ews.finra.org Open in urlscan Pro
2606:4700::6812:17ec Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request
Effective URL:
https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&categ...
Submission: On March 18 via api (March 18th 2022, 5:54:18 am UTC) from CH — Scanned from DE

Summary HTTP 35 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 5 domains to perform 35 HTTP transactions. The main IP is 2606:4700::6812:17ec, located in United States and belongs to CLOUDFLARENET, US. The main domain is ews.finra.org. The Cisco Umbrella rank of the primary domain is 186339.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 4th 2022. Valid for: a year.

This is the only time ews.finra.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2606:4700::68... 2606:4700::6812:680	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400e:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
8	104.109.59.42 104.109.59.42	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:b60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6812:17ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	8

5 2606:4700::6812:680 (United States)

ASN13335 (CLOUDFLARENET, US)

gateway.finra.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.109.59.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-59-42.deploy.static.akamaitechnologies.com

cdn.walkme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b60 (United States)

ASN13335 (CLOUDFLARENET, US)

api.gateway.finra.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:17ec (United States)

ASN13335 (CLOUDFLARENET, US)

ews.finra.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	finra.org gateway.finra.org — Cisco Umbrella Rank: 289701 api.gateway.finra.org — Cisco Umbrella Rank: 329703 ews.finra.org — Cisco Umbrella Rank: 186339	476 KB
8	walkme.com cdn.walkme.com — Cisco Umbrella Rank: 1555	512 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	43 KB
35	5

	Domain	Requested by
14	ews.finra.org	gateway.finra.org ews.finra.org
8	cdn.walkme.com	gateway.finra.org cdn.walkme.com
5	gateway.finra.org	gateway.finra.org
3	www.google-analytics.com	www.googletagmanager.com gateway.finra.org
2	fonts.googleapis.com	gateway.finra.org
1	api.gateway.finra.org	gateway.finra.org
1	www.googletagmanager.com	gateway.finra.org
35	7

This site contains links to these domains. Also see Links.

Domain
www.finra.org

Subject Issuer	Validity	Valid
gateway.finra.org Cloudflare Inc ECC CA-3	`2022-02-04` - `2023-02-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
walkme.com DigiCert SHA2 Secure Server CA	`2021-11-03` - `2022-05-26`	7 months	crt.sh
api.gateway.finra.org Cloudflare Inc ECC CA-3	`2022-02-04` - `2023-02-03`	a year	crt.sh
ews.finra.org Cloudflare Inc ECC CA-3	`2022-02-04` - `2023-02-03`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
Frame ID: E6CA37FB38DDF24B5A2A3EC8BF3DEEC2
Requests: 32 HTTP requests in this frame

Frame: https://cdn.walkme.com/player/lib/20220310-082701-360c03ad-387cd133.br/resources/CD/cdHiddenIframeScript.js
Frame ID: 6E64E68290B440E8C4F4D509ACF3C2D6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.walkme.com/player/lib/20220310-082701-360c03ad-387cd133.br/resources/CD/CDhiddenIframe.compress.html
Frame ID: F0C036E2DEF6820EE6B6C64B52213F5B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FINRA: Login

Page URL History Show full URLs

https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request Page URL
https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?req... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

97 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

8
IPs

3
Countries

1054 kB
Transfer

3902 kB
Size

9
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.finra.org/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.finra.org/industry/finra-entitlement-program-agreement-and-terms-use/
Title: Entitlement Program Terms of Use

Search URL Search Domain Scan URL

URL: http://www.finra.org/entitlement/agreementandtermsofuse
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.finra.org/trademarks
Title: Legal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request Page URL
https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
gateway.finra.org/app/work-management/ 3 KB
2 KB 457ms
422ms Document
text/html 2606:4700::6812:680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:680 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80c72e35f559756548fc545b0b9b07bf80dbe7c6bea5369400e7af1520879d8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.walkme.com https://.finra.org .googletagmanager.com .google-analytics.com tagmanager.google.com .google.com .gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://.walkme.com https://.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://.finra.org .google-analytics.com .gstatic.com https://.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://.walkme.com fonts.gstatic.com data:; connect-src 'self' .google-analytics.com .googleapis.com .googletagmanager.com https://.finra.org https://.walkme.com .splunkcloud.com https://.amazonaws.com; frame-src 'self' https://.finra.org https://.walkme.com .google.com blob:; frame-ancestors 'self' https://.finra.org; worker-src 'self' blob: https://.walkme.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 18 Mar 2022 05:54:14 GMT
content-type: text/html
last-modified: Tue, 15 Mar 2022 01:01:10 GMT
x-amz-server-side-encryption: AES256
cache-control: no-cache,no-store,must-revalidate
vary: Accept-Encoding Origin
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self' https://*.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.walkme.com https://*.finra.org *.googletagmanager.com *.google-analytics.com tagmanager.google.com *.google.com *.gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://*.walkme.com https://*.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://*.finra.org *.google-analytics.com *.gstatic.com https://*.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.walkme.com fonts.gstatic.com data:; connect-src 'self' *.google-analytics.com *.googleapis.com *.googletagmanager.com https://*.finra.org https://*.walkme.com *.splunkcloud.com https://*.amazonaws.com; frame-src 'self' https://*.finra.org https://*.walkme.com *.google.com blob:; frame-ancestors 'self' https://*.finra.org; worker-src 'self' blob: https://*.walkme.com ;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Error from cloudfront
via: 1.1 52102486f97ad6ff39f81538f01349aa.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: 8by-D0hv29CTXVrRjsHoEOLyQvwmp9XfbR_-2SpHMCtYcU7F4ko2Jw==
age: 276453
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6edbb665eb1a68e9-FRA
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 57ms
20ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 04:54:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 05:54:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 05:54:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
719 B 58ms
22ms Stylesheet
text/css 2a00:1450:400e:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2584a3fca129c129b47e330a3366aebb91d0bb913d86a1b8d8caf4aea17f76b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 04:22:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Mar 2022 05:54:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Mar 2022 05:54:14 GMT

GET
H2 200 styles.css
gateway.finra.org/app/ 117 KB
15 KB 58ms
57ms Stylesheet
text/css 2606:4700::6812:680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway.finra.org/app/styles.css

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:680 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e10cab2168077216c37a5ab0192207ee6bad709e6424d15e2c6f77848daf4f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.walkme.com https://.finra.org .googletagmanager.com .google-analytics.com tagmanager.google.com .google.com .gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://.walkme.com https://.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://.finra.org .google-analytics.com .gstatic.com https://.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://.walkme.com fonts.gstatic.com data:; connect-src 'self' .google-analytics.com .googleapis.com .googletagmanager.com https://.finra.org https://.walkme.com .splunkcloud.com https://.amazonaws.com; frame-src 'self' https://.finra.org https://.walkme.com .google.com blob:; frame-ancestors 'self' https://.finra.org; worker-src 'self' blob: https://.walkme.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:14 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
age: 275964
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Mar 2022 01:01:06 GMT
server: cloudflare
etag: W/"abe2a383c21234a0c9eea129deeb1983"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: 1.1 552d1a24616d6b8d6e3fbbdf18a54b6a.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' https://*.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.walkme.com https://*.finra.org *.googletagmanager.com *.google-analytics.com tagmanager.google.com *.google.com *.gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://*.walkme.com https://*.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://*.finra.org *.google-analytics.com *.gstatic.com https://*.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.walkme.com fonts.gstatic.com data:; connect-src 'self' *.google-analytics.com *.googleapis.com *.googletagmanager.com https://*.finra.org https://*.walkme.com *.splunkcloud.com https://*.amazonaws.com; frame-src 'self' https://*.finra.org https://*.walkme.com *.google.com blob:; frame-ancestors 'self' https://*.finra.org; worker-src 'self' blob: https://*.walkme.com ;
x-amz-cf-pop: AMS50-C1
cf-ray: 6edbb668bf7468e9-FRA
x-amz-cf-id: C-qiAsNrt-HclMYPFQPbOhdlI_HUuTpMQoSzzI54awRs-uqp44sUfA==

GET
H2 200 ag-grid-styles.css
gateway.finra.org/app/ 128 KB
22 KB 55ms
55ms Stylesheet
text/css 2606:4700::6812:680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway.finra.org/app/ag-grid-styles.css

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:680 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e82c6f6b7742051b061c0d331e2f05160ed6f858417e486c92c1c840e3c3f181

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.walkme.com https://.finra.org .googletagmanager.com .google-analytics.com tagmanager.google.com .google.com .gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://.walkme.com https://.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://.finra.org .google-analytics.com .gstatic.com https://.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://.walkme.com fonts.gstatic.com data:; connect-src 'self' .google-analytics.com .googleapis.com .googletagmanager.com https://.finra.org https://.walkme.com .splunkcloud.com https://.amazonaws.com; frame-src 'self' https://.finra.org https://.walkme.com .google.com blob:; frame-ancestors 'self' https://.finra.org; worker-src 'self' blob: https://.walkme.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:14 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
age: 275909
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Mar 2022 01:01:06 GMT
server: cloudflare
etag: W/"a074482e35e723bb980d75bb694cdc4d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
via: 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' https://*.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.walkme.com https://*.finra.org *.googletagmanager.com *.google-analytics.com tagmanager.google.com *.google.com *.gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://*.walkme.com https://*.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://*.finra.org *.google-analytics.com *.gstatic.com https://*.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.walkme.com fonts.gstatic.com data:; connect-src 'self' *.google-analytics.com *.googleapis.com *.googletagmanager.com https://*.finra.org https://*.walkme.com *.splunkcloud.com https://*.amazonaws.com; frame-src 'self' https://*.finra.org https://*.walkme.com *.google.com blob:; frame-ancestors 'self' https://*.finra.org; worker-src 'self' blob: https://*.walkme.com ;
x-amz-cf-pop: AMS50-C1
cf-ray: 6edbb668bf7568e9-FRA
x-amz-cf-id: S1YPIBcxWiVIZu5m1kOg8A50KO5s_UrVQuvV07hIwc1777M_0qP-wg==

GET
H2 200 browser-check.js Show response
gateway.finra.org/app/ 3 KB
1 KB 34ms
34ms Script
application/javascript 2606:4700::6812:680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway.finra.org/app/browser-check.js

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:680 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c68bd9f72b025b1a237b84e6a31e57f53e3b5f40d84a6ebc058dc2018bf86073

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.walkme.com https://.finra.org .googletagmanager.com .google-analytics.com tagmanager.google.com .google.com .gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://.walkme.com https://.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://.finra.org .google-analytics.com .gstatic.com https://.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://.walkme.com fonts.gstatic.com data:; connect-src 'self' .google-analytics.com .googleapis.com .googletagmanager.com https://.finra.org https://.walkme.com .splunkcloud.com https://.amazonaws.com; frame-src 'self' https://.finra.org https://.walkme.com .google.com blob:; frame-ancestors 'self' https://.finra.org; worker-src 'self' blob: https://.walkme.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:14 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
age: 275964
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Mar 2022 01:01:06 GMT
server: cloudflare
etag: W/"0aa553cbe3fdf7519f6da12783b6ea17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 9fce949f3749407c8e6a75087e168b46.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' https://*.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.walkme.com https://*.finra.org *.googletagmanager.com *.google-analytics.com tagmanager.google.com *.google.com *.gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://*.walkme.com https://*.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://*.finra.org *.google-analytics.com *.gstatic.com https://*.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.walkme.com fonts.gstatic.com data:; connect-src 'self' *.google-analytics.com *.googleapis.com *.googletagmanager.com https://*.finra.org https://*.walkme.com *.splunkcloud.com https://*.amazonaws.com; frame-src 'self' https://*.finra.org https://*.walkme.com *.google.com blob:; frame-ancestors 'self' https://*.finra.org; worker-src 'self' blob: https://*.walkme.com ;
x-amz-cf-pop: AMS50-C1
cf-ray: 6edbb668bf7668e9-FRA
x-amz-cf-id: S8Y3QbVx1UEWXjs_n02ED_RpNYiswPQW1Vh0uN2N1ppvCJhtXSL_XA==

GET
H2 200 app-shell.20220314T195055.js Show response
gateway.finra.org/app/ 1 MB
330 KB 56ms
56ms Script
application/javascript 2606:4700::6812:680
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gateway.finra.org/app/app-shell.20220314T195055.js

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:680 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2b44bc7edea03f9051cad5afef430ef70440a092fcb0c0be5b00ccd10ea21e6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.walkme.com https://.finra.org .googletagmanager.com .google-analytics.com tagmanager.google.com .google.com .gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://.walkme.com https://.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://.finra.org .google-analytics.com .gstatic.com https://.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://.walkme.com fonts.gstatic.com data:; connect-src 'self' .google-analytics.com .googleapis.com .googletagmanager.com https://.finra.org https://.walkme.com .splunkcloud.com https://.amazonaws.com; frame-src 'self' https://.finra.org https://.walkme.com .google.com blob:; frame-ancestors 'self' https://.finra.org; worker-src 'self' blob: https://.walkme.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:14 GMT
content-encoding: gzip
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
age: 275963
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
last-modified: Tue, 15 Mar 2022 01:01:06 GMT
server: cloudflare
etag: W/"4ccef611dc3e6a48b41d08ac5a1de69d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
via: 1.1 0b3cd120321973f1462a42e82c43c1cc.cloudfront.net (CloudFront)
content-security-policy: default-src 'self' https://*.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://*.walkme.com https://*.finra.org *.googletagmanager.com *.google-analytics.com tagmanager.google.com *.google.com *.gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://*.walkme.com https://*.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://*.finra.org *.google-analytics.com *.gstatic.com https://*.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.walkme.com fonts.gstatic.com data:; connect-src 'self' *.google-analytics.com *.googleapis.com *.googletagmanager.com https://*.finra.org https://*.walkme.com *.splunkcloud.com https://*.amazonaws.com; frame-src 'self' https://*.finra.org https://*.walkme.com *.google.com blob:; frame-ancestors 'self' https://*.finra.org; worker-src 'self' blob: https://*.walkme.com ;
x-amz-cf-pop: AMS50-C1
cf-ray: 6edbb668bf7868e9-FRA
x-amz-cf-id: zUFkk8Am6KJkZ5ah_FEm47o7z5jqmGpAqSU7IjDrgXVOWogGxYYN6w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
43 KB 137ms
46ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJ5JP3H

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4a80dc844fdfc131a0482cf1093da6139669e87ba460aec956c792bb730bb8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43773
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 18 Mar 2022 05:54:14 GMT

GET
H2 200 walkme_6737285082714018963decef1252e224_https.js Show response
cdn.walkme.com/users/6737285082714018963decef1252e224/ 23 KB
9 KB 38ms
8ms Script
application/x-javascript 104.109.59.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/6737285082714018963decef1252e224/walkme_6737285082714018963decef1252e224_https.js

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-59-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

33bb653ee7821bc8b5a2d6ceb8d5cdd9c8f7ea0da97a3850b2fbf645432a300b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: EdVqr46zppsP03J5qG8EiOl34BWsr7x3
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: JHPX4SWDTAPRD7TT
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 8234
x-amz-id-2: XtwqL1r7zLnFykXeiGrTBl83MxMNUTg90ac/9+Aaj1vMydXuHKzSpm9BtIJNBIpvd0AKtJ/oR9o=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Mar 2022 18:18:48 GMT
date: Fri, 18 Mar 2022 05:54:14 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/x-javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=86255
etag: "a395802de11c3088404a9c71b6ab167f"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 settings.js Show response
cdn.walkme.com/users/6737285082714018963decef1252e224/ 1 KB
1 KB 14ms
13ms Script
application/javascript 104.109.59.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/6737285082714018963decef1252e224/settings.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6737285082714018963decef1252e224/walkme_6737285082714018963decef1252e224_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-59-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

0b9e38662e299d6f3664dd4a8dc1885651b3204d9e533a9bcd586ecaf6895315

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: ALgasqe3NKorAP0zY6bxbps1Qf9OKdbM
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: PZ05JH3P9S3NZAJK
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 640
x-amz-id-2: DGEC17J7nsw+yKY7FpwmlHcEx0QuWKjLoMMYGF4rLvdSjhf+ajkbcpjbzdJ8Y4Al8CvvuvqpwPU=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Mar 2022 15:40:18 GMT
date: Fri, 18 Mar 2022 05:54:14 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=891
etag: "12887f6a248f062adaeaf5cbaf1d17ff"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H2 200 session
api.gateway.finra.org/dxtgatew/ Frame 0
0 452ms
415ms Preflight
application/json 2606:4700::6812:b60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.gateway.finra.org/dxtgatew/session

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:b60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://gateway.finra.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 18 Mar 2022 05:54:15 GMT
content-type: application/json;charset=utf-8
content-length: 4
x-forwarded-proto: https
x-forwarded-port: 443
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=31536000
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,passthrough
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://gateway.finra.org
cache-control: no-cache, no-store
etag: W/"4-P9ln0Jp0jh8rJtb+Vi5xVaqH6d4"
x-content-type-options: nosniff
x-developers-needed: http://technology.finra.org/careers.html
x-frame-options: DENY
x-powered-by: Express
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6edbb66a88a06922-FRA

GET session
api.gateway.finra.org/dxtgatew/ 0
0

GET
H2 200 wmjQuery3319.js Show response
cdn.walkme.com/player/resources/ 87 KB
30 KB 7ms
7ms Script
application/javascript 104.109.59.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/resources/wmjQuery3319.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6737285082714018963decef1252e224/walkme_6737285082714018963decef1252e224_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-59-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

22b09e81518c78a109fd4b00895fca0921b9992a274b8531a6cd6b318fa5e16d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: _2liQc0a3c5geUlXrGmhVwTexDpNFsYy
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 69VWK7Z43BP965R6
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 29984
x-amz-id-2: PRkh1nb4ypk5Z/qZhOXYKtfPV6jVV37+inqvj0H7jERybRmDYU8cJZnSYy8ft4peOPnhjRaqd4g=
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 11 May 2021 19:24:52 GMT
date: Fri, 18 Mar 2022 05:54:14 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=17194989
etag: "eeac6e4b5388bac385a8964eb25cf563"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 prelib-plugin-45dff424-a304-32b6-830a-2d039ea9806d.js Show response
cdn.walkme.com/users/6737285082714018963decef1252e224/scripts/ 71 KB
23 KB 9ms
9ms Script
application/x-javascript 104.109.59.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/6737285082714018963decef1252e224/scripts/prelib-plugin-45dff424-a304-32b6-830a-2d039ea9806d.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6737285082714018963decef1252e224/walkme_6737285082714018963decef1252e224_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-59-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

1d1db6463639d62088d9dcb4f987d4534e2ccc6bf018ee9e445e7d003a11216d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: _oNUbAzFJUKs34GcaltucMuN8rRIvm8h
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 28HFDYW4277G92Z9
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 22969
x-amz-id-2: n49aGTAGAbtj3TmBkU6N+USyh2lmcLxWAY+xNyh9vDoKAfurUx2mZMqK3HJVuZDLELNxey4Njdg=
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 30 Jul 2021 12:32:34 GMT
date: Fri, 18 Mar 2022 05:54:14 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/x-javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=25192572
etag: "ccc2211b1300c5cdb77a3df9cb51b677"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 walkme_lib_20220310-082701-360c03ad-387cd133.br.js Show response
cdn.walkme.com/player/lib/ 1 MB
440 KB 14ms
13ms Script
application/javascript 104.109.59.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/walkme_lib_20220310-082701-360c03ad-387cd133.br.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6737285082714018963decef1252e224/walkme_6737285082714018963decef1252e224_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-59-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

8398d0c472726517bf17ce00a22210cdf4efba89ab4d15838530035853fef65b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: .UdcU043iNkIMnhu5WPsiSsvnSnJrVVr
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: DC8TF5593KRSEBE2
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 449180
x-amz-id-2: 1KqiNKPEihruFPSVgbAJbAlFYsuK2Mc7RtT6V6rsw8+VmxbtbmqeOfu6Aue9h53GFMvaXnzpsxE=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 08:44:24 GMT
date: Fri, 18 Mar 2022 05:54:14 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31206174
etag: "dfc8d6b930ce36558227786350df7b26"
content-security-policy: upgrade-insecure-requests;
timing-allow-origin: *

GET
H2 200 walkme_config_4570e6b5644c47e3983877555d0480ee.js Show response
cdn.walkme.com/users/6737285082714018963decef1252e224/ 4 KB
2 KB 15ms
14ms Script
application/javascript 104.109.59.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/users/6737285082714018963decef1252e224/walkme_config_4570e6b5644c47e3983877555d0480ee.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6737285082714018963decef1252e224/walkme_6737285082714018963decef1252e224_https.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-59-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

b4375ddacd72f5ab539231df432af4540df12f56f71bdba5dea9b294a0fd96cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: t6sDrv4tobxWeLAJOA8gaFSQsj9.2cVr
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 168QQW1MKVEKQA8B
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 1746
x-amz-id-2: A6q+MZxHfi1bvlSSbLUvbLnTivv+2yeeQRQQqDVFIoojBmJ8UOh3dhy+980BF64FSXtd8a9Xvvc=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Mar 2022 15:16:54 GMT
date: Fri, 18 Mar 2022 05:54:14 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31484555
etag: "9485aba93d53edfeac56faef31b82ef1"
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJ5JP3H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1164
date: Fri, 18 Mar 2022 05:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 18 Mar 2022 07:34:50 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 48ms
46ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=828760957&t=pageview&_s=1&dl=https%3A%2F%2Fgateway.finra.org%2Fapp%2Fwork-management%2F%3FrequestId%3D4391188%26category%3DInformation%2520Request&ul=en-us&de=UTF-8&dt=FINRA%20Gateway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1062841072&gjid=2069137386&cid=2035279778.1647582854&tid=UA-134617307-1&_gid=1990141258.1647582854&_r=1&gtm=2wg3e0MJ5JP3H&z=443123604

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/app-shell.20220314T195055.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gateway.finra.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 05:54:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gateway.finra.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 45ms
45ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=828760957&t=pageview&_s=1&dl=https%3A%2F%2Fgateway.finra.org%2Fapp%2Fwork-management%2F%3FrequestId%3D4391188%26category%3DInformation%2520Request&ul=en-us&de=UTF-8&dt=FINRA%20Gateway&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=243616955&gjid=1888994194&cid=2035279778.1647582854&tid=UA-157977262-1&_gid=1990141258.1647582854&_r=1&gtm=2wg3e0MJ5JP3H&z=1375917310

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/app-shell.20220314T195055.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gateway.finra.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 18 Mar 2022 05:54:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gateway.finra.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cdHiddenIframeScript.js Show response
cdn.walkme.com/player/lib/20220310-082701-360c03ad-387cd133.br/resources/CD/ Frame 6E64 244 B
704 B 7ms
7ms Script
application/javascript 104.109.59.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20220310-082701-360c03ad-387cd133.br/resources/CD/cdHiddenIframeScript.js

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20220310-082701-360c03ad-387cd133.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-59-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

ddab192869f16ddcfbcbb9ed4372c4c1f5dc4ed47a1045287ac15699b33c1213

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: RhWFfPQ2nZb51To71NkyKlvZarhgjeJ2
content-encoding: gzip
x-content-type-options: nosniff
x-amz-request-id: 1NBT4F3EG9P7GZYG
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
vary: Accept-Encoding
content-length: 164
x-amz-id-2: dZb+OMcQc5/Nwf4+wr34SOgzaOEiFioLKMMb0v96FswWciEZBdJKJgXG5GGmbCwTWNvLbWzdotI=
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Mar 2022 08:42:12 GMT
date: Fri, 18 Mar 2022 05:54:15 GMT
strict-transport-security: max-age=31536000;includeSubdomains
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31226345
etag: "64bad8dece3937c7177b75099c2b8972"
content-security-policy: upgrade-insecure-requests;
timing-allow-origin: *

GET
H2 200 CDhiddenIframe.compress.html Show response
cdn.walkme.com/player/lib/20220310-082701-360c03ad-387cd133.br/resources/CD/ Frame F0C0 18 KB
6 KB 7ms
7ms Document
text/html 104.109.59.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.walkme.com/player/lib/20220310-082701-360c03ad-387cd133.br/resources/CD/CDhiddenIframe.compress.html

Requested by

Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20220310-082701-360c03ad-387cd133.br.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.59.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-59-42.deploy.static.akamaitechnologies.com

Software

Resource Hash

9a0d3b94408006abc19be2f8d7db0e02722f198f39d507b05976a3cf738eba27

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000;includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-amz-id-2: B3w66ZNBhEVVP2mibPAlTCida9DIJt9cGQTYMu2DXKsdAEaxj5+h+L7PhBYRv5xRQT2MfhuMjzs=
x-amz-request-id: MX0RMHG322K9CDC5
x-amz-replication-status: COMPLETED
last-modified: Thu, 10 Mar 2022 08:42:11 GMT
etag: "467ef372d5e09522d3e1c68e0ba84830"
x-amz-server-side-encryption: AES256
x-amz-version-id: 95H4LJ4XK5qqAVZNfaj1MOKbdYmvrUdJ
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
content-length: 5823
cache-control: max-age=31226347
date: Fri, 18 Mar 2022 05:54:15 GMT
content-security-policy: upgrade-insecure-requests;
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000;includeSubdomains

GET
H2 200 Primary Request logon Show response
ews.finra.org/auth/ 7 KB
3 KB 208ms
173ms Document
text/html 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Requested by

Host: gateway.finra.org
URL: https://gateway.finra.org/app/app-shell.20220314T195055.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f95ed3b51c64ce7efaea1d62ad3b1a3664967dfa53d5742f7157f24c4bde30f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gateway.finra.org/

Response headers

date: Fri, 18 Mar 2022 05:54:15 GMT
content-type: text/html;charset=UTF-8
strict-transport-security: max-age=63072000; includeSubDomains; preload max-age=31536000 ; includeSubDomains
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
x-content-type-options: nosniff
content-language: en-US
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6edbb66ff9bc9b5d-FRA
content-encoding: gzip

GET
H2 200 all.css
ews.finra.org/auth/assets/fontawesome/css/ 73 KB
14 KB 148ms
147ms Stylesheet
text/css 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/assets/fontawesome/css/all.css

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab45c5bcb922c2cdba3bda9626909c62f5834df1e2579337993ca3cd7b7faf35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: text/css
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6713b6f9b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
ews.finra.org/auth/v2/cdn/bootstrap/4.0.0/css/ 141 KB
20 KB 141ms
140ms Stylesheet
text/css 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/v2/cdn/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8779c88ac1d574f7c9bec584b562d5dfbd0f95a74d49850626995b90fcda043c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: text/css
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6713b749b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 fip-d4dc8a1ea1b87ddb34384b28a43a290c.css
ews.finra.org/auth/v2/css/ 16 KB
5 KB 151ms
150ms Stylesheet
text/css 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/v2/css/fip-d4dc8a1ea1b87ddb34384b28a43a290c.css

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cb41213400565f0c176839e75e17c292e600d0ba4545561ee5f87d8ee931da6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: text/css
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6713b789b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 FINRA_Logo_HEX.svg
ews.finra.org/auth/assets/brand/ 1 KB
1 KB 442ms
438ms Image
image/svg+xml 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ews.finra.org/auth/assets/brand/FINRA_Logo_HEX.svg

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b184804c181514972b56294e7f722492e574e86fbcd500ee4106e3dce3c52d5f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: image/svg+xml
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6714ba19b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 jquery-3.2.1.slim.min.js Show response
ews.finra.org/auth/v2/cdn/jquery/ 68 KB
24 KB 143ms
134ms Script
application/javascript 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/v2/cdn/jquery/jquery-3.2.1.slim.min.js

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6714b929b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 popper.min.js Show response
ews.finra.org/auth/v2/cdn/cloudflare/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 153ms
146ms Script
application/javascript 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/v2/cdn/cloudflare/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5353f2b2a0fc4032834e44c622da9f519ca08b12252c849389fcf8fa60fe8c42

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6714b959b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.js Show response
ews.finra.org/auth/v2/cdn/bootstrap/4.0.0/js/ 48 KB
13 KB 145ms
139ms Script
application/javascript 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/v2/cdn/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799a0572727d3a86a7c34c8fb2b6770878972185015beeff84d36a721e74b0b2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6714b979b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 browser.enforcement-67ba46a12eae3dbd3d4df364c749c57a.js Show response
ews.finra.org/auth/v2/scripts/ 2 KB
1 KB 146ms
140ms Script
application/javascript 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/v2/scripts/browser.enforcement-67ba46a12eae3dbd3d4df364c749c57a.js

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9602971b736ddc26f1d49eaf1a5c67ae812fce7f810d37c44e507b87d2086e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
etag: W/"67ba46a12eae3dbd3d4df364c749c57a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6714b989b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 form-validate-3dd2f0a8451e595d20c24bbd946292a2.js Show response
ews.finra.org/auth/v2/scripts/ 2 KB
1 KB 151ms
145ms Script
application/javascript 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/v2/scripts/form-validate-3dd2f0a8451e595d20c24bbd946292a2.js

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d6bca774c55c2ee3648527cd8ceaa5288cfa349f2122c08374ce40bc183fa50

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
etag: W/"3dd2f0a8451e595d20c24bbd946292a2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6714b9c9b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 logon-29f9ae37272eed0d379691d0089587ba.js Show response
ews.finra.org/auth/v2/scripts/ 1 KB
906 B 138ms
133ms Script
application/javascript 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/v2/scripts/logon-29f9ae37272eed0d379691d0089587ba.js

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029a7f008e677257bce8940370627984be2ff6f071876183a7e2d804cb696aa6

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
etag: W/"29f9ae37272eed0d379691d0089587ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6714b9e9b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 view-password-980eadf21774cbd1ce758217629e4a47.js Show response
ews.finra.org/auth/v2/scripts/ 3 KB
1 KB 149ms
144ms Script
application/javascript 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/v2/scripts/view-password-980eadf21774cbd1ce758217629e4a47.js

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b76c572865e169e175f16acbe42d8630141a871459d68f9aafcb236befa8b8e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
etag: W/"980eadf21774cbd1ce758217629e4a47"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6714b9f9b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 trim-5132a0d1f0ef312d1048844aca4ce311.js Show response
ews.finra.org/auth/v2/scripts/ 368 B
955 B 151ms
147ms Script
application/javascript 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/v2/scripts/trim-5132a0d1f0ef312d1048844aca4ce311.js

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab92b3ab397e0d9fae9f1c8b9566525e49372147dc7b3b456def1dab9e6d843

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ews.finra.org/auth/logon?realm=ews&goto=https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information+Request&rcpRedirNum=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
etag: W/"5132a0d1f0ef312d1048844aca4ce311"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type: application/javascript
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
cf-ray: 6edbb6714ba09b5d-FRA
x-xss-protection: 1; mode=block

GET
H2 200 fa-regular-400-4a74738e7728e93c4394b8604081da62.woff2
ews.finra.org/auth/assets/fontawesome/webfonts/ 13 KB
14 KB 143ms
142ms Font
application/font-woff2 2606:4700::6812:17ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ews.finra.org/auth/assets/fontawesome/webfonts/fa-regular-400-4a74738e7728e93c4394b8604081da62.woff2

Requested by

Host: ews.finra.org
URL: https://ews.finra.org/auth/assets/fontawesome/css/all.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:17ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline'; frame-src .duosecurity.com; script-src-elem 'self' 'unsafe-inline' .duosecurity.com; frame-ancestors .finra.org .catnms.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ews.finra.org/auth/assets/fontawesome/css/all.css
Origin: https://ews.finra.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 05:54:16 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-length: 13548
x-xss-protection: 1; mode=block
last-modified: Tue, 01 Mar 2022 21:20:31 GMT
server: cloudflare
etag: "4a74738e7728e93c4394b8604081da62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31536000 ; includeSubDomains
content-type: application/font-woff2
cache-control: max-age=31536000
content-security-policy: default-src 'self' 'unsafe-inline'; frame-src *.duosecurity.com; script-src-elem 'self' 'unsafe-inline' *.duosecurity.com; frame-ancestors *.finra.org *.catnms.com;
accept-ranges: bytes
cf-ray: 6edbb673ae7b9b5d-FRA

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.gateway.finra.org
URL: https://api.gateway.finra.org/dxtgatew/session

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.finra.org/	1970-01-20 19:10:54	Name: _ga Value: GA1.2.2035279778.1647582854
.finra.org/	1970-01-20 01:41:09	Name: _gid Value: GA1.2.1990141258.1647582854
.finra.org/	1970-01-20 01:39:42	Name: _gat_UA-134617307-1 Value: 1
.finra.org/	1970-01-20 01:39:42	Name: _gat_UA-157977262-1 Value: 1
.finra.org/	1970-02-13 22:11:06	Name: AppSession Value: 7b0a5ae0-4279-4d86-9e34-34930029ae84
ews.finra.org/	1969-12-31 23:59:59	Name: DRBLSESSIONID Value: B31E8E92B58D90C5EB668086A1ABFBC1
.ews.finra.org/	1969-12-31 23:59:59	Name: __cfruid Value: dce00bd0794fc04bc60c3237082e7069c29603a6-1647582855
ews.finra.org/	1970-01-20 01:49:47	Name: AWSALB Value: bxzvpUsb+C8V58ZoLVf2sw44sKiGzHTqsGcfifVxckT1P03sE6yc25w50rlpkfA55hnx7sRRgnf8jD0jG3gJwX9C8rgKQQYERJGqTiEyHUXRdCzwdx9+/4gjbFZf
ews.finra.org/	1970-01-20 01:49:47	Name: AWSALBCORS Value: bxzvpUsb+C8V58ZoLVf2sw44sKiGzHTqsGcfifVxckT1P03sE6yc25w50rlpkfA55hnx7sRRgnf8jD0jG3gJwX9C8rgKQQYERJGqTiEyHUXRdCzwdx9+/4gjbFZf

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://gateway.finra.org/app/work-management/?requestId=4391188&category=Information%20Request Message: Access to fetch at 'https://api.gateway.finra.org/dxtgatew/session' from origin 'https://gateway.finra.org' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.gateway.finra.org/dxtgatew/session Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' https://.finra.org https:; script-src 'self' 'unsafe-eval' 'unsafe-inline' blob: https://.walkme.com https://.finra.org .googletagmanager.com .google-analytics.com tagmanager.google.com .google.com .gstatic.com cdnjs.cloudflare.com code.jquery.com; style-src 'self' 'unsafe-inline' https://.walkme.com https://.finra.org fonts.googleapis.com tagmanager.google.com; img-src 'self' 'unsafe-inline' https://.finra.org .google-analytics.com .gstatic.com https://.walkme.com https://s3.walkmeusercontent.com https://d3sbxpiag177w8.cloudfront.net data:; font-src 'self' 'unsafe-inline' 'unsafe-eval' https://.walkme.com fonts.gstatic.com data:; connect-src 'self' .google-analytics.com .googleapis.com .googletagmanager.com https://.finra.org https://.walkme.com .splunkcloud.com https://.amazonaws.com; frame-src 'self' https://.finra.org https://.walkme.com .google.com blob:; frame-ancestors 'self' https://.finra.org; worker-src 'self' blob: https://.walkme.com ;
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.gateway.finra.org
cdn.walkme.com
ews.finra.org
fonts.googleapis.com
gateway.finra.org
www.google-analytics.com
www.googletagmanager.com
api.gateway.finra.org
104.109.59.42
2606:4700::6812:17ec
2606:4700::6812:680
2606:4700::6812:b60
2a00:1450:4001:800::200e
2a00:1450:4001:827::2008
2a00:1450:400e:802::200a
029a7f008e677257bce8940370627984be2ff6f071876183a7e2d804cb696aa6
0b76c572865e169e175f16acbe42d8630141a871459d68f9aafcb236befa8b8e
0b9e38662e299d6f3664dd4a8dc1885651b3204d9e533a9bcd586ecaf6895315
1ab92b3ab397e0d9fae9f1c8b9566525e49372147dc7b3b456def1dab9e6d843
1d1db6463639d62088d9dcb4f987d4534e2ccc6bf018ee9e445e7d003a11216d
22b09e81518c78a109fd4b00895fca0921b9992a274b8531a6cd6b318fa5e16d
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
33bb653ee7821bc8b5a2d6ceb8d5cdd9c8f7ea0da97a3850b2fbf645432a300b
3d6bca774c55c2ee3648527cd8ceaa5288cfa349f2122c08374ce40bc183fa50
5353f2b2a0fc4032834e44c622da9f519ca08b12252c849389fcf8fa60fe8c42
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
799a0572727d3a86a7c34c8fb2b6770878972185015beeff84d36a721e74b0b2
7e10cab2168077216c37a5ab0192207ee6bad709e6424d15e2c6f77848daf4f3
80c72e35f559756548fc545b0b9b07bf80dbe7c6bea5369400e7af1520879d8b
8398d0c472726517bf17ce00a22210cdf4efba89ab4d15838530035853fef65b
8779c88ac1d574f7c9bec584b562d5dfbd0f95a74d49850626995b90fcda043c
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
9a0d3b94408006abc19be2f8d7db0e02722f198f39d507b05976a3cf738eba27
9cb41213400565f0c176839e75e17c292e600d0ba4545561ee5f87d8ee931da6
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ab45c5bcb922c2cdba3bda9626909c62f5834df1e2579337993ca3cd7b7faf35
b184804c181514972b56294e7f722492e574e86fbcd500ee4106e3dce3c52d5f
b4375ddacd72f5ab539231df432af4540df12f56f71bdba5dea9b294a0fd96cc
c2584a3fca129c129b47e330a3366aebb91d0bb913d86a1b8d8caf4aea17f76b
c2b44bc7edea03f9051cad5afef430ef70440a092fcb0c0be5b00ccd10ea21e6
c68bd9f72b025b1a237b84e6a31e57f53e3b5f40d84a6ebc058dc2018bf86073
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
ddab192869f16ddcfbcbb9ed4372c4c1f5dc4ed47a1045287ac15699b33c1213
e4a80dc844fdfc131a0482cf1093da6139669e87ba460aec956c792bb730bb8a
e82c6f6b7742051b061c0d331e2f05160ed6f858417e486c92c1c840e3c3f181
e9602971b736ddc26f1d49eaf1a5c67ae812fce7f810d37c44e507b87d2086e2
f95ed3b51c64ce7efaea1d62ad3b1a3664967dfa53d5742f7157f24c4bde30f7

ews.finra.org Open in urlscan Pro 2606:4700::6812:17ec Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

97 %HTTPS

86 %IPv6

5 Domains

7 Subdomains

8 IPs

3 Countries

1054 kBTransfer

3902 kBSize

9 Cookies

4 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ews.finra.org Open in urlscan Pro
2606:4700::6812:17ec Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

97 %
HTTPS

86 %
IPv6

5
Domains

7
Subdomains

8
IPs

3
Countries

1054 kB
Transfer

3902 kB
Size

9
Cookies

35 HTTP transactions
0 data transactions