7JYMUKb4HYorFkpMmriAjRbIb
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
58830
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
188096
last-modified
Tue, 22 Jun 2021 20:24:55 GMT
server
AmazonS3
etag
"3a1c8d47b1a36c571ac2dd64bb3130df"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
application/font-sfnt
access-control-allow-origin
*
access-control-expose-headers
ETag
accept-ranges
bytes
x-amz-cf-id
iiBvv8NI608r6_gXYCp6YJIWNwAchTX4zeJzifhUPg3wCVkBp4g2pg==
graphql
gateway.financialengines.com/graphql/v1/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/graphql/v1/graphql
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method
POST
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,X-Amz-Date,x-fe-client,x-spa-name,x-fe-uuid,x-fe-poid,x-fe-env,X-SPA-GUID,Authorization,Cookie,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.financialengines.com
access-control-max-age
86400
content-length
57
content-type
application/json
date
Wed, 28 Sep 2022 19:15:32 GMT
vary
origin
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-apigw-id
ZL2FSF02SK4FZYg=
x-amz-cf-id
KoU0MpzVww5kUqfsUOY87Su2IbRm8FE3x3GZQkF2zN0f_dN7IMizKQ==
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
c84f338a-b3ee-4999-ac9f-3f252f8a0df8
x-amzn-trace-id
Root=1-63349d54-035da7cb0449412f0e9c6539;Sampled=0
x-cache
Miss from cloudfront
graphql
gateway.financialengines.com/graphql/v1/ 		823 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/graphql/v1/graphql
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash
cf80858413463a002cfaec20360f1cda93ee662c2bbb5e5f9750ab422556ea56

Request headers

x-spa-name
CUSTOMER_SITE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
x-fe-client
CUSTOMER_SITE
content-type
application/json
accept
*/*
Referer
https://www.financialengines.com/
x-fe-env
production

Response headers

date
Wed, 28 Sep 2022 19:15:34 GMT
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
6791ffff-39cc-4a7e-a83a-1088d8d3bc7f
x-cache
Miss from cloudfront
x-amz-apigw-id
ZL2FXH-fSK4FoEQ=
content-length
823
x-amzn-trace-id
Root=1-63349d55-04ea44fb01a5e1417622b02a;Sampled=0
vary
origin
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
https://www.financialengines.com
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,X-Amz-Date,x-fe-client,x-spa-name,x-fe-uuid,x-fe-poid,x-fe-env,X-SPA-GUID,Authorization,Cookie,X-Api-Key,X-Amz-Security-Token
x-amz-cf-id
SEP93MrNOS3jrvpf2XV9Qe7N_CvSl9dNfld-EVL6D9lcLxQ-RYPZDQ==
collector
http-inputs-financialengines.splunkcloud.com/services/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
https://www.financialengines.com
Allow
POST,OPTIONS
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=UTF-8
Date
Wed, 28 Sep 2022 19:15:33 GMT
Server
Splunkd
Vary
Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
collector
http-inputs-financialengines.splunkcloud.com/services/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
POST
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Authorization
Access-Control-Allow-Methods
POST,OPTIONS
Access-Control-Allow-Origin
https://www.financialengines.com
Allow
POST,OPTIONS
Connection
keep-alive
Content-Length
0
Content-Type
text/plain; charset=UTF-8
Date
Wed, 28 Sep 2022 19:15:33 GMT
Server
Splunkd
Vary
Origin
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
settings
gateway.financialengines.com/advisor/api/v1/user/application/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/advisor/api/v1/user/application/settings
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method
GET
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-fe-client,x-fe-env,x-spa-name
access-control-allow-methods
GET
access-control-allow-origin
https://www.financialengines.com
access-control-expose-headers
x-amzn-requestId, x-fngn-requestid
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-language
en
date
Wed, 28 Sep 2022 19:15:33 GMT
vary
Accept-Encoding,Origin
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-apigw-id
ZL2FaEW8yK4FbPg=
x-amz-cf-id
9ZSxyyGLCcuPM5WJRtgocTGwcgBbHvdGZP-FeP8JSQl0RwNh4CogwA==
x-amz-cf-pop
FRA60-P3
x-amzn-remapped-connection
keep-alive
x-amzn-remapped-date
Wed, 28 Sep 2022 19:15:33 GMT
x-amzn-remapped-server
Apache
x-amzn-requestid
f80dc2a4-2881-4732-a4dd-303516dcc7a3
x-cache
Miss from cloudfront
x-fngn-requestid
219624f6-0d96-4185-a575-f82e04d6c701
collector
http-inputs-financialengines.splunkcloud.com/services/ 		27 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
accept-language
de-DE,de;q=0.9
Authorization
Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 28 Sep 2022 19:15:33 GMT
X-Content-Type-Options
nosniff
Server
Splunkd
Vary
Authorization, Origin
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.financialengines.com
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
27
collector
http-inputs-financialengines.splunkcloud.com/services/ 		27 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://http-inputs-financialengines.splunkcloud.com/services/collector
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.44.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-44-30.us-west-2.compute.amazonaws.com
Software
Splunkd /
Resource Hash
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
accept-language
de-DE,de;q=0.9
Authorization
Splunk C8664B01-5010-44F4-91F9-43AF637359FD
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 28 Sep 2022 19:15:33 GMT
X-Content-Type-Options
nosniff
Server
Splunkd
Vary
Authorization, Origin
Access-Control-Allow-Methods
POST,OPTIONS
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.financialengines.com
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
27
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb901b50ba37ab3ed63cb0914eac2677f4f262b5da333721a9f466a18f0545d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
settings
gateway.financialengines.com/advisor/api/v1/user/application/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/advisor/api/v1/user/application/settings
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash
52131d170db59d6659714c0cdb7f3b7a26d501f184497983e3e77d41426147f2

Request headers

X-SPA-NAME
customer-site
Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
X-FE-ENV
production
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-FE-CLIENT
CUSTOMER_SITE

Response headers

date
Wed, 28 Sep 2022 19:15:34 GMT
content-encoding
gzip
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
804
x-amzn-remapped-server
Apache
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
868dd903-8080-4039-a92e-514bdb5d4f56
x-amzn-remapped-connection
keep-alive
x-cache
Miss from cloudfront
x-amz-apigw-id
ZL2FgHtWSK4FfcA=
content-length
804
vary
Accept-Encoding,Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.financialengines.com
content-language
de-DE
x-fngn-requestid
0dca6075-49e6-4a2c-bb94-8fdbc1db162b
access-control-allow-credentials
true
x-amzn-remapped-date
Wed, 28 Sep 2022 19:15:34 GMT
x-amz-cf-id
WAA5yVa_CvmqGNAgY-x8A8B_TLvOoXCu0dQUJWV1lEZl2Qyqh6ordg==
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64a91b582353719d88b2ba3f778b15fdbd89124b04ab573de908874504cce0d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a9b819240fac368d452a1b1365bf5c285afdd51e401875e5c41be31d48fd44a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type
image/png
ARSMaquettePro-Bold.otf
images.financialengines.com/public-assets/fonts/ 		189 KB
190 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://images.financialengines.com/public-assets/fonts/ARSMaquettePro-Bold.otf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-15.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53df2b8dc1ef2b3793c5abbd372abcf674a75a4906e03611bdf270eb3251ef0f

Request headers

Referer
https://www.financialengines.com/
Origin
https://www.financialengines.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id
u4KRiuTzdQKUvxmygRifL3f1ALjYvKrW
date
Wed, 28 Sep 2022 07:10:05 GMT
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
43528
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
193956
last-modified
Tue, 22 Jun 2021 20:24:55 GMT
server
AmazonS3
etag
"d4fc7e59a596aa78a7eaa8d30348a8f3"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
application/font-sfnt
access-control-allow-origin
*
access-control-expose-headers
ETag
accept-ranges
bytes
x-amz-cf-id
sFBosPxTRFWx-2kCdFfeU9iZYGsBGVHjGGUwliYakS8N9bkSezVY_w==
forKeys
gateway.financialengines.com/advisor/api/v1/texts/ 		976 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/advisor/api/v1/texts/forKeys
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.2.1326.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash
922ff79279ae67484abeb212041d0324acfd91db0d725a7d1ceaa46a5b3b14dc

Request headers

X-SPA-NAME
customer-site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
X-FE-CLIENT
CUSTOMER_SITE
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://www.financialengines.com/
X-FE-ENV
production

Response headers

date
Wed, 28 Sep 2022 19:15:35 GMT
content-encoding
gzip
via
1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
459
x-amzn-remapped-server
Apache
x-amz-cf-pop
FRA60-P3
x-amzn-requestid
b421aa57-ee71-4846-a0c0-26267f427ec8
x-amzn-remapped-connection
keep-alive
x-cache
Miss from cloudfront
x-amz-apigw-id
ZL2FoFPeyK4FsCA=
content-length
459
vary
Accept-Encoding,Origin
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.financialengines.com
content-language
de-DE
x-fngn-requestid
ce6ada8e-1c59-49e9-9391-6e84a043d039
access-control-allow-credentials
true
x-amzn-remapped-date
Wed, 28 Sep 2022 19:15:35 GMT
x-amz-cf-id
QiMu7oKQ61Hj6g-OEN3O4fp3CcuKqplcZAqlaWrgfOTgkz18iteOoA==
forKeys
gateway.financialengines.com/advisor/api/v1/texts/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gateway.financialengines.com/advisor/api/v1/texts/forKeys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-4.fra60.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-fe-client,x-fe-env,x-spa-name
Access-Control-Request-Method
POST
Origin
https://www.financialengines.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-fe-client,x-fe-env,x-spa-name
access-control-allow-methods
POST
access-control-allow-origin
https://www.financialengines.com
access-control-expose-headers
x-amzn-requestId, x-fngn-requestid
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-language
en
date
Wed, 28 Sep 2022 19:15:34 GMT
vary
Accept-Encoding,Origin
via
1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
x-amz-apigw-id
ZL2FlH-VyK4FTIA=
x-amz-cf-id
XT4B1TxzNFlGxdZwXWq--vmawd0WmIiE5pLbWxvRMcb6TjiUTIKt-Q==
x-amz-cf-pop
FRA60-P3
x-amzn-remapped-connection
keep-alive
x-amzn-remapped-date
Wed, 28 Sep 2022 19:15:34 GMT
x-amzn-remapped-server
Apache
x-amzn-requestid
fd59d847-2c70-4ced-ba98-1bbff6a3b60e
x-cache
Miss from cloudfront
x-fngn-requestid
da997168-5c3a-405c-bcf0-7fd544c226a4

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| fe object| _satellite boolean| __satelliteLoaded number| adrum-start-time object| adrum-config object| ADRUM object| efeHiveJsonpFunction function| clearImmediate function| setImmediate object| regeneratorRuntime object| P object| FEI_THEME function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s_c_il number| s_c_in object| s object| s_i_finengauthprod

16 Cookies

Domain/Path Name / Value
www.financialengines.com/ Name: ADRUM_BTa
Value: R:0|g:954c773c-f406-4af7-8c77-018660b0d2ff|n:financial-engines_727a9d82-a197-4abb-9c03-248d548012cf
www.financialengines.com/ Name: SameSite
Value: None
www.financialengines.com/ Name: ADRUM_BT1
Value: R:0|i:1760325|e:279
.financialengines.com/ Name: sessFlag
Value: true
.financialengines.com/ Name: sessionToken
Value: 1eaa44fb-f3cb-4232-b1e6-ece41b089ba5
.financialengines.com/ Name: authType
Value: aws
.financialengines.com/ Name: s
Value: GW-PRD-20220928-1215-0000199
.financialengines.com/ Name: sessionId
Value: GW-PRD-20220928-1215-0000199
.financialengines.com/ Name: daVars
Value: %7B%22sponsorDateStamp%22%3A%22Ochsner%3A20220928%22%2C%22enrStatus%22%3A%22PROSPECT%22%2C%22envType%22%3A%22USER_PROD%22%2C%22providerId%22%3A%22vanguard%22%2C%22sponsorId%22%3A%22Ochsner%22%2C%22namespace%22%3A%22%22%2C%22userType%22%3A%22USER%22%2C%22sessionId%22%3A%22GW-PRD-20220928-1215-0000199%22%2C%22isUserTemp%22%3A%22false%22%2C%22pageName%22%3A%22%22%2C%22userId%22%3A%2259392452%22%7D
.financialengines.com/ Name: s_fid
Value: 426CF5430F50CDDE-340E14FCB62AFEB5
.financialengines.com/ Name: c11
Value: wp-profile%3Amodal%3Aedit-email
.financialengines.com/ Name: s_cc
Value: true
gateway.financialengines.com/ Name: SameSite
Value: None
.financialengines.com/ Name: ptc
Value: "244b997c-6865-484d-ae51-f81089e1e960::1664392532610"
gateway.financialengines.com/ Name: ADRUM_BTa
Value: R:33|g:539ae4bc-9441-45e9-af55-01f2da6bbb28|n:financial-engines_727a9d82-a197-4abb-9c03-248d548012cf
gateway.financialengines.com/ Name: ADRUM_BT1
Value: R:33|i:1787244|e:128

1 Console Messages

Source Level URL
Text
network error URL: https://gateway.financialengines.com/advisor/api/v1/customersitepageframe?namespace=pageframe
Message:
Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.appdynamics.com
click.mail.edelmanfinancialengines.com
col.eum-appdynamics.com
gateway.financialengines.com
http-inputs-financialengines.splunkcloud.com
images.financialengines.com
somtr.financialengines.com
www.financialengines.com
13.111.148.97
13.32.99.4
143.204.89.15
143.204.89.24
15.188.95.229
2a02:26f0:10e:2ae::1e80
2a02:26f0:3500:890::2d5b
52.34.173.191
52.88.44.30
258cc60991e19a41b4ab0bd229ffc9931fbe8587b097a38c7a1ad7c3f5486432
2ea787416c6e0fb0ca61255835ce38931f96299ca742da0e3eb0f38680a1810b
2ef2553e1dcd9439bde306d0fa999f877052c4605416897125213d5ec1c56bff
34f065cb282f533b8c2204df7622337d8fd377c2f89cffd1fc456f26884f0697
3c88e3c57f69e3a02a1c89ddad501cd370fae7012bf522ee4632d4852e7f5c4b
52131d170db59d6659714c0cdb7f3b7a26d501f184497983e3e77d41426147f2
53df2b8dc1ef2b3793c5abbd372abcf674a75a4906e03611bdf270eb3251ef0f
64a91b582353719d88b2ba3f778b15fdbd89124b04ab573de908874504cce0d7
65e52c8f48a36360de7e5cec8d2ea89d816b845f11e1fb6cb366c45a1ed5847f
922ff79279ae67484abeb212041d0324acfd91db0d725a7d1ceaa46a5b3b14dc
926a7692715a58ff4470b6174d8dc70f1c472f2860de1038e47288581e49be24
982e3986bcc4d98f466b329d6cbb3f5f0ad6310f6493244075e0b6355f205274
9914e1689ac42087e8948c2d6afee19a6d31a6df82cf43d3929a3db56d892e07
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a64724b9a21329072f00227aab78eb3b44a0b76d92a4a717dc4951e96268c773
a9b819240fac368d452a1b1365bf5c285afdd51e401875e5c41be31d48fd44a3
b49525ee1502e1c3b183fa9e3b7353159a1521e18724367c991c1238058851c9
b6e40d84ffab02cedb0089c62e4b7e0fd51f2bcaeddee0194677ccadb5d380aa
c063cc48c10c59a43ee8f325053b7cf8041eec8704c02c2191d4d7c2be638121
cb901b50ba37ab3ed63cb0914eac2677f4f262b5da333721a9f466a18f0545d7
cf80858413463a002cfaec20360f1cda93ee662c2bbb5e5f9750ab422556ea56
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f26d1ab44fb8d70886d52a8df33b82b2eac962287635163f0a327f35c6bc57a1
f78fe4a28172d8a14da800b5daac82ef78a9c0f51758a84a6f9674a3a6216481