urlscan.io logo urlscan.io
SecurityTrails logo

secure05.principal.com Open in urlscan Pro
206.195.196.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.e.principal.com/?qs=27161d731e8806683cb9ccd1bd5085ec682d58c0af84aecb078c0d4f2222eaece4959a4e896da20ef9db7e9afbc0...
Effective URL: https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhb...
Submission: On April 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 9 HTTP transactions. The main IP is 206.195.196.168, located in United States and belongs to PFG-ASN-1, US. The main domain is secure05.principal.com. The Cisco Umbrella rank of the primary domain is 60603.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on December 18th 2023. Valid for: a year.
This is the only time secure05.principal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.111.45.50 14340 (SALESFORCE)
1 1 2620:12a:8000::2 54113 (FASTLY)
2 206.195.196.168 26848 (PFG-ASN-1)
3 2.19.120.11 20940 (AKAMAI-ASN1)
4 3.212.174.62 14618 (AMAZON-AES)
9 3
1    13.111.45.50 (United States)

ASN14340 (SALESFORCE, US)
PTR: click.e.principal.com
click.e.principal.com
1    2620:12a:8000::2 (United States)

ASN54113 (FASTLY, US)
www.principal.com
2    206.195.196.168 (United States)

ASN26848 (PFG-ASN-1, US)
PTR: secure05.principal.com
secure05.principal.com
3    2.19.120.11 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-120-11.deploy.static.akamaitechnologies.com
www.principalcdn.com
4    3.212.174.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-174-62.compute-1.amazonaws.com
lib-us-1.brilliantcollector.com
Apex Domain
Subdomains		 Transfer
4 brilliantcollector.com
lib-us-1.brilliantcollector.com — Cisco Umbrella Rank: 18694
608 B
4 principal.com
click.e.principal.com — Cisco Umbrella Rank: 118786
www.principal.com — Cisco Umbrella Rank: 74922
secure05.principal.com — Cisco Umbrella Rank: 60603
9 KB
3 principalcdn.com
www.principalcdn.com — Cisco Umbrella Rank: 51718
62 KB
9 3
Domain Requested by
4 lib-us-1.brilliantcollector.com www.principalcdn.com
3 www.principalcdn.com secure05.principal.com
2 secure05.principal.com
1 www.principal.com 1 redirects
1 click.e.principal.com 1 redirects
9 5

This site contains no links.

Subject Issuer Validity Valid
secure05.principal.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-18 -
2024-12-17		 a year crt.sh
www.principalcdn.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-07-10		 a year crt.sh
*.brilliantcollector.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-08 -
2025-04-16		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink
Frame ID: 8D6BA202CB084517192139E3D1D5BB0C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

404 - File or directory not found.

Page URL History Show full URLs

  1. https://click.e.principal.com/?qs=27161d731e8806683cb9ccd1bd5085ec682d58c0af84aecb078c0d4f2222eaece4959a4e... HTTP 302
    https://www.principal.com/welcome?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&ut... HTTP 301
    https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&... Page URL

Page Statistics

9
Requests

100 %
HTTPS

20 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

70 kB
Transfer

217 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.e.principal.com/?qs=27161d731e8806683cb9ccd1bd5085ec682d58c0af84aecb078c0d4f2222eaece4959a4e896da20ef9db7e9afbc0476f2cc56ad05e09b53bef3c30b88014c046 HTTP 302
    https://www.principal.com/welcome?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&mid=7304377 HTTP 301
    https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure05.principal.com/pension/welcome/
Redirect Chain
  • https://click.e.principal.com/?qs=27161d731e8806683cb9ccd1bd5085ec682d58c0af84aecb078c0d4f2222eaece4959a4e896da20ef9db7e9afbc0476f2cc56ad05e09b53bef3c30b88014c046
  • https://www.principal.com/welcome?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=Wel...
  • https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&utm_source=SFMC&ut...
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.195.196.168 , United States, ASN26848 (PFG-ASN-1, US),
Reverse DNS
secure05.principal.com
Software
/
Resource Hash
4adb8b652151423fda0e5b8b96b8dc00b414ecbcb10661c5aa645839fea3dc6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Allow
GET,POST
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Mon, 22 Apr 2024 16:05:24 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
pfg-js-injection
true
x-oag-host
535e177daf7f5b26485899462bbb8e420bf6bdaa5bea328bc6a80c77ef01e23c
x-xss-protection
1

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
age
60
cache-control
public, max-age=86400
content-language
en
content-length
1594
content-type
text/html; charset=UTF-8
date
Mon, 22 Apr 2024 16:05:24 GMT
location
https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink
server
nginx
strict-transport-security
max-age=31622400; includeSubDomains; preload
vary
Origin, Cookie, Cookie
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, MISS, MISS, MISS
x-cache-hits
2, 0, 0, 0
x-content-type-options
nosniff
x-drupal-cache
MISS
x-forwarded-for
2a02:6ea0:c71b:0:1012:60d3:b0b8:fe8b
x-frame-options
SAMEORIGIN
x-generator
Drupal 10 (https://www.drupal.org)
x-pantheon-styx-hostname
styx-fe2-a-7d9c76749d-t244p
x-pre-strip-debug
utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink
x-real-client-ip
2a02:6ea0:c71b:0:1012:60d3:b0b8:fe8b
x-redirect-id
1490
x-served-by
cache-chi-kigq8000091-CHI, cache-fra-etou8220096-FRA, cache-fra-eddf8230066-FRA, cache-fra-eddf8230066-FRA
x-styx-req-id
fc80d4a3-00c1-11ef-93c2-66bc493bf3ef
x-timer
S1713801924.891891,VS0,VE113
sessionTimer.min.css
www.principalcdn.com/css/principal-design-system/sessionTimer/v2/ 		35 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.principalcdn.com/css/principal-design-system/sessionTimer/v2/sessionTimer.min.css
Requested by
Host: secure05.principal.com
URL: https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.120.11 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-120-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
eda2154e32f0c37ca6bd121f4542bf8df7a13f89ac9934c78986d09e0e7bf09a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://secure05.principal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
nj3XYkYFvSHnxanQYscPDhWnJM.eoRiW
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Apr 2024 16:05:25 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
content-length
4217
last-modified
Fri, 22 Mar 2024 06:08:22 GMT
server
AmazonS3
etag
W/"0bff13c4336ea96a43b81a4905642a9b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=54662
x-amz-cf-id
1PajyLqDh-bupSXCx3f78cuxz5_iu6XHUSMglmAM7nV2Md4QE6GyPQ==
expires
Tue, 23 Apr 2024 07:16:27 GMT
sessionTimer.min.js
www.principalcdn.com/css/principal-design-system/sessionTimer/v2/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.principalcdn.com/css/principal-design-system/sessionTimer/v2/sessionTimer.min.js
Requested by
Host: secure05.principal.com
URL: https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.120.11 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-120-11.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0e58ab2abd2ceb9fe4867e7929ce70c0e1db6eacc1b8c2c2be0bf9a26520ebeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://secure05.principal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
xGQNln7_qePDC4JFITKdN2qBqBAcParf
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 22 Apr 2024 16:05:25 GMT
strict-transport-security
max-age=31536000; includeSubdomains; preload
x-amz-cf-pop
FRA56-P12
x-amz-server-side-encryption
AES256
content-length
6185
last-modified
Fri, 22 Mar 2024 06:08:26 GMT
server
AmazonS3
etag
W/"662168ab35b1da52d339cb3a4a9306b9"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=36778
x-amz-cf-id
7D2UoE8wKKX8hjPkROfU1UGF1TJ4fWKOzLbV_Rg5B6pmgm7YTKqKdg==
expires
Tue, 23 Apr 2024 02:18:23 GMT
tealeaf-uic-saas-external.js
www.principalcdn.com/shared/tealeaf/current/ 		157 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.principalcdn.com/shared/tealeaf/current/tealeaf-uic-saas-external.js
Requested by
Host: secure05.principal.com
URL: https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.120.11 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-120-11.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
38c135bb2d4d63d12d6150685e939af02a94a3541a68a593b8525ae2fe2426c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://secure05.principal.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 16:05:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains; preload
last-modified
Thu, 18 Jan 2024 17:39:58 GMT
etag
"7543665b354ada1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=28800
accept-ranges
bytes
content-length
52052
x-xss-protection
1
expires
Tue, 23 Apr 2024 00:05:25 GMT
22aedb6cc84945a1a7e23786ac308ed5
lib-us-1.brilliantcollector.com/collector/switch/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lib-us-1.brilliantcollector.com/collector/switch/22aedb6cc84945a1a7e23786ac308ed5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.174.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-174-62.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://secure05.principal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET
access-control-allow-origin
https://secure05.principal.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 22 Apr 2024 16:05:26 GMT
server
istio-envoy
vary
Accept-Encoding,Origin
x-envoy-upstream-service-time
1
22aedb6cc84945a1a7e23786ac308ed5
lib-us-1.brilliantcollector.com/collector/switch/ 		1 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lib-us-1.brilliantcollector.com/collector/switch/22aedb6cc84945a1a7e23786ac308ed5
Requested by
Host: www.principalcdn.com
URL: https://www.principalcdn.com/shared/tealeaf/current/tealeaf-uic-saas-external.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.174.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-174-62.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://secure05.principal.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 22 Apr 2024 16:05:26 GMT
dcname
prod-dal
server
istio-envoy
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://secure05.principal.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
nodeid
wscollector-589c5b8897-8htbb
content-length
1
favicon.ico
secure05.principal.com/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secure05.principal.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
206.195.196.168 , United States, ASN26848 (PFG-ASN-1, US),
Reverse DNS
secure05.principal.com
Software
/
Resource Hash
0c48bc58afcf346f8c8ae1a736d319018ceac3925fb06443f83a9554d26eda65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Date
Mon, 22 Apr 2024 16:05:25 GMT
Last-Modified
Mon, 14 Mar 2016 14:09:16 GMT
ETag
"7818fe17fb7dd11:0"
Content-Type
image/x-icon
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286
x-xss-protection
1
collectorPost
lib-us-1.brilliantcollector.com/collector/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.174.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-174-62.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Access-Control-Request-Method
POST
Origin
https://secure05.principal.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-methods
POST
access-control-allow-origin
https://secure05.principal.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
date
Mon, 22 Apr 2024 16:05:26 GMT
server
istio-envoy
vary
Accept-Encoding,Origin
x-envoy-upstream-service-time
1
collectorPost
lib-us-1.brilliantcollector.com/collector/ 		38 B
362 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lib-us-1.brilliantcollector.com/collector/collectorPost
Requested by
Host: www.principalcdn.com
URL: https://www.principalcdn.com/shared/tealeaf/current/tealeaf-uic-saas-external.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.174.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-174-62.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Content-Encoding
gzip
X-Tealeaf-SyncXHR
false
Accept-Language
de-DE,de;q=0.9;q=0.9
X-Tealeaf-MessageTypes
1,2,5,12,14
X-Tealeaf-SaaS-AppKey
22aedb6cc84945a1a7e23786ac308ed5
X-Tealeaf-SaaS-TLTSID
42189839786267927222003797220558
X-Requested-With
fetch
sec-ch-ua-platform
"Win32"
X-Tealeaf
device (UIC) Lib/6.0.0.1960
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://secure05.principal.com/
X-TealeafType
GUI
X-PageId
P.DRQM29NP3YPFH9MPALAFBRRVE6JW
X-TeaLeaf-Page-Url
/pension/welcome/

Response headers

date
Mon, 22 Apr 2024 16:05:26 GMT
dcname
prod-dal
server
istio-envoy
vary
Accept-Encoding,Origin
content-type
application/json
access-control-allow-origin
https://secure05.principal.com
cache-control
no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
tltsid
42189839786267927222003797220558
nodeid
wscollector-589c5b8897-8htbb
content-length
38
expires
Fri, 31 Dec 1998 12:00:00 GMT

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| tot object| pako object| TLT object| payload

8 Cookies

Domain/Path Name / Value
.principal.com/ Name: RANDOM_ID
Value: dd240fa0f1534c28b9340c93ea548e5d
.principal.com/ Name: pfgstatcookie
Value:
.principal.com/ Name: gauser
Value:
secure05.principal.com/ Name: BIGipServerokta-ig-prod-pool
Value: !/NtTJGCazCsqG4tymQpKz5fLyDUicbAjnzlH0xO4shlYU4+ytkAf9Oax2NLhTb521p7efa8iMFmfjjs=
.secure05.principal.com/ Name: TS01f1f192
Value: 015029931588b68a035570f2b8c2bcd303b781d08dd539e660ad54862f01b2d92c530bc6bbe557761dc3e2d22acbe59a21c0f6ebf9
.principal.com/ Name: TS01f28333
Value: 015029931588b68a035570f2b8c2bcd303b781d08dd539e660ad54862f01b2d92c530bc6bbe557761dc3e2d22acbe59a21c0f6ebf9
.principal.com/ Name: PFGTLTSID
Value: 42189839786267927222003797220558
secure05.principal.com/ Name: BIGipServerrp-secure05-any
Value: !T3a3ZPRrCezdOCVymQpKz5fLyDUicdfRMTQfKEw6qBRwFyfnYGLcQe7i6b2rrYoqPvfFRACt6g==

1 Console Messages

Source Level URL
Text
network error URL: https://secure05.principal.com/pension/welcome/?j=382807&sfmc_sub=40851108&l=16_HTML&u=5592216&mid=7304377&jb=231&sub_key=YXVhbGtiMjAxY29pMDAzNWEwMDAwMmRyUHBTQUFVOThlaW9lem1maGpr&utm_source=SFMC&utm_medium=email&utm_campaign=RIS_LM_IND_T_O_Q2rwsNonPPT_E1_TestC&utm_content=WelcomeWebsite_CTA3textlink
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1