www.personalcapital.com Open in urlscan Pro
104.16.198.137 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.peronalcapital.com/
Effective URL:
https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_pa...
Submission: On February 18 via api (February 18th 2023, 7:37:46 am UTC) from US — Scanned from US

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 8 domains to perform 21 HTTP transactions. The main IP is 104.16.198.137, located in and belongs to CLOUDFLARENET, US. The main domain is www.personalcapital.com. The Cisco Umbrella rank of the primary domain is 130475.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 25th 2022. Valid for: a year.

This is the only time www.personalcapital.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	199.191.50.184 199.191.50.184	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
1	208.91.196.46 208.91.196.46	40034 (CONFLUENC...) (CONFLUENCE-NETWORK-INC)
1 2	216.139.248.127 216.139.248.127	32400 (HWSERVICE...) (HWSERVICES-32400)
2 2	35.227.211.136 35.227.211.136	15169 (GOOGLE) (GOOGLE)
1 1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	104.16.198.137 104.16.198.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:816::200e	15169 (GOOGLE) (GOOGLE)
1 8	2606:4700::68... 2606:4700::6812:6b9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	7

3 199.191.50.184 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC, VG)

www.peronalcapital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.91.196.46 (Virgin Islands (British))

ASN40034 (CONFLUENCE-NETWORK-INC, VG)

taff2zc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.139.248.127 (United States) 1 redirects

ASN32400 (HWSERVICES-32400, US)
PTR: 216-139-248-127.aus.us.siteprotect.com

ww2.affinity.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.211.136 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 136.211.227.35.bc.googleusercontent.com

personalcapital.sjv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.198.137 (None, )

ASN13335 (CLOUDFLARENET, US)

www.personalcapital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:6b9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 6204	103 KB
7	personalcapital.com www.personalcapital.com — Cisco Umbrella Rank: 130475	156 KB
3	peronalcapital.com www.peronalcapital.com	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	sjv.io 2 redirects personalcapital.sjv.io	889 B
2	affinity.net 1 redirects ww2.affinity.net — Cisco Umbrella Rank: 206088	3 KB
1	ojrq.net 1 redirects www.ojrq.net — Cisco Umbrella Rank: 5513	538 B
1	taff2zc.com taff2zc.com	5 KB
21	8

	Domain	Requested by
8	challenges.cloudflare.com	1 redirects www.personalcapital.com challenges.cloudflare.com www.peronalcapital.com
7	www.personalcapital.com	www.personalcapital.com www.peronalcapital.com
3	www.peronalcapital.com	www.peronalcapital.com
2	www.google-analytics.com	www.personalcapital.com www.google-analytics.com
2	personalcapital.sjv.io	2 redirects
2	ww2.affinity.net	1 redirects
1	www.ojrq.net	1 redirects
1	taff2zc.com	www.peronalcapital.com
21	8

This site contains no links.

Subject Issuer	Validity	Valid
*.affinity.net Go Daddy Secure Certificate Authority - G2	`2022-06-13` - `2023-07-15`	a year	crt.sh
www.personalcapital.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-25` - `2023-03-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
challenges.cloudflare.com Cloudflare Inc ECC CA-3	`2022-09-18` - `2023-09-17`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1
Frame ID: 81367FA5AB8ED3BFCAAD754C850894FF
Requests: 16 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/0owi0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Frame ID: 7F7608321578758C192B2EF1488B4EDA
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Personal CapitalArtboard 1

Page URL History Show full URLs

http://www.peronalcapital.com/ Page URL
http://taff2zc.com/trf?&o=RVsfpbotA4Ls9tTqTuMmK4oegJkGHO6EFKZ2PJJ5YTomdmSAGDg7Ap6CCKi09M7d1m6FY... Page URL
https://ww2.affinity.net/fly?no_capp=2&enk=ODc4OTN8MTE1fDF8NjA5NzN8MTY3NjcwNTg1MXwxfDF8MTE2ODM%3D Page URL
https://ww2.affinity.net/fly1?sid=87893&sa=115&p=1&s=60973&qt=1676705851&q=&rf=http%3A%2F%2Ftaff2zc.c... HTTP 302
https://personalcapital.sjv.io/c/95368/1287561/13439?subId1=cf8de23010aaea74bdb1de1ef62cef40 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fpersonalcapital.sjv.io%2Fc%2F95368%2F1287561%2F13439... HTTP 302
https://personalcapital.sjv.io/c/95368/1287561/13439?subId1=cf8de23010aaea74bdb1de1ef62cef40&level=1&srcref... HTTP 301
https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

21
Requests

76 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

309 kB
Transfer

647 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.peronalcapital.com/ Page URL
http://taff2zc.com/trf?&o=RVsfpbotA4Ls9tTqTuMmK4oegJkGHO6EFKZ2PJJ5YTomdmSAGDg7Ap6CCKi09M7d1m6FYFCn1QxdGZs50o03yqcIHgbmvQKddnlaalIJBjSObnohkBhWifcn6sd6u5%2BJJIJZGjPhCTNc4%2B%2F9ynwCSBe3jTFbVYczvj0bUcDA8JfT1A5NktIdp6JkBMbl4ozhnshmY0MiMNqeaTwO85%2FRspovqsSEAeQcjSyQZJf2T3%2FBRExyuXcRx%2F8K9eCO1%2FcqLZ2AX8%2B1zXOZOVTiJK7wQ3zxhwDwfPCpOJjwnA9qh20tAAOgK1cLpOuz4pIjwgBB1QxcGKk8pQ9MiK7lV%2Ff6ohWObmb7Rjch3jfGPQN6s1UMZnTI4BMbvSihmL42v1ukiXu0S9c5qDH6FxnFIqP%2BBowPsncwK3iz5TgpO4Y2Ruo%3D&c=21274242514518743934756&n=dV0DAz1C5nL7i1NV0CVSTZGGbNRIhJDvpvQvnzdaky48i0sguLzoPrb8aNYeVDunASrVvkA6yoUtp0J0Pd8riOBwrsskLce9DOpu3GBr8mRRn7RDE6p7f%2BtJm%2B5aGyJDhhnxCMZZ0TOrqhclZdIRJ6qWVLTAXf4m4uXO%2Fgt9g5si%2FWvk7TC7SRuDzaIwWQ0OeJ8etza0La9s3caMg%2FaTEzFwN2uPORPl2TzYZqDJwGqJ1ejvXXUG4fy937wWD47W%2Bb3Jxz6HfN%2B3boyXlqu42t41s7Hg1vCER%2FxqQ9SRF6w%2B5WvML%2FMKfWEZCP4r7%2FdB6GQltuKzCUUYxerH0tuFEmDGgK1LY7ABBRzRtgC5rKogPbmQhcxiim43rBZqruXz%2B%2BdEa2lL9T8U6MtGQjS%2Fus32hCB6e91nNA4WTd8QXKq0%2BLzsYkvsSQVVZC9bjA1j7tzoaen2oA8fwUC%2FRTni4w0GTlA8O5PyHoPMyzmw0QQC0dCIg2yovRjk9edXMYtV%2BdFm%2FjWsOTwK97No7HttqKtFRXceKq0drMnjep%2FZyRq1Jc8JqMLYIfromG14MBrl&kgp=0&jccheck=1 Page URL
https://ww2.affinity.net/fly?no_capp=2&enk=ODc4OTN8MTE1fDF8NjA5NzN8MTY3NjcwNTg1MXwxfDF8MTE2ODM%3D Page URL
https://ww2.affinity.net/fly1?sid=87893&sa=115&p=1&s=60973&qt=1676705851&q=&rf=http%3A%2F%2Ftaff2zc.com%2Ftrf%3F%26o%3DRVsfpbotA4Ls9tTqTuMmK4oegJkGHO6EFKZ2PJJ5YTomdmSAGDg7Ap6CCKi09M7d1m6FYFCn1QxdGZs50o03yqcIHgbmvQKddnlaalIJBjSObnohkBhWifcn6sd6u5%252BJJIJZGjPhCTNc4%252B%252F9ynwCSBe3jTFbVYczvj0bUcDA8JfT1A5NktIdp6JkBMbl4ozhnshmY0MiMNqeaTwO85%252FRspovqsSEAeQcjSyQZJf2T3%252FBRExyuXcRx%252F8K9eCO1%252FcqLZ2AX8%252B1zXOZOVTiJK7wQ3zxhwDwfPCpOJjwnA9qh20tAAOgK1cLpOuz4pIjwgBB1QxcGKk8pQ9MiK7lV%252Ff6ohWObmb7Rjch3jfGPQN6s1UMZnTI4BMbvSihmL42v1ukiXu0S9c5qDH6FxnFIqP%252BBowPsncwK3iz5TgpO4Y2Ruo%253D%26c%3D21274242514518743934756%26n%3DdV0DAz1C5nL7i1NV0CVSTZGGbNRIhJDvpvQvnzdaky48i0sguLzoPrb8aNYeVDunASrVvkA6yoUtp0J0Pd8riOBwrsskLce9DOpu3GBr8mRRn7RDE6p7f%252BtJm%252B5aGyJDhhnxCMZZ0TOrqhclZdIRJ6qWVLTAXf4m4uXO%252Fgt9g5si%252FWvk7TC7SRuDzaIwWQ0OeJ8etza0La9s3caMg%252FaTEzFwN2uPORPl2TzYZqDJwGqJ1ejvXXUG4fy937wWD47W%252Bb3Jxz6HfN%252B3boyXlqu42t41s7Hg1vCER%252FxqQ9SRF6w%252B5WvML%252FMKfWEZCP4r7%252FdB6GQltuKzCUUYxerH0tuFEmDGgK1LY7ABBRzRtgC5rKogPbmQhcxiim43rBZqruXz%252B%252BdEa2lL9T8U6MtGQjS%252Fus32hCB6e91nNA4WTd8QXKq0%252BLzsYkvsSQVVZC9bjA1j7tzoaen2oA8fwUC%252FRTni4w0GTlA8O5PyHoPMyzmw0QQC0dCIg2yovRjk9edXMYtV%252BdFm%252FjWsOTwK97No7HttqKtFRXceKq0drMnjep%252FZyRq1Jc8JqMLYIfromG14MBrl%26kgp%3D0%26jccheck%3D1&enc=&enk=ODc4OTN8MTE1fDF8NjA5NzN8MTY3NjcwNTg1MXwxfDF8MTE2ODM%3D&xsc=&xsp=&xsm=&xuc=&xcf=&xai=&qxcli=8dc23bf0fe5f1ae1&qxsi=a21bfa1c27e9c2a5&mk=1&sx=1600&sy=1200&bx=1600&by=1200&mx=0&my=0&ifm=0&ol=842850e09feeb40e5a47e2ee7a0634c2&tm=1676705852.6122&etm=1676705852.6183&ls=0&lbc=0&lac=0&cskey=pal08&ipspm=&no_capp=2 HTTP 302
https://personalcapital.sjv.io/c/95368/1287561/13439?subId1=cf8de23010aaea74bdb1de1ef62cef40 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Fpersonalcapital.sjv.io%2Fc%2F95368%2F1287561%2F13439%3FsubId1%3Dcf8de23010aaea74bdb1de1ef62cef40%26level%3D1%26srcref%3Dhttps%253A%252F%252Fww2.affinity.net%252F&cid=13439&tpsync=yes&auth=55481b8ef5fc91a7 HTTP 302
https://personalcapital.sjv.io/c/95368/1287561/13439?subId1=cf8de23010aaea74bdb1de1ef62cef40&level=1&srcref=https%3A%2F%2Fww2.affinity.net%2F&brwsr=1b1a5d6c-af5f-11ed-ba74-8fde2fa80ac1&brwsrsig=SUpSSPw-83U5z4N0WyX0JTYDw1r2aN HTTP 301
https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit HTTP 302
https://challenges.cloudflare.com/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
www.peronalcapital.com/ 7 KB
8 KB 823ms
776ms Document
text/html 199.191.50.184
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.peronalcapital.com/
Protocol: HTTP/1.1
Server: 199.191.50.184 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash: dfc6cbaf40b1e0655146dceff25feb2206531b3a2c20131f3cce0eac2839f58a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Cache-Control: private, no-cache
Connection: Keep-Alive
Content-Length: 7271
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Feb 2023 07:37:31 GMT
Expires: Mon, 22 Jul 2002 11:12:01 GMT
Keep-Alive: timeout=5, max=111
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAKX74ixpzVyXbJprcLfbH4psP4+L2entqri0lzh6pkAaXLPIcclv6DQBeJJjGFWrBIF6QMyFwXT5CCRyjS2penECAwEAAQ==_OyjqtrW3fOkP4oxx0fDYE73PzP0nKp23B8+XEk5guNRptOiTIDDQAjoJZl3H1jhyvT8WCyE59l8zWDRd/cP45g==

GET
H/1.1 200
OK px.js
www.peronalcapital.com/ 346 B
1 KB 46ms
45ms Script
application/javascript 199.191.50.184
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.peronalcapital.com/px.js?ch=1
Requested by: Host: www.peronalcapital.com
URL: http://www.peronalcapital.com/
Protocol: HTTP/1.1
Server: 199.191.50.184 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.peronalcapital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 07:37:31 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Server: Apache
ETag: "15a-5b952a63b81f1"
Content-Type: application/javascript
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 346

GET
H/1.1 200
OK px.js
www.peronalcapital.com/ 346 B
1 KB 56ms
49ms Script
application/javascript 199.191.50.184
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to

Full URL: http://www.peronalcapital.com/px.js?ch=2
Requested by: Host: www.peronalcapital.com
URL: http://www.peronalcapital.com/
Protocol: HTTP/1.1
Server: 199.191.50.184 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://www.peronalcapital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 18 Feb 2023 07:37:32 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 20 Jan 2021 10:45:10 GMT
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Server: Apache
ETag: "15a-5b952a63b81f1"
Content-Type: application/javascript
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=55
Content-Length: 346

GET
H/1.1 200
OK trf
taff2zc.com/ 4 KB
5 KB 270ms
190ms Document
text/html 208.91.196.46
CONFLUENCE-NETWOR...

General

Check archive.org

Show headers Download Go to

Full URL: http://taff2zc.com/trf?&o=RVsfpbotA4Ls9tTqTuMmK4oegJkGHO6EFKZ2PJJ5YTomdmSAGDg7Ap6CCKi09M7d1m6FYFCn1QxdGZs50o03yqcIHgbmvQKddnlaalIJBjSObnohkBhWifcn6sd6u5%2BJJIJZGjPhCTNc4%2B%2F9ynwCSBe3jTFbVYczvj0bUcDA8JfT1A5NktIdp6JkBMbl4ozhnshmY0MiMNqeaTwO85%2FRspovqsSEAeQcjSyQZJf2T3%2FBRExyuXcRx%2F8K9eCO1%2FcqLZ2AX8%2B1zXOZOVTiJK7wQ3zxhwDwfPCpOJjwnA9qh20tAAOgK1cLpOuz4pIjwgBB1QxcGKk8pQ9MiK7lV%2Ff6ohWObmb7Rjch3jfGPQN6s1UMZnTI4BMbvSihmL42v1ukiXu0S9c5qDH6FxnFIqP%2BBowPsncwK3iz5TgpO4Y2Ruo%3D&c=21274242514518743934756&n=dV0DAz1C5nL7i1NV0CVSTZGGbNRIhJDvpvQvnzdaky48i0sguLzoPrb8aNYeVDunASrVvkA6yoUtp0J0Pd8riOBwrsskLce9DOpu3GBr8mRRn7RDE6p7f%2BtJm%2B5aGyJDhhnxCMZZ0TOrqhclZdIRJ6qWVLTAXf4m4uXO%2Fgt9g5si%2FWvk7TC7SRuDzaIwWQ0OeJ8etza0La9s3caMg%2FaTEzFwN2uPORPl2TzYZqDJwGqJ1ejvXXUG4fy937wWD47W%2Bb3Jxz6HfN%2B3boyXlqu42t41s7Hg1vCER%2FxqQ9SRF6w%2B5WvML%2FMKfWEZCP4r7%2FdB6GQltuKzCUUYxerH0tuFEmDGgK1LY7ABBRzRtgC5rKogPbmQhcxiim43rBZqruXz%2B%2BdEa2lL9T8U6MtGQjS%2Fus32hCB6e91nNA4WTd8QXKq0%2BLzsYkvsSQVVZC9bjA1j7tzoaen2oA8fwUC%2FRTni4w0GTlA8O5PyHoPMyzmw0QQC0dCIg2yovRjk9edXMYtV%2BdFm%2FjWsOTwK97No7HttqKtFRXceKq0drMnjep%2FZyRq1Jc8JqMLYIfromG14MBrl&kgp=0&jccheck=1
Requested by: Host: www.peronalcapital.com
URL: http://www.peronalcapital.com/
Protocol: HTTP/1.1
Server: 208.91.196.46 , Virgin Islands (British), ASN40034 (CONFLUENCE-NETWORK-INC, VG),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Referer: http://www.peronalcapital.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Cache-Control: private, no-cache
Connection: Keep-Alive
Content-Length: 4594
Content-Type: text/html; charset=UTF-8
Date: Sat, 18 Feb 2023 07:37:32 GMT
Expires: Mon, 22 Jul 2002 11:12:01 GMT
Keep-Alive: timeout=5, max=99
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: Apache

GET
H/1.1 200
OK fly
ww2.affinity.net/ 8 KB
3 KB 199ms
45ms Document
text/html 216.139.248.127
HWSERVICES-32400

General

Check archive.org

Show headers Download Go to

Full URL: https://ww2.affinity.net/fly?no_capp=2&enk=ODc4OTN8MTE1fDF8NjA5NzN8MTY3NjcwNTg1MXwxfDF8MTE2ODM%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 216.139.248.127 , United States, ASN32400 (HWSERVICES-32400, US),
Reverse DNS: 216-139-248-127.aus.us.siteprotect.com
Software: nginx /
Resource Hash

Request headers

Referer: http://taff2zc.com/trf?&o=RVsfpbotA4Ls9tTqTuMmK4oegJkGHO6EFKZ2PJJ5YTomdmSAGDg7Ap6CCKi09M7d1m6FYFCn1QxdGZs50o03yqcIHgbmvQKddnlaalIJBjSObnohkBhWifcn6sd6u5%2BJJIJZGjPhCTNc4%2B%2F9ynwCSBe3jTFbVYczvj0bUcDA8JfT1A5NktIdp6JkBMbl4ozhnshmY0MiMNqeaTwO85%2FRspovqsSEAeQcjSyQZJf2T3%2FBRExyuXcRx%2F8K9eCO1%2FcqLZ2AX8%2B1zXOZOVTiJK7wQ3zxhwDwfPCpOJjwnA9qh20tAAOgK1cLpOuz4pIjwgBB1QxcGKk8pQ9MiK7lV%2Ff6ohWObmb7Rjch3jfGPQN6s1UMZnTI4BMbvSihmL42v1ukiXu0S9c5qDH6FxnFIqP%2BBowPsncwK3iz5TgpO4Y2Ruo%3D&c=21274242514518743934756&n=dV0DAz1C5nL7i1NV0CVSTZGGbNRIhJDvpvQvnzdaky48i0sguLzoPrb8aNYeVDunASrVvkA6yoUtp0J0Pd8riOBwrsskLce9DOpu3GBr8mRRn7RDE6p7f%2BtJm%2B5aGyJDhhnxCMZZ0TOrqhclZdIRJ6qWVLTAXf4m4uXO%2Fgt9g5si%2FWvk7TC7SRuDzaIwWQ0OeJ8etza0La9s3caMg%2FaTEzFwN2uPORPl2TzYZqDJwGqJ1ejvXXUG4fy937wWD47W%2Bb3Jxz6HfN%2B3boyXlqu42t41s7Hg1vCER%2FxqQ9SRF6w%2B5WvML%2FMKfWEZCP4r7%2FdB6GQltuKzCUUYxerH0tuFEmDGgK1LY7ABBRzRtgC5rKogPbmQhcxiim43rBZqruXz%2B%2BdEa2lL9T8U6MtGQjS%2Fus32hCB6e91nNA4WTd8QXKq0%2BLzsYkvsSQVVZC9bjA1j7tzoaen2oA8fwUC%2FRTni4w0GTlA8O5PyHoPMyzmw0QQC0dCIg2yovRjk9edXMYtV%2BdFm%2FjWsOTwK97No7HttqKtFRXceKq0drMnjep%2FZyRq1Jc8JqMLYIfromG14MBrl&kgp=0&jccheck=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html
Date: Sat, 18 Feb 2023 07:37:32 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H2

403

Primary Request get-started Show response
www.personalcapital.com/
Redirect Chain

https://ww2.affinity.net/fly1?sid=87893&sa=115&p=1&s=60973&qt=1676705851&q=&rf=http%3A%2F%2Ftaff2zc.com%2Ftrf%3F%26o%3DRVsfpbotA4Ls9tTqTuMmK4oegJkGHO6EFKZ2PJJ5YTomdmSAGDg7Ap6CCKi09M7d1m6FYFCn1QxdGZ...
https://personalcapital.sjv.io/c/95368/1287561/13439?subId1=cf8de23010aaea74bdb1de1ef62cef40
https://www.ojrq.net/p/?return=https%3A%2F%2Fpersonalcapital.sjv.io%2Fc%2F95368%2F1287561%2F13439%3FsubId1%3Dcf8de23010aaea74bdb1de1ef62cef40%26level%3D1%26srcref%3Dhttps%253A%252F%252Fww2.affinity...
https://personalcapital.sjv.io/c/95368/1287561/13439?subId1=cf8de23010aaea74bdb1de1ef62cef40&level=1&srcref=https%3A%2F%2Fww2.affinity.net%2F&brwsr=1b1a5d6c-af5f-11ed-ba74-8fde2fa80ac1&brwsrsig=SUp...
https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1

84 KB
39 KB

59ms
16ms

Document
text/html

104.16.198.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.198.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39afa8933949d02ada9c1bd06de28fe8217c0b7e9ae45fb5edce0a118f43ab08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://ww2.affinity.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-bypass: 1
cf-ray: 79b5191d9842192c-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 18 Feb 2023 07:37:33 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
date: Sat, 18 Feb 2023 07:37:32 GMT
expires: Sat, 18 Feb 2023 07:37:32 GMT
location: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
pragma: no-cache
via: 1.1 google

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
4ms Script
text/javascript 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.personalcapital.com
URL: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Feb 2023 06:47:24 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3009
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 18 Feb 2023 08:47:24 GMT

GET
H2 200 v1 Show response
www.personalcapital.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/ 122 KB
44 KB 14ms
13ms Script
application/javascript 104.16.198.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.personalcapital.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=79b5191d9842192c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.198.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c5d8340648b92d2944bb70c5ad3e55898aeaf4bad0a30e4554f7f2d4c33fb9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1&__cf_chl_rt_tk=D1ADMVO5yPVM5dpJQFHULjkzIONDbXEaFpyF9WQKrbM-1676705853-0-gaNycGzNC5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 07:37:33 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79b5191df87c192c-EWR
content-type: application/javascript; charset=UTF-8

GET
H2 200 transparent.gif
www.personalcapital.com/cdn-cgi/images/trace/captcha/js/ 42 B
219 B 8ms
8ms Image
image/gif 104.16.198.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.personalcapital.com/cdn-cgi/images/trace/captcha/js/transparent.gif?ray=79b5191d9842192c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.198.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1&__cf_chl_rt_tk=D1ADMVO5yPVM5dpJQFHULjkzIONDbXEaFpyF9WQKrbM-1676705853-0-gaNycGzNC5A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 07:37:33 GMT
x-content-type-options: nosniff
last-modified: Wed, 15 Feb 2023 14:30:42 GMT
server: cloudflare
etag: "63ecec92-2a"
x-frame-options: DENY
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 79b5191df87d192c-EWR
content-length: 42
expires: Sat, 18 Feb 2023 09:37:33 GMT

GET
DATA 200
OK truncated
/ 11 KB
11 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c95504653ba6ebd92dbf46dacb648a278d2d40d3f6b9ad21665456dea42de385

Request headers

Referer
Origin: https://www.personalcapital.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: application/octet-stream;charset=binary

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
213 B 19ms
18ms XHR
text/plain 2607:f8b0:4006:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1400514352&t=pageview&_s=1&dl=https%3A%2F%2Fwww.personalcapital.com%2Fget-started%3Firclickid%3DxIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0%26impact_partner%3DAffinity.%26impact_partnerID%3D95368%26utm_source%3DAffinity.%26utm_medium%3Daffiliate%26irgwc%3D1%26__cf_chl_rt_tk%3DD1ADMVO5yPVM5dpJQFHULjkzIONDbXEaFpyF9WQKrbM-1676705853-0-gaNycGzNC5A&dr=https%3A%2F%2Fww2.affinity.net%2F&ul=en-us&de=UTF-8&dt=Personal%20Capital&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAACAAI~&jid=380106950&gjid=685335258&cid=1677563392.1676705853&tid=UA-115165744-1&_gid=681507316.1676705853&_r=1&_slc=1&gtm=u2r&z=1886544478

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Feb 2023 07:37:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.personalcapital.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/g/6756a6af/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
https://challenges.cloudflare.com/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit

14 KB
5 KB

32ms
31ms

Script
application/javascript

2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit
Requested by: Host: www.personalcapital.com
URL: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1
Protocol: H2
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88552553af10ffa83f22bb8e02c1b88809c85181ce2e45d5827f479eec1e4be1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 07:37:33 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000
cf-ray: 79b5191ecd5c1760-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location: /turnstile/v0/g/6756a6af/api.js?onload=_cf_chl_turnstile_l&render=explicit
date: Sat, 18 Feb 2023 07:37:33 GMT
cache-control: max-age=300, public
server: cloudflare
cf-ray: 79b5191ead3b1760-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
vary: accept-encoding

POST
H2 200 096385d73a20d2e Show response
www.personalcapital.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9934196986159702:1676703930:0RElpmVnPnmYTPl1gMnt0_LmR1rYyXmAqcw5B_fc9mg/79b5191d9842192c/ 124 KB
68 KB 56ms
55ms XHR
text/plain 104.16.198.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.personalcapital.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9934196986159702:1676703930:0RElpmVnPnmYTPl1gMnt0_LmR1rYyXmAqcw5B_fc9mg/79b5191d9842192c/096385d73a20d2e

Requested by

Host: www.personalcapital.com
URL: https://www.personalcapital.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=79b5191d9842192c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.198.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d57bdf53ab9da8bcbcfe63fdfac1f54f4e90b4f494cbd53f5d0edc4456ff251

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
CF-Challenge: 096385d73a20d2e
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Feb 2023 07:37:33 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf_chl_gen: dLdYTl8wyJC71aBP1ozg0HTeSnFRTTNq5oalS4E9pxTw+8rMuLHAfjN6fCu7doVJuRuUj/1mPdIDv5+wOQxTYvbxJ0hbLfk6Ua5hTstmN41QGxhZXVlP0HH8djGrdCf6ICoez+Iz8tqnyA3eAJKCls2hI00Lq35jHztAnk9j+ca7MyRDAckC+21kinq8ZXnzEAvZjPnWuj2PdhiO01qH7u0Unfcha8ms1jE1rpXmGW6v1OFErQsDGRzy2g3xgRsO1/ZNSavQi8haapInt1/bTjr3NyM5mYKip2ej/0VFIrH3I2MRYm5Ws97U2eXi2lbPLLTYoQ0OR/S/Aaf+r3Re9IXxUNf1VNds2/Pm4wwNGtTWcMZx8uyvL7F4ri7WfRzvxnBEIxY4OKd5xSXap4WL7g==$UF1DfKIc+JxqOPu+qIzKKw==
server: cloudflare
cf-ray: 79b5191f3955192c-EWR
content-type: text/plain; charset=UTF-8

GET
H2 200 -41oMXCzhNoo5UJ
www.personalcapital.com/cdn-cgi/challenge-platform/h/g/img/79b5191d9842192c/1676705853325/ 61 B
142 B 14ms
12ms Image
image/png 104.16.198.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.personalcapital.com/cdn-cgi/challenge-platform/h/g/img/79b5191d9842192c/1676705853325/-41oMXCzhNoo5UJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.198.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b9a18be8be664802c078805b7132e575b657e5b7cd7073c07b4c203eeb5b0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 07:37:34 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 79b519242cee192c-EWR
content-type: image/png

GET
H2 401 090HBU1Jnets8rR Show response
www.personalcapital.com/cdn-cgi/challenge-platform/h/g/pat/79b5191d9842192c/1676705853332/efeffaf0b25c1e8cfdbcbb51fe4d3c7ac1f6a95206ce651089c4112c849c50b5/ 1 B
573 B 13ms
12ms Fetch
text/plain 104.16.198.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.personalcapital.com/cdn-cgi/challenge-platform/h/g/pat/79b5191d9842192c/1676705853332/efeffaf0b25c1e8cfdbcbb51fe4d3c7ac1f6a95206ce651089c4112c849c50b5/090HBU1Jnets8rR

Requested by

Host: www.peronalcapital.com
URL: http://www.peronalcapital.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.198.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 07:37:35 GMT
strict-transport-security: max-age=15552000
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20g7-_68LJcHoz9vLtR_k08esH2qVIGzmUQicQRLIScULUAF3d3dy5wZXJzb25hbGNhcGl0YWwuY29t, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArsA3as5W6Lg0XdMgVp9Sy0dbjXFhAyc3atwbVEOb5J4uV5P-Q3-habexaTHgGbGNdBcQo_2xIhgHjrmbwHXWLmBPfoqgY_cbRsU7XWexl2lOPNrLj3_nPhJwLg2_W9vY6-mROEQCcrPnpMBTRMhnu9NmwcNZyRtJQiMctl3qj4usg64q0tZbc3e4tDKv2WLTu0vG1_zN1jIetr4t-6H-zEk7aFtoLxwVVrO0J-W21X3rGzq70v-VLhVvZroBKCWIh0iI9156HA1lVsIyrL8CU9HZf1WyeiWWdenBbzb_E-heTChqDrkzKVLXgj1b-h7NWQ4iWO0DeKo7_FMUnVEZ5wIDAQAB, max-age=20
server: cloudflare
cf-ray: 79b5192bdb36192c-EWR
content-type: text/plain; charset=UTF-8

POST
H2 200 096385d73a20d2e Show response
www.personalcapital.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9934196986159702:1676703930:0RElpmVnPnmYTPl1gMnt0_LmR1rYyXmAqcw5B_fc9mg/79b5191d9842192c/ 5 KB
4 KB 33ms
31ms XHR
text/plain 104.16.198.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.personalcapital.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.9934196986159702:1676703930:0RElpmVnPnmYTPl1gMnt0_LmR1rYyXmAqcw5B_fc9mg/79b5191d9842192c/096385d73a20d2e

Requested by

Host: www.personalcapital.com
URL: https://www.personalcapital.com/cdn-cgi/challenge-platform/h/g/orchestrate/captcha/v1?ray=79b5191d9842192c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.198.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4219ef21a4867f2b0d4d5d64d703c5227529b591eb2daf94a9c5470691cdebc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
CF-Challenge: 096385d73a20d2e
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Feb 2023 07:37:35 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf_chl_gen: 6/sOAlleJBguVH6s7N/CaSEY20ttU2N5gtULZkYiaCQ=$wLlaPYBN0786u92hOp3ZFw==
server: cloudflare
cf-ray: 79b5192cdc0d192c-EWR
content-type: text/plain; charset=UTF-8

GET
H3 200 normal Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/0owi0/0x4AAAAAAAAjq6WYeRDKmebM/light/ Frame 7F76 19 KB
7 KB 30ms
29ms Document
text/html 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/0owi0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js?onload=_cf_chl_turnstile_l&render=explicit
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 218b111ea71c92d90b476f355fe021636097db3ea7103363fce6962152b6c20f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, must-revalidate
cf-ray: 79b5192d4f39c454-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: cross-origin
date: Sat, 18 Feb 2023 07:37:35 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
server: cloudflare

GET
H3 200 v1 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame 7F76 127 KB
46 KB 15ms
14ms Script
application/javascript 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=79b5192d4f39c454
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/0owi0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7289dc8170651b903fdf5e67da40bf0e9905fc80103e9ca251c2c79a14eb7b35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/0owi0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 07:37:35 GMT
cache-control: max-age=0, must-revalidate
content-encoding: br
server: cloudflare
cf-ray: 79b5192d9f93c454-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: application/javascript; charset=UTF-8

POST
H3 200 b7fcfca93c32e40 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.10991975733907541:1676703951:cVKVb54BmGkslwQyvK448oTa3cVgrL3B2alXMlqBp9U/79b5192d4f39c454/ Frame 7F76 61 KB
36 KB 37ms
36ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.10991975733907541:1676703951:cVKVb54BmGkslwQyvK448oTa3cVgrL3B2alXMlqBp9U/79b5192d4f39c454/b7fcfca93c32e40
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=79b5192d4f39c454
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e141cf51a213d4514b2f74c7c988327bbb1a11979b05d7b09a1cdf0c4c3a341e

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/0owi0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
CF-Challenge: b7fcfca93c32e40
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Feb 2023 07:37:35 GMT
content-encoding: br
cf_chl_gen: 7hlfd6WwU9hIIbISvGPvF5UNXZsgPaqcJFJ+p+88oFO8++3UuPCU0uFXWjvb4s1sDf61D4nxyxjxFkW/qaC05ct8GthKqPV+C48TRIgMeUDENFLAIvc03Szb45zC8bA1Mt1hGJCWwILHcCc+xE3V4TngCCHZHgMerID9EEUdbdyKgE9jKQ/o/t4Q2hWvYOzIf28smxGqjFbHqQwCsWk4AP9WtkWY+kXNF6B90Ub5CXZbuxF2hGXpUbsUnv4JzDXNczP1WvA6prxZQmmypUAAcbrtbQ5RXqdv/dz9FpQcc/8=$e5Unz6blXFAlNN1OArsURw==
server: cloudflare
cf-ray: 79b5192ea90dc454-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 DQI-0P74yj5ayjT
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/79b5192d4f39c454/1676705855798/ Frame 7F76 61 B
166 B 13ms
13ms Image
image/png 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/79b5192d4f39c454/1676705855798/DQI-0P74yj5ayjT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f4aa99be6162ccb222c3682ce971a80ac812480e7a3948c897359497fba1905

Request headers

accept-language: en-US,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/0owi0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 07:37:35 GMT
server: cloudflare
cf-ray: 79b5192f39bdc454-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/png

GET
H3 401 RIN-hiET35ElvAv Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/79b5192d4f39c454/1676705855801/c3917ded111986bf1dfec68c6a4fd4b96588af06c027687fa21873965fb58edf/ Frame 7F76 1 B
645 B 18ms
17ms Fetch
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/79b5192d4f39c454/1676705855801/c3917ded111986bf1dfec68c6a4fd4b96588af06c027687fa21873965fb58edf/RIN-hiET35ElvAv
Requested by: Host: www.peronalcapital.com
URL: http://www.peronalcapital.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/0owi0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 07:37:36 GMT
www-authenticate: PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gw5F97REZhr8d_saMak_UuWWIrwbAJ2h_ohhzll-1jt8AGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEArsA3as5W6Lg0XdMgVp9Sy0dbjXFhAyc3atwbVEOb5J4uV5P-Q3-habexaTHgGbGNdBcQo_2xIhgHjrmbwHXWLmBPfoqgY_cbRsU7XWexl2lOPNrLj3_nPhJwLg2_W9vY6-mROEQCcrPnpMBTRMhnu9NmwcNZyRtJQiMctl3qj4usg64q0tZbc3e4tDKv2WLTu0vG1_zN1jIetr4t-6H-zEk7aFtoLxwVVrO0J-W21X3rGzq70v-VLhVvZroBKCWIh0iI9156HA1lVsIyrL8CU9HZf1WyeiWWdenBbzb_E-heTChqDrkzKVLXgj1b-h7NWQ4iWO0DeKo7_FMUnVEZ5wIDAQAB, max-age=20
server: cloudflare
cf-ray: 79b5193598f6c454-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

POST
H3 200 b7fcfca93c32e40 Show response
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.10991975733907541:1676703951:cVKVb54BmGkslwQyvK448oTa3cVgrL3B2alXMlqBp9U/79b5192d4f39c454/ Frame 7F76 11 KB
8 KB 46ms
35ms XHR
text/plain 2606:4700::6812:6b9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/0.10991975733907541:1676703951:cVKVb54BmGkslwQyvK448oTa3cVgrL3B2alXMlqBp9U/79b5192d4f39c454/b7fcfca93c32e40
Requested by: Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=79b5192d4f39c454
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:6b9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4309324defacf571ee99fbe3894e30477756fb2eb291b501a3da5d3c3b43b17

Request headers

Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/0owi0/0x4AAAAAAAAjq6WYeRDKmebM/light/normal
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
CF-Challenge: b7fcfca93c32e40
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 18 Feb 2023 07:37:37 GMT
content-encoding: br
cf_chl_gen: p5Dbs6MIpKLvhMWyHFu4Ctcbk/lC7VGXo9x5RcujaZc=$/usfD/CKX7kdCR8VH05cuw==
server: cloudflare
cf-ray: 79b519394d3cc454-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.www.peronalcapital.com/	1970-01-20 19:21:05	Name: vsid Value: 927vr4242514512543934
www.peronalcapital.com/	1969-12-31 23:59:59	Name: jscookiecheck Value: 1
taff2zc.com/	1970-01-20 09:46:32	Name: __bbck Value: f665f6aa1f185f2649618fee1f4440ec
.ojrq.net/	1970-01-20 19:21:05	Name: brwsr Value: 1b1a5d6c-af5f-11ed-ba74-8fde2fa80ac1
.sjv.io/	1970-01-20 19:21:05	Name: brwsr Value: 1b1a5d6c-af5f-11ed-ba74-8fde2fa80ac1
personalcapital.sjv.io/	1970-01-20 14:04:17	Name: irld Value: L0yb0ZJSnq2Fy06kw8yX62VBIU%3AX1raxvW1t%3AUirVt2124Sux
.personalcapital.com/	1970-01-20 19:21:05	Name: _ga Value: GA1.2.1677563392.1676705853
.personalcapital.com/	1970-01-20 09:46:32	Name: _gid Value: GA1.2.681507316.1676705853
.personalcapital.com/	1970-01-20 09:45:05	Name: _gat_gtag_UA_115165744_1 Value: 1
.challenges.cloudflare.com/	1970-01-20 09:45:07	Name: __cf_bm Value: hShiqHxtaTAZhaABFPW8nfCAcEQp.WzWedb6T4f3GL8-1676705853-0-AVO/p2loyQHHyPu9gOJEIsin0krh0EtmjPTUgnDdvfL2/3KZslrh0mcZDqiOXr0xqVXQoFJVtPPUh8gDrYdNCSg=

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://www.personalcapital.com/get-started?irclickid=xIG1dIW9CxyNTJYU6H2-M0LxUkAyGVzc1TiOUg0&impact_partner=Affinity.&impact_partnerID=95368&utm_source=Affinity.&utm_medium=affiliate&irgwc=1 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.personalcapital.com/cdn-cgi/challenge-platform/h/g/pat/79b5191d9842192c/1676705853332/efeffaf0b25c1e8cfdbcbb51fe4d3c7ac1f6a95206ce651089c4112c849c50b5/090HBU1Jnets8rR Message: Failed to load resource: the server responded with a status of 401 ()
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/79b5192d4f39c454/1676705855801/c3917ded111986bf1dfec68c6a4fd4b96588af06c027687fa21873965fb58edf/RIN-hiET35ElvAv Message: Failed to load resource: the server responded with a status of 401 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

challenges.cloudflare.com
personalcapital.sjv.io
taff2zc.com
ww2.affinity.net
www.google-analytics.com
www.ojrq.net
www.peronalcapital.com
www.personalcapital.com
104.16.198.137
199.191.50.184
208.91.196.46
216.139.248.127
2606:4700::6812:6b9
2607:f8b0:4006:816::200e
34.95.127.121
35.227.211.136
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
218b111ea71c92d90b476f355fe021636097db3ea7103363fce6962152b6c20f
39afa8933949d02ada9c1bd06de28fe8217c0b7e9ae45fb5edce0a118f43ab08
3f4aa99be6162ccb222c3682ce971a80ac812480e7a3948c897359497fba1905
4219ef21a4867f2b0d4d5d64d703c5227529b591eb2daf94a9c5470691cdebc3
4d57bdf53ab9da8bcbcfe63fdfac1f54f4e90b4f494cbd53f5d0edc4456ff251
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6b9a18be8be664802c078805b7132e575b657e5b7cd7073c07b4c203eeb5b0ee
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
7289dc8170651b903fdf5e67da40bf0e9905fc80103e9ca251c2c79a14eb7b35
7c5d8340648b92d2944bb70c5ad3e55898aeaf4bad0a30e4554f7f2d4c33fb9f
88552553af10ffa83f22bb8e02c1b88809c85181ce2e45d5827f479eec1e4be1
c95504653ba6ebd92dbf46dacb648a278d2d40d3f6b9ad21665456dea42de385
dfc6cbaf40b1e0655146dceff25feb2206531b3a2c20131f3cce0eac2839f58a
e141cf51a213d4514b2f74c7c988327bbb1a11979b05d7b09a1cdf0c4c3a341e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4309324defacf571ee99fbe3894e30477756fb2eb291b501a3da5d3c3b43b17

www.personalcapital.com Open in urlscan Pro 104.16.198.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

21 Requests

76 %HTTPS

25 %IPv6

8 Domains

8 Subdomains

7 IPs

3 Countries

309 kBTransfer

647 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

10 Cookies

5 Console Messages

Indicators

www.personalcapital.com Open in urlscan Pro
104.16.198.137 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

76 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

7
IPs

3
Countries

309 kB
Transfer

647 kB
Size

10
Cookies

21 HTTP transactions
1 data transactions