login.evestment.com Open in urlscan Pro
2606:4700::6810:d8f1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.evestment.com/e/16162/-v1-documents-837547-file-view/52y5vg/3879584353/h/NegUC6jQZO0HI0XJJAJ3XJeqzjeIyHet6F-Zi...
Effective URL:
https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdO...
Submission: On December 12 via api (December 12th 2023, 10:54:38 am UTC) from US — Scanned from DE

Summary HTTP 35 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 35 HTTP transactions. The main IP is 2606:4700::6810:d8f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.evestment.com. The Cisco Umbrella rank of the primary domain is 562621.
TLS certificate: Issued by E1 on October 24th 2023. Valid for: 3 months.

This is the only time login.evestment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.208.125.13 18.208.125.13	14618 (AMAZON-AES) (AMAZON-AES)
2 23	45.60.65.96 45.60.65.96	19551 (INCAPSULA) (INCAPSULA)
7	2600:9000:205... 2600:9000:2057:2e00:14:292d:9c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 5	2606:4700::68... 2606:4700::6810:d8f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:214... 2600:9000:214f:3800:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
35	4

1 18.208.125.13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-125-13.compute-1.amazonaws.com

info.evestment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 45.60.65.96 (United States) 2 redirects

ASN19551 (INCAPSULA, US)

app.evestment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2057:2e00:14:292d:9c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.production.evestment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:d8f1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

login.evestment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:214f:3800:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	evestment.com 4 redirects info.evestment.com app.evestment.com — Cisco Umbrella Rank: 245146 cdn.production.evestment.com — Cisco Umbrella Rank: 426686 login.evestment.com — Cisco Umbrella Rank: 562621	1 MB
3	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6793	235 KB
35	2

	Domain	Requested by
23	app.evestment.com	2 redirects app.evestment.com cdn.production.evestment.com login.evestment.com
7	cdn.production.evestment.com	app.evestment.com
5	login.evestment.com	1 redirects cdn.production.evestment.com cdn.auth0.com
3	cdn.auth0.com	login.evestment.com cdn.auth0.com
1	info.evestment.com	1 redirects
35	5

This site contains links to these domains. Also see Links.

Domain
app.evestment.com
www.evestment.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2023 Q4	`2023-12-04` - `2024-06-01`	6 months	crt.sh
cdn.production.evestment.com Amazon RSA 2048 M01	`2023-06-23` - `2024-07-21`	a year	crt.sh
login.evestment.com E1	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.auth0.com Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9
Frame ID: 27415EF140DE0C1821F7B64DB68C53B1
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

eVestment | Analytics Login

Page URL History Show full URLs

https://info.evestment.com/e/16162/-v1-documents-837547-file-view/52y5vg/3879584353/h/NegUC6jQZO0HI0XJJ... HTTP 301
https://app.evestment.com/api/ppiq/v1/documents/837547/file/view HTTP 302
https://app.evestment.com/next/AutoLogin.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile... HTTP 302
https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview Page URL
https://login.evestment.com/authorize?client_id=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&audience=app.evestment.... HTTP 302
https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3Rp... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Auth0 Lock (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/lock/([\d.]+)/lock(?:.min)?\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

100 %
HTTPS

60 %
IPv6

2
Domains

5
Subdomains

4
IPs

1
Countries

1386 kB
Transfer

2619 kB
Size

14
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://app.evestment.com/next/autologin.aspx?cmd=forgot&opener=universal
Title: Don't remember your password?

Search URL Search Domain Scan URL

URL: https://www.evestment.com/submit-my-data
Title: Request An Account

Search URL Search Domain Scan URL

URL: https://www.evestment.com/contact/mercer-support/
Title: Request An Account

Search URL Search Domain Scan URL

URL: https://app.evestment.com/next/autologin.aspx?cmd=forgot&opener=universal&clientName=spa
Title: Forgot Your Password?

Search URL Search Domain Scan URL

URL: https://www.evestment.com/contact/support/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.evestment.com/legal/#privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.evestment.com/legal/#terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.evestment.com/legal/third-party-terms/
Title: Third-Party Terms

Search URL Search Domain Scan URL

URL: https://www.evestment.com/legal/mercerinsight/#privacy
Title: eVestment Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.evestment.com/wp-content/uploads/2022/09/2022-06-30-eVestment-EULA-co-brand-solution.pdf
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://www.evestment.com/wp-content/uploads/2021/11/MercerInsight-EULA.pdf
Title: Mercer Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.evestment.com/wp-content/uploads/2021/11/MercerInsight-Privacy-Statement.pdf
Title: MercerInsight Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.evestment.com/legal/third-party-vendor-notices/
Title: Mercer Third-Party Vendor Notices

Search URL Search Domain Scan URL

URL: https://www.evestment.com/research/newsfeed/?utm_source=eV%20login%20page
Title: EXPLORE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.evestment.com/e/16162/-v1-documents-837547-file-view/52y5vg/3879584353/h/NegUC6jQZO0HI0XJJAJ3XJeqzjeIyHet6F-ZiOgMgdw HTTP 301
https://app.evestment.com/api/ppiq/v1/documents/837547/file/view HTTP 302
https://app.evestment.com/next/AutoLogin.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview HTTP 302
https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview Page URL
https://login.evestment.com/authorize?client_id=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&state=QW91emtpc2Q2eE5ScFBWfkVhV1NwcGNpZl9oVlVycTVZV1FYWW9ORWZaMA%3D%3D&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9 HTTP 302
https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://info.evestment.com/e/16162/-v1-documents-837547-file-view/52y5vg/3879584353/h/NegUC6jQZO0HI0XJJAJ3XJeqzjeIyHet6F-ZiOgMgdw HTTP 301
https://app.evestment.com/api/ppiq/v1/documents/837547/file/view HTTP 302
https://app.evestment.com/next/AutoLogin.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview HTTP 302
https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

https://info.evestment.com/e/16162/-v1-documents-837547-file-view/52y5vg/3879584353/h/NegUC6jQZO0HI0XJJAJ3XJeqzjeIyHet6F-ZiOgMgdw
https://app.evestment.com/api/ppiq/v1/documents/837547/file/view
https://app.evestment.com/next/AutoLogin.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

6 KB
2 KB

106ms
106ms

Document
text/html

45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

000b97bc9397d473de04d1d3c1dca6ace1098e9bf7d37610d49c01e460999d52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 10:54:32 GMT
referrer-policy: strict-origin-when-cross-origin
server
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 9-4334758-4293944 pNNN RT(1702378472133 248) q(0 0 0 -1) r(1 1) U24
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private
content-length: 356
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 10:54:32 GMT
location: /next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
referrer-policy: strict-origin-when-cross-origin
server
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-iinfo: 9-4334758-4293944 pNNN RT(1702378472133 145) q(0 0 0 0) r(1 1) U24
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
x-xss-protection: 1; mode=block

GET
H2 200 bootstrap.min.css
cdn.production.evestment.com/next/scripts/lib/bootstrap-4.5.2/css/ 157 KB
24 KB 41ms
12ms Stylesheet
text/css 2600:9000:2057:2e00:14:292d:9c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.evestment.com/next/scripts/lib/bootstrap-4.5.2/css/bootstrap.min.css?rv=MjAyMy4xMi40LjE=

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2e00:14:292d:9c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3c407529fa4f93133a8e1c085cff173348f42e6d92530a6a158c0ba1d247063e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 10:48:51 GMT
content-encoding: gzip
x-cdn: Imperva
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1877
x-cache: Hit from cloudfront
x-iinfo: 10-128631473-128586779 pNNy RT(1702354182349 7) q(0 0 0 7) r(1 1) U24
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: W/"80d77515ed26da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-incap-sess-cookie-hdr: l1y1GR8PKkPEpgvf1oKpBQbdd2UAAAAAqHm91+kJJO0dKL4ql+j9rg==
x-amz-cf-id: JrSMhbZFjN9rh_BVC2ktPaOzHrNIUPTxjuvttw76RAZKTkypqz_33A==

GET
H2 200 Login.css
cdn.production.evestment.com/next/stylesheets/ 4 KB
2 KB 43ms
14ms Stylesheet
text/css 2600:9000:2057:2e00:14:292d:9c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.evestment.com/next/stylesheets/Login.css?rv=MjAyMy4xMi40LjE=

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2e00:14:292d:9c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

65ea96c4e3f826dbe830a8c553483697cdef15f0044b974a0a25d5e7f8db0a4c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 10:48:51 GMT
content-encoding: gzip
x-cdn: Imperva
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1877
x-cache: Hit from cloudfront
x-iinfo: 8-96121230-96115581 pNNy RT(1702354182390 2) q(0 0 0 0) r(1 1) U24
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:28 GMT
server
etag: W/"06ee16ed26da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
x-incap-sess-cookie-hdr: 7UFlc7RDjSfEpgvf1oKpBQbdd2UAAAAAsRYFKqeAzYWmJ0nICwCZFQ==
x-amz-cf-id: H0HJTmUf2cVjPfiNOBuPqv-uAeFDikyU4SpSIkNvtKeQfqcgZfQxUw==

GET
H2 200 jquery-1.6.4.min.js Show response
cdn.production.evestment.com/next/scripts/ 90 KB
32 KB 46ms
17ms Script
application/javascript 2600:9000:2057:2e00:14:292d:9c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.evestment.com/next/scripts/jquery-1.6.4.min.js?rv=MjAyMy4xMi40LjE=

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2e00:14:292d:9c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

965b17c2bf611d2f239fd9db5d36ad87cc2e31b789ff987bb7a9aa2cdf9744d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 10:48:51 GMT
content-encoding: gzip
x-cdn: Imperva
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1877
x-cache: Hit from cloudfront
x-iinfo: 11-108984845-108936495 pNNy RT(1702183588488 4) q(0 0 0 0) r(2 2) U24
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: W/"80d77515ed26da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-incap-sess-cookie-hdr: gFbBP0rZ4SLesvrmSGtmA6RCdWUAAAAA4PY3Mbqe42IbRmmC8lUjug==
x-amz-cf-id: p3eAqPvsPyzOcAcxDHn6OkFBUwJBFmt4hvDIsIs5esVcZd2bS2aowA==

GET
H2 200 jquery.jqURL.js Show response
cdn.production.evestment.com/next/scripts/jQueryPlugins/ 6 KB
3 KB 43ms
15ms Script
application/javascript 2600:9000:2057:2e00:14:292d:9c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.evestment.com/next/scripts/jQueryPlugins/jquery.jqURL.js?rv=MjAyMy4xMi40LjE=

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2e00:14:292d:9c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1874a1d68cf90ad958ae052cb0deaeae7355452be2ddb24e009f8ebd2591d6a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 10:05:09 GMT
content-encoding: gzip
x-cdn: Imperva
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2964
x-cache: Hit from cloudfront
x-iinfo: 9-82429274-82417669 sNNy RT(1702105592394 2699) q(0 0 0 0) r(1 1) U24
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: W/"80d77515ed26da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-incap-sess-cookie-hdr: L5YeXtw9t3jdmJDQ1oKpBfsRdGUAAAAAGeqgjAiuXnvrHggVzWdFTg==
x-amz-cf-id: bPuR09W29BdXm0do8ctC3Xt0mVvdPbRJpGTG3OwavRlAWh-RaIKEbw==

GET
H2 200 Login.js Show response
cdn.production.evestment.com/next/scripts/ 9 KB
3 KB 49ms
20ms Script
application/javascript 2600:9000:2057:2e00:14:292d:9c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.production.evestment.com/next/scripts/Login.js?rv=MjAyMy4xMi40LjE=

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:2e00:14:292d:9c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

67eb5ea70b2e9a93c273c68c7a80bbb97716eb8e27bb12e5017c6ea8411664d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
date: Tue, 12 Dec 2023 10:48:51 GMT
content-encoding: gzip
x-cdn: Imperva
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1877
x-cache: Hit from cloudfront
x-iinfo: 11-110135117-110117751 pNNy RT(1702192101254 5) q(0 0 0 1) r(1 1) U24
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: W/"80d77515ed26da1:0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
x-incap-sess-cookie-hdr: z7ZFNjqh+1QCjojnSGtmA+VjdWUAAAAAvVDXAXTVLxS9JFzcXjeH3Q==
x-amz-cf-id: xWiwbhPoEvBXSjsurem-WIRGbbxm4PwASh1SrYkYGvM1Pl3ot6kDPw==

GET
H2 200 custom.css
app.evestment.com/next/App_Themes/Traditional/ 680 B
902 B 107ms
106ms Stylesheet
text/css 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://app.evestment.com/next/App_Themes/Traditional/custom.css

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

c6930e9c660191d188f0b2df531211b5b2c67076fd1a31aa639d150948b2014e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 9-4334758-4293944 pNNN RT(1702378472133 365) q(0 1 1 -1) r(1 1) U24
content-length: 413
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:26 GMT
server
etag: "041dd14ed26da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
accept-ranges: bytes

GET
H2 200 index.js Show response
cdn.production.evestment.com/apps/jwt/ 157 KB
48 KB 433ms
405ms Script
application/x-javascript 2600:9000:2057:2e00:14:292d:9c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.production.evestment.com/apps/jwt/index.js
Requested by: Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2e00:14:292d:9c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: adf5080c3db74e471d7eb65cd14dc13686659e7530415ed4103827d30d6133f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:34 GMT
x-amz-version-id: zZT83_OPJ1N76IJ9af5wRNjsh18sIdK1
content-encoding: gzip
last-modified: Thu, 25 Aug 2022 17:27:52 GMT
server: AmazonS3
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"2d61001fbf82b4e118a875029cbaa594"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-store
x-amz-replication-status: COMPLETED
x-amz-cf-id: 5L8GjpFCdJ_jfc8GEr98kg7VCrXLQHYOyqCm3KGFzp9MEgDtw2GQYg==

GET
H2 200 index.js Show response
cdn.production.evestment.com/static/csrf/ 7 KB
3 KB 422ms
394ms Script
application/x-javascript 2600:9000:2057:2e00:14:292d:9c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.production.evestment.com/static/csrf/index.js
Requested by: Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:2e00:14:292d:9c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb17a0f98fa6a16ec2974c9c72ff849b4cecfeea6cf80f7f533886dfd40a873e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:34 GMT
x-amz-version-id: oJUT1pV2z2tkNzSXKI8Pl4wZ8IWrGmmN
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 16:36:44 GMT
server: AmazonS3
via: 1.1 163be08bc1bc44818353c4fd88655bee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
etag: W/"79a4e8578e579910a7a1dfd5c32edf13"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: no-store
x-amz-replication-status: COMPLETED
x-amz-cf-id: 0PI_F7S0gUSHEX9NKhiBdBuExrbwyzajFDjoDqGRUAfYSHlW-OiUfA==

GET
H2 200 p-Nasdaq-primary.png
app.evestment.com/next/images/logo/ 4 KB
5 KB 115ms
114ms Image
image/png 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/next/images/logo/p-Nasdaq-primary.png

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

63f0bdaa522d0b2e8707ccaa0bdbeba5bc161a41c6b614d43247c5e4a426afdd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:33 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4334758-4279637 pNNy RT(1702378472133 368) q(0 0 0 -1) r(0 0) U24
content-length: 4570
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes

GET
H2 200 mercer_insight_logo.svg
app.evestment.com/next/images/logo/mercer/ 10 KB
4 KB 117ms
117ms Image
image/svg+xml 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/next/images/logo/mercer/mercer_insight_logo.svg

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

68e3c62270eab7db4a54e8e8e17dad5184de1136d096991b30cb48d292189f18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 9-4334758-4293943 pNNN RT(1702378472133 374) q(0 0 0 -1) r(1 1) U24
content-length: 3437
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes

GET
H2 200 ProcessAnimationSmall2_v3.gif
app.evestment.com/next/images/ 23 KB
23 KB 151ms
151ms Image
image/gif 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/next/images/ProcessAnimationSmall2_v3.gif

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3248e6d2dc65e4c62dff725d22cec3543103de86ff63b1d2c2d6092efd1c31cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:33 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4334758-4293943 pNNN RT(1702378472133 475) q(0 0 0 -1) r(1 1) U24
content-length: 23075
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes

GET
H2 200 mercer_logo.svg
app.evestment.com/next/images/logo/mercer/ 3 KB
3 KB 122ms
122ms Image
image/svg+xml 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/next/images/logo/mercer/mercer_logo.svg

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2654ed79ea744fe45b9ebbeadb6b509e477255624bfa6aefc9ddf70e6f8b34f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:33 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4334758-4279637 pNNy RT(1702378472133 480) q(0 0 0 -1) r(1 1) U24
content-length: 2696
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
accept-ranges: bytes

GET
H2 200 _Incapsula_Resource Show response
app.evestment.com/ 139 KB
19 KB 15ms
15ms Script
application/javascript 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://app.evestment.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=1332166614

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5239e319e06936524820a0d77ec957b342aee04bfe1601dc85e88cbc6cfbaf94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 19828
content-type: application/javascript

GET
H2 200 p-Nasdaq-primary.png
app.evestment.com/next/images/logo/ 4 KB
5 KB 102ms
102ms Image
image/png 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/next/images/logo/p-Nasdaq-primary.png

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

63f0bdaa522d0b2e8707ccaa0bdbeba5bc161a41c6b614d43247c5e4a426afdd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:33 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4334758-4279637 pNNy RT(1702378472133 1137) q(0 0 0 -1) r(1 1) U24
content-length: 4570
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes

GET
H2 200 _Incapsula_Resource
app.evestment.com/ 1 B
36 B 8ms
8ms Image
text/plain 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/_Incapsula_Resource?SWKMTFSR=1&e=0.562897395049341

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 ALL Show response
app.evestment.com/api/v1/banners/domains/EV/locations/LOGIN/firmtypes/ 733 B
664 B 120ms
120ms XHR
application/json 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://app.evestment.com/api/v1/banners/domains/EV/locations/LOGIN/firmtypes/ALL

Requested by

Host: cdn.production.evestment.com
URL: https://cdn.production.evestment.com/static/csrf/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

5f6dfcbe4894d5a47bc50ea47150710e2e3311972e476581aa57d48180db18ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: YLBX4FIDJWLRXLN3S32RA17GUA361R8NLRXJIB4SCK3CB48THLL86H8JHLR03SDTEYF2BRK78QB0DKNHZBM78T30NZ0PGQHHFI4XCQ93LVGRJFA4DVSDHQ7TSIBMQVNS
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains
x-evestment-correlation-id: 2c313f5fe1ae45959325be161e03c96c
x-iinfo: 9-4334758-4293944 pNNN RT(1702378472133 1158) q(0 0 0 -1) r(2 2) U24
content-length: 465
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache
expires: -1

GET
H2 200 spa Show response
app.evestment.com/services/identity/v1/authentication/a0config/ 144 B
272 B 102ms
102ms Fetch
application/json 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://app.evestment.com/services/identity/v1/authentication/a0config/spa

Requested by

Host: cdn.production.evestment.com
URL: https://cdn.production.evestment.com/static/csrf/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Kestrel /

Resource Hash

488fc1bb250d344d6ee3ccf46d925a10bfc0eac60256ecc83cf429f293724db4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
X-CSRF-TOKEN: YLBX4FIDJWLRXLN3S32RA17GUA361R8NLRXJIB4SCK3CB48THLL86H8JHLR03SDTEYF2BRK78QB0DKNHZBM78T30NZ0PGQHHFI4XCQ93LVGRJFA4DVSDHQ7TSIBMQVNS
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 10:54:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000
server: Kestrel
x-cdn: Imperva
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-iinfo: 9-4334758-4293944 pNNN RT(1702378472133 1281) q(0 0 0 -1) r(1 1) U24

GET
H2 200 DownloadInternal
app.evestment.com/Shared/eAPublicContent/ 373 KB
376 KB 204ms
203ms Image
image/png 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/Shared/eAPublicContent/DownloadInternal?cache=60&documentId=0a8ad20d-fac3-4684-b550-f19b28f1d195

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.evestment.com/next/login.aspx?ReturnUrl=%2fapi%2fppiq%2fv1%2fdocuments%2f837547%2ffile%2fview
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:34 GMT
content-security-policy: upgrade-insecure-requests
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 9-4334758-4279637 pNNy RT(1702378472133 1295) q(0 0 0 -1) r(2 2) U24
cache-control: private, max-age=60
content-length: 382182
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9

GET
H2

200

Primary Request login Show response
login.evestment.com/
Redirect Chain

https://login.evestment.com/authorize?client_id=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20...
https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrM...

17 KB
17 KB

750ms
750ms

Document
text/html

2606:4700::6810:d8f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9

Requested by

Host: cdn.production.evestment.com
URL: https://cdn.production.evestment.com/apps/jwt/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d8f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

778fc1ad96ecb2f750f97cc7e9186dd0f3c311bb25489e9a5acdcd801d86afe7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.evestment.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 83456e19cdfc2c20-FRA
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 10:54:35 GMT
etag: W/"43f0-OSXmExYrI/7BbcRH0uaYW8GQxbc"
ot-baggage-auth0-request-id: 83456e19cdfc2c20
ot-tracer-sampled: true
ot-tracer-spanid: 22a7f3f61a01b305
ot-tracer-traceid: 615f46f5468fc5a9
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-0000000000000000615f46f5468fc5a9-22a7f3f61a01b305-01
tracestate: auth0-request-id=83456e19cdfc2c20,auth0=true
vary: Accept-Encoding
x-auth0-requestid: 42c24560c3bb950e2e50
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1702378476
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 83456e171afc2c20-FRA
content-length: 1426
content-type: text/html; charset=utf-8
date: Tue, 12 Dec 2023 10:54:34 GMT
location: /login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9
ot-baggage-auth0-request-id: 83456e171afc2c20
ot-tracer-sampled: true
ot-tracer-spanid: 5807843d09155914
ot-tracer-traceid: 6114faa327e55293
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-00000000000000006114faa327e55293-5807843d09155914-01
tracestate: auth0-request-id=83456e171afc2c20,auth0=true
vary: Accept, Accept-Encoding
x-auth0-requestid: b8c6acce575abf610ac3
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1702378475

GET
H2 200 bootstrap.min.css
app.evestment.com/next/scripts/lib/bootstrap-4.5.2/css/ 157 KB
23 KB 114ms
113ms Stylesheet
text/css 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://app.evestment.com/next/scripts/lib/bootstrap-4.5.2/css/bootstrap.min.css

Requested by

Host: login.evestment.com
URL: https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

3c407529fa4f93133a8e1c085cff173348f42e6d92530a6a158c0ba1d247063e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 9-4334758-4293944 pNNN RT(1702378472133 2601) q(0 0 0 -1) r(1 1) U24
content-length: 22829
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-incap-sess-cookie-hdr: FQSSeVlVtQwAIcOXJ1Cif+o7eGUAAAAAeHTRnipbCh9EdcoNQy+g7w==
accept-ranges: bytes

GET
H2 200 UniversalLogin.css
app.evestment.com/next/stylesheets/ 11 KB
2 KB 124ms
122ms Stylesheet
text/css 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://app.evestment.com/next/stylesheets/UniversalLogin.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

bfb0d33b2fedc528fd063f37f050f53c8a45fefe9ccc672138906efeefe7652a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 9-4334758-4293943 pNNN RT(1702378472133 2606) q(0 0 0 -1) r(1 1) U24
content-length: 1789
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:28 GMT
server
etag: "06ee16ed26da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-incap-sess-cookie-hdr: i1sPYB/OwQIAIcOXJ1Cif+o7eGUAAAAAE8y/b3thgqOM/ABvGQKXog==
accept-ranges: bytes

GET
H2 200 jquery-1.6.4.min.js Show response
app.evestment.com/next/scripts/ 90 KB
31 KB 125ms
124ms Script
application/javascript 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://app.evestment.com/next/scripts/jquery-1.6.4.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

965b17c2bf611d2f239fd9db5d36ad87cc2e31b789ff987bb7a9aa2cdf9744d1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 9-4334758-4279637 pNNy RT(1702378472133 2610) q(0 0 0 -1) r(1 1) U24
content-length: 31111
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-incap-sess-cookie-hdr: bTiVAo6c/XgAIcOXJ1Cif+o7eGUAAAAA9p9hXVILJNF2huTuPbKfHA==
accept-ranges: bytes

GET
H2 200 UniversalLogin.js Show response
app.evestment.com/next/scripts/ 1 KB
1 KB 126ms
125ms Script
application/javascript 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://app.evestment.com/next/scripts/UniversalLogin.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

0a24037136f4e2de99d5d4c9df9acca06812d996056343326cd9d0b6c799b76d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 9-4334758-4335226 nNNY RT(1702378472133 2614) q(0 0 0 -1) r(0 1) U24
content-length: 569
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-incap-sess-cookie-hdr: /fqvSv4W5xAAIcOXJ1Cif+o7eGUAAAAAMBvb6KWAUPoNa44dPk0Mvg==
accept-ranges: bytes

GET
H2 200 lock.min.js Show response
cdn.auth0.com/js/lock/11.26/ 817 KB
230 KB 27ms
10ms Script
application/javascript 2600:9000:214f:3800:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/lock/11.26/lock.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

866fb4f98f43e3c8124def3f30d32a6d36772e74a969e5618c832768dd92617b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Fq3Rf_lDUSrVkfpsOKDr33mdY3g3ZWCr
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 10:40:45 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 1210
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 14 Aug 2020 19:37:07 GMT
server: AmazonS3
etag: W/"a30a19c70195c1da89a685c2bfc2ff83"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800,public
x-robots-tag: noindex
x-amz-cf-id: 3_h3uBHfGrjpV6XPoUmSTMmokdHSMtqjY6hyFXToEgf_5qTygfaqgQ==

GET
H2 200 p-Nasdaq-primary.png
app.evestment.com/next/images/logo/ 4 KB
5 KB 127ms
126ms Image
image/png 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/next/images/logo/p-Nasdaq-primary.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

63f0bdaa522d0b2e8707ccaa0bdbeba5bc161a41c6b614d43247c5e4a426afdd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:35 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4334758-4335228 nNNY RT(1702378472133 2618) q(0 0 0 -1) r(0 1) U24
content-length: 4570
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
x-frame-options: SAMEORIGIN
content-type: image/png
x-incap-sess-cookie-hdr: QVgjRSIEogoAIcOXJ1Cif+o7eGUAAAAADJmDucr/TsH0Xw9e9dLUig==
accept-ranges: bytes

GET
H2 200 mercer_insight_logo.svg
app.evestment.com/next/images/logo/mercer/ 10 KB
4 KB 132ms
131ms Image
image/svg+xml 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/next/images/logo/mercer/mercer_insight_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

68e3c62270eab7db4a54e8e8e17dad5184de1136d096991b30cb48d292189f18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains
x-iinfo: 9-4334758-4335230 nNNY RT(1702378472133 2622) q(0 0 0 -1) r(0 1) U24
content-length: 3437
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-incap-sess-cookie-hdr: dnXvD06bKnQAIcOXJ1Cif+o7eGUAAAAA+L0z+jCJaSeVF25xJHjFSQ==
accept-ranges: bytes

GET
H2 200 mercer_logo.svg
app.evestment.com/next/images/logo/mercer/ 3 KB
3 KB 101ms
101ms Image
image/svg+xml 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/next/images/logo/mercer/mercer_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

2654ed79ea744fe45b9ebbeadb6b509e477255624bfa6aefc9ddf70e6f8b34f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:35 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4334758-4293944 pNNN RT(1702378472133 2725) q(0 0 0 -1) r(1 1) U24
content-length: 2696
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 04 Dec 2023 20:04:27 GMT
server
etag: "80d77515ed26da1:0"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-incap-sess-cookie-hdr: ig4yOA+rCSwAIcOXJ1Cif+o7eGUAAAAAvMLFOjsY0AU8h/Ah8kaxJg==
accept-ranges: bytes

GET
H2 200 ALL Show response
app.evestment.com/api/v1/banners/domains/EV/locations/LOGIN/firmtypes/ 689 B
1 KB 131ms
117ms XHR
application/json 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://app.evestment.com/api/v1/banners/domains/EV/locations/LOGIN/firmtypes/ALL

Requested by

Host: app.evestment.com
URL: https://app.evestment.com/next/scripts/jquery-1.6.4.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f535933cf2e45b5214969a8c8f4f513784a675500e890885741ecda96378ba9a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva
strict-transport-security: max-age=31536000; includeSubDomains
x-evestment-correlation-id: 095b411bf9a84f379f26cc24d45d07e3
x-iinfo: 12-6804336-6758672 pNNN RT(1702378474910 9) q(0 0 0 -1) r(1 1) U24
content-length: 443
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://login.evestment.com
cache-control: no-cache
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: xUjAf0wTtGMjq8KXJ1Cif+s7eGUAAAAAcUpJjow7gHL/YlYYlyom6Q==
expires: -1

GET
H2 200 badge.png
cdn.auth0.com/styleguide/components/1.0.8/media/logos/img/ 2 KB
2 KB 12ms
11ms Image
image/png 2600:9000:214f:3800:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.auth0.com/styleguide/components/1.0.8/media/logos/img/badge.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

33fb88f606a3f32f2f218df25dcc69283d9a555a0f8e253f2092f3af53404c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: CghttMoXpqZBzj9pIZwTb7OuGonBat5c
date: Mon, 11 Dec 2023 16:00:05 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 68128
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 1591
last-modified: Thu, 04 May 2017 21:37:11 GMT
server: AmazonS3
etag: "e3842ac36d4fbd8d4e31a39999c0eba6"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=2628000,public
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: WimOph4drPqELx2Bmjk8Z58BDyigsmge51KYoChypd3msfLyVyv-iw==

GET
H2 200 en.js Show response
cdn.auth0.com/js/lock/11.26.3/ 6 KB
3 KB 12ms
12ms Script
application/javascript 2600:9000:214f:3800:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/lock/11.26.3/en.js

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26/lock.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3800:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f75963df24c9c146b11380a0f1fe36d0e6cbd66594f823d31b751c1df46a2bc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: qBKMknmjgjJAedw5rMb075fSiYplUPKO
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
date: Tue, 12 Dec 2023 03:48:31 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: FRA53-C1
age: 25564
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Fri, 14 Aug 2020 19:37:06 GMT
server: AmazonS3
etag: W/"1965f492fc53be98849df127e3928a42"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2628000,public
x-robots-tag: noindex
x-amz-cf-id: 2ZsdIVw-QzNL48nS-pgGwuXlp5QX3RLRmuCrHn3oCORnIIY0TX2kNA==

GET
H3 200 di7BVSLKe46zgfzWTAxZcLDpImTk0E5k.js Show response
login.evestment.com/client/ 3 KB
1 KB 747ms
747ms Script
application/x-javascript 2606:4700::6810:d8f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.evestment.com/client/di7BVSLKe46zgfzWTAxZcLDpImTk0E5k.js?t1702378475474

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26/lock.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:d8f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc3c542513e8ac2c4b17c97446118901cc502cecff04d0f43666e28d5a0bf8c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
tracestate: auth0-request-id=83456e1fbd7771cb,auth0=true
x-auth0-requestid: a25c31d0b08df610ab18
content-encoding: br
alt-svc: h3=":443"; ma=86400
server: cloudflare
ot-tracer-sampled: true
traceparent: 00-00000000000000004d9b73507354691e-1e4d7bbe55fdfc73-01
etag: W/"dae-T1HQk4inBdTF1ts0wJ0fdNXefF0"
ot-tracer-traceid: 4d9b73507354691e
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
ot-baggage-auth0-request-id: 83456e1fbd7771cb
cf-ray: 83456e1fbd7771cb-FRA
ot-tracer-spanid: 1e4d7bbe55fdfc73

POST
H3 200 challenge Show response
login.evestment.com/usernamepassword/ 18 B
548 B 751ms
751ms XHR
application/json 2606:4700::6810:d8f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.evestment.com/usernamepassword/challenge

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26/lock.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:d8f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Auth0-Client: eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiIsImVudiI6eyJsb2NrLmpzLXVscCI6IjExLjI2LjMiLCJhdXRoMC5qcy11bHAiOiI5LjEzLjQiLCJhdXRoMC5qcyI6IjkuMTMuNCJ9fQ==
Referer: https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 12 Dec 2023 10:54:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
tracestate: auth0-request-id=83456e1fbd7a71cb,auth0=true
x-auth0-requestid: b23cf9ab01116a252ee3
alt-svc: h3=":443"; ma=86400
content-length: 18
server: cloudflare
ot-tracer-sampled: true
traceparent: 00-00000000000000000534d86129e33125-553ef50d551ab655-01
etag: W/"12-9fs4x/hyJ5DkqQF2LYZkOdHRWWM"
ot-tracer-traceid: 0534d86129e33125
x-ratelimit-remaining: 299
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
x-ratelimit-reset: 1702378477
x-ratelimit-limit: 300
ot-baggage-auth0-request-id: 83456e1fbd7a71cb
cf-ray: 83456e1fbd7a71cb-FRA
ot-tracer-spanid: 553ef50d551ab655

GET
H2 200 DownloadInternal
app.evestment.com/Shared/eAPublicContent/ 505 KB
506 KB 159ms
159ms Image
image/jpeg 45.60.65.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.evestment.com/Shared/eAPublicContent/DownloadInternal?documentId=badc3c15-d9b0-4219-aae1-da0d76e72ac6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.65.96 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

9fe495cec99889207e9ffd0ce25a49277ded37e647e731c1050caf8603469216

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.evestment.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:35 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cdn: Imperva
x-iinfo: 9-4334758-4279637 pNNy RT(1702378472133 2914) q(0 0 0 -1) r(1 1) U24
content-length: 516721
x-xss-protection: 1; mode=block
x-ua-compatible: IE=EmulateIE8,IE=EmulateIE9
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
x-incap-sess-cookie-hdr: 5m5dPzMzRA4AIcOXJ1Cif+s7eGUAAAAA/DdKMffpfFwuV8sEZANnJw==
expires: -1

GET
H3 404 ssodata Show response
login.evestment.com/user/ 0
406 B 766ms
765ms XHR
text/plain 2606:4700::6810:d8f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://login.evestment.com/user/ssodata

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.26/lock.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:d8f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 10:54:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
tracestate: auth0-request-id=83456e246c1171cb,auth0=true
x-auth0-requestid: caf49392777ab2490899
alt-svc: h3=":443"; ma=86400
content-length: 0
server: cloudflare
ot-tracer-sampled: true
traceparent: 00-000000000000000066e4a53f21d91f89-79bd6d84329dc2d7-01
ot-tracer-traceid: 66e4a53f21d91f89
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
ot-baggage-auth0-request-id: 83456e246c1171cb
cf-ray: 83456e246c1171cb-FRA
ot-tracer-spanid: 79bd6d84329dc2d7

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.evestment.com/usernamepassword/login	1970-01-20 17:07:22	Name: _csrf Value: iZX-sadnGFF3q1Rju6487nMg
app.evestment.com/	1969-12-31 23:59:59	Name: CSRF-TOKEN Value: YLBX4FIDJWLRXLN3S32RA17GUA361R8NLRXJIB4SCK3CB48THLL86H8JHLR03SDTEYF2BRK78QB0DKNHZBM78T30NZ0PGQHHFI4XCQ93LVGRJFA4DVSDHQ7TSIBMQVNS
.evestment.com/	1969-12-31 23:59:59	Name: nlbi_1894488 Value: nM8oPfxxchtFpuTM8XyMlwAAAACKjVZmCD73H++VjhgXU81U
.evestment.com/	1970-01-21 01:37:51	Name: visid_incap_1894488 Value: tFy2PzJEQOSz/HpknjEXx+g7eGUAAAAAQUIPAAAAAAAC0P5oUtiOdjfhODYAG+Ze
.evestment.com/	1969-12-31 23:59:59	Name: incap_ses_9197_1894488 Value: JvkUa1ZhxBAAIcOXJ1Cif+g7eGUAAAAAJri3JSAjNzc6N5/2SiaDBQ==
app.evestment.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: xrdqsgti5xlyf1rqsnw2ci4j
app.evestment.com/	1969-12-31 23:59:59	Name: jwt-status Value: 2.3.1\|loaded\|window\|document\|fetch\|localStorage\|resourceOwnerCodeFlowInitialized\|authorizationCodeFlowInitialized\|global
app.evestment.com/	1969-12-31 23:59:59	Name: csrf-status Value: loaded\|form-initialized\|xhr-initialized\|fetch-initialized
login.evestment.com/	1970-01-21 01:38:56	Name: did Value: s%3Av0%3Ad5e229e0-98dc-11ee-a531-774a995fcf7e.aX6Ekc6ttl0iyvN91PLs22J904tT2tGKhJo8KCi9Lf8
login.evestment.com/	1970-01-20 16:57:17	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFL3qnby8-QJANw54r3qC5TtgqIKSnXSE0KrzYEolvUuagMU0lPCY2_sRch-dca-UIgBo915pDhxIl5UJzhfb6GmY29va2llg6dleHBpcmVz1_9kIsQAZXwwaq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.%2FDGlYsxBx%2Bvyot1aOxyfqB9zkUzWhzBVleIx6wLVuHU
login.evestment.com/	1970-01-21 01:38:56	Name: did_compat Value: s%3Av0%3Ad5e229e0-98dc-11ee-a531-774a995fcf7e.aX6Ekc6ttl0iyvN91PLs22J904tT2tGKhJo8KCi9Lf8
login.evestment.com/	1970-01-20 16:57:17	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQFL3qnby8-QJANw54r3qC5TtgqIKSnXSE0KrzYEolvUuagMU0lPCY2_sRch-dca-UIgBo915pDhxIl5UJzhfb6GmY29va2llg6dleHBpcmVz1_9kIsQAZXwwaq5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.%2FDGlYsxBx%2Bvyot1aOxyfqB9zkUzWhzBVleIx6wLVuHU
app.evestment.com/	1970-01-20 17:03:03	Name: AWSALB Value: ZjeKMxXY2zfvPr1/gkq4T3ZgQpMk8KLB0BbF+0tGyHQDju3fXcmvZ08ViY61WMjb5BsO1haAlh5gLEocTQMV0750ncyGkLJUNU3LbWFPmDlyVeY2DPOJ+mhuj/mf
app.evestment.com/	1970-01-20 17:03:03	Name: AWSALBCORS Value: ZjeKMxXY2zfvPr1/gkq4T3ZgQpMk8KLB0BbF+0tGyHQDju3fXcmvZ08ViY61WMjb5BsO1haAlh5gLEocTQMV0750ncyGkLJUNU3LbWFPmDlyVeY2DPOJ+mhuj/mf

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9 Message: Mixed Content: The page at 'https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9' was loaded over HTTPS, but requested an insecure element 'http://app.evestment.com/next/images/logo/mercer/mercer_logo.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9(Line 235) Message: Mixed Content: The page at 'https://login.evestment.com/login?state=hKFo2SBfZGM3U2duekhYS1lVRTJQUG1CajgxY2RVQVMyS1RVTKFupWxvZ2luo3RpZNkgdGZZY1dXUFVobkdOQXJmUkZKS3NvMi1tU09wU29qMmujY2lk2SBkaTdCVlNMS2U0NnpnZnpXVEF4WmNMRHBJbVRrMEU1aw&client=di7BVSLKe46zgfzWTAxZcLDpImTk0E5k&protocol=oauth2&audience=app.evestment.com&redirect_uri=https%3A%2F%2Fapp.evestment.com%2Fnext%2Flogin-callback.aspx&scope=openid%20profile%20email%20offline_access&response_type=code&response_mode=query&nonce=SGRSTkdtTUNSLUpGMnNuZkNnckxJV05%2BUDFGbUJ3cUZIR2U0N2podjRFcg%3D%3D&code_challenge=yU-uPU0oMN7Y2du-7FZehK6YFhOG7nBsNqcdmD7X3VU&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtc3BhLWpzIiwidmVyc2lvbiI6IjEuMjIuMiJ9' was loaded over HTTPS, but requested an insecure element 'http://app.evestment.com/next/images/logo/mercer/mercer_logo.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://login.evestment.com/user/ssodata Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.evestment.com
cdn.auth0.com
cdn.production.evestment.com
info.evestment.com
login.evestment.com
18.208.125.13
2600:9000:2057:2e00:14:292d:9c00:93a1
2600:9000:214f:3800:10:474e:104a:2961
2606:4700::6810:d8f1
45.60.65.96
000b97bc9397d473de04d1d3c1dca6ace1098e9bf7d37610d49c01e460999d52
0a24037136f4e2de99d5d4c9df9acca06812d996056343326cd9d0b6c799b76d
1874a1d68cf90ad958ae052cb0deaeae7355452be2ddb24e009f8ebd2591d6a3
2654ed79ea744fe45b9ebbeadb6b509e477255624bfa6aefc9ddf70e6f8b34f9
3248e6d2dc65e4c62dff725d22cec3543103de86ff63b1d2c2d6092efd1c31cb
33fb88f606a3f32f2f218df25dcc69283d9a555a0f8e253f2092f3af53404c11
3c407529fa4f93133a8e1c085cff173348f42e6d92530a6a158c0ba1d247063e
488fc1bb250d344d6ee3ccf46d925a10bfc0eac60256ecc83cf429f293724db4
5239e319e06936524820a0d77ec957b342aee04bfe1601dc85e88cbc6cfbaf94
5f6dfcbe4894d5a47bc50ea47150710e2e3311972e476581aa57d48180db18ef
63f0bdaa522d0b2e8707ccaa0bdbeba5bc161a41c6b614d43247c5e4a426afdd
65ea96c4e3f826dbe830a8c553483697cdef15f0044b974a0a25d5e7f8db0a4c
67eb5ea70b2e9a93c273c68c7a80bbb97716eb8e27bb12e5017c6ea8411664d0
68e3c62270eab7db4a54e8e8e17dad5184de1136d096991b30cb48d292189f18
778fc1ad96ecb2f750f97cc7e9186dd0f3c311bb25489e9a5acdcd801d86afe7
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
866fb4f98f43e3c8124def3f30d32a6d36772e74a969e5618c832768dd92617b
965b17c2bf611d2f239fd9db5d36ad87cc2e31b789ff987bb7a9aa2cdf9744d1
9fe495cec99889207e9ffd0ce25a49277ded37e647e731c1050caf8603469216
adf5080c3db74e471d7eb65cd14dc13686659e7530415ed4103827d30d6133f4
bfb0d33b2fedc528fd063f37f050f53c8a45fefe9ccc672138906efeefe7652a
c6930e9c660191d188f0b2df531211b5b2c67076fd1a31aa639d150948b2014e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb17a0f98fa6a16ec2974c9c72ff849b4cecfeea6cf80f7f533886dfd40a873e
f535933cf2e45b5214969a8c8f4f513784a675500e890885741ecda96378ba9a
f75963df24c9c146b11380a0f1fe36d0e6cbd66594f823d31b751c1df46a2bc4
fc3c542513e8ac2c4b17c97446118901cc502cecff04d0f43666e28d5a0bf8c3

login.evestment.com Open in urlscan Pro 2606:4700::6810:d8f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

60 %IPv6

2 Domains

5 Subdomains

4 IPs

1 Countries

1386 kBTransfer

2619 kBSize

14 Cookies

14 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

login.evestment.com Open in urlscan Pro
2606:4700::6810:d8f1 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

60 %
IPv6

2
Domains

5
Subdomains

4
IPs

1
Countries

1386 kB
Transfer

2619 kB
Size

14
Cookies

35 HTTP transactions
0 data transactions