login.voya.com
Open in
urlscan Pro
172.64.146.245
Public Scan
Effective URL: https://login.voya.com/voyassoui/index.html?domain=cnpsavings.voya.com&target=link://fe/bGluaz1UT0tFTl9MT0dJTl9QT1NUX1Z...
Submission: On January 07 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 13th 2023. Valid for: a year.
This is the only time login.voya.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 13.111.148.97 13.111.148.97 | 14340 (SALESFORCE) (SALESFORCE) | |
1 5 | 2a02:26f0:350... 2a02:26f0:3500:890::2d5b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 44.242.30.195 44.242.30.195 | 16509 (AMAZON-02) (AMAZON-02) | |
2 3 | 172.64.146.245 172.64.146.245 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
15 | 4 |
ASN14340 (SALESFORCE, US)
PTR: click.mail.edelmanfinancialengines.com
click.mail.edelmanfinancialengines.com |
ASN20940 (AKAMAI-ASN1, NL)
www.financialengines.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-242-30-195.us-west-2.compute.amazonaws.com
http-inputs-financialengines.splunkcloud.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
financialengines.com
1 redirects
www.financialengines.com — Cisco Umbrella Rank: 145919 |
25 KB |
4 |
splunkcloud.com
http-inputs-financialengines.splunkcloud.com — Cisco Umbrella Rank: 152095 |
858 B |
3 |
voya.com
2 redirects
my.voya.com — Cisco Umbrella Rank: 160766 login.voya.com |
1 KB |
1 |
edelmanfinancialengines.com
1 redirects
click.mail.edelmanfinancialengines.com |
313 B |
15 | 4 |
Domain | Requested by | |
---|---|---|
5 | www.financialengines.com |
1 redirects
www.financialengines.com
|
4 | http-inputs-financialengines.splunkcloud.com |
www.financialengines.com
|
2 | login.voya.com |
1 redirects
www.financialengines.com
login.voya.com |
1 | my.voya.com | 1 redirects |
1 | click.mail.edelmanfinancialengines.com | 1 redirects |
15 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.financialengines.com DigiCert EV RSA CA G2 |
2023-04-03 - 2024-04-02 |
a year | crt.sh |
*.financialengines.splunkcloud.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-09 - 2024-07-08 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-08-13 - 2024-08-11 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.voya.com/voyassoui/index.html?domain=cnpsavings.voya.com&target=link://fe/bGluaz1UT0tFTl9MT0dJTl9QT1NUX1ZFUklGSUNBVElPTiZ0eXBlPU1BX1JFVF9VUERBVEUmdG9rPXlpcXczcHB0cGVlajk0NXl1ejN4ZW41dDI3ZW1pOWp5JnB1cmxQYXJhbUluZm89Mzk2OTMxNDEw
Frame ID: D2BEE31B9F0A021C2547DEFC60ECE3BD
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://click.mail.edelmanfinancialengines.com/?qs=22e6873a5dcf27f5b25de7c06b8793287c86c4e23b39f2bdec97ccbb53ad0128af4ebadf...
HTTP 302
https://www.financialengines.com/framework/emaillogin.act?&tok=yiqw3pptpeej945yuz3xen5t27emi9jy&type=MA_RET_U... HTTP 302
https://www.financialengines.com/app/outbound-sso/?target=TOKEN_LOGIN_POST_VERIFICATION%26type%3DMA_RET_UPDAT... Page URL
-
https://my.voya.com/voyasso/index.html?domain=cnpsavings.voya.com&target=link://fe/bGluaz1UT0tFT...
HTTP 302
https://login.voya.com/voyasso/index.html?domain=cnpsavings.voya.com&target=link://fe/bGluaz1UT0tFT... HTTP 302
https://login.voya.com/voyassoui/index.html?domain=cnpsavings.voya.com&target=link://fe/bGluaz1UT0t... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://click.mail.edelmanfinancialengines.com/?qs=22e6873a5dcf27f5b25de7c06b8793287c86c4e23b39f2bdec97ccbb53ad0128af4ebadff851d683a076e038d9c2415f4e5df7c1a44d3d406453028619bdfc36
HTTP 302
https://www.financialengines.com/framework/emaillogin.act?&tok=yiqw3pptpeej945yuz3xen5t27emi9jy&type=MA_RET_UPDATE&purlParamInfo=396931410 HTTP 302
https://www.financialengines.com/app/outbound-sso/?target=TOKEN_LOGIN_POST_VERIFICATION%26type%3DMA_RET_UPDATE%26tok%3Dyiqw3pptpeej945yuz3xen5t27emi9jy%26purlParamInfo%3D396931410&poid=cnpvoya Page URL
-
https://my.voya.com/voyasso/index.html?domain=cnpsavings.voya.com&target=link://fe/bGluaz1UT0tFTl9MT0dJTl9QT1NUX1ZFUklGSUNBVElPTiZ0eXBlPU1BX1JFVF9VUERBVEUmdG9rPXlpcXczcHB0cGVlajk0NXl1ejN4ZW41dDI3ZW1pOWp5JnB1cmxQYXJhbUluZm89Mzk2OTMxNDEw
HTTP 302
https://login.voya.com/voyasso/index.html?domain=cnpsavings.voya.com&target=link://fe/bGluaz1UT0tFTl9MT0dJTl9QT1NUX1ZFUklGSUNBVElPTiZ0eXBlPU1BX1JFVF9VUERBVEUmdG9rPXlpcXczcHB0cGVlajk0NXl1ejN4ZW41dDI3ZW1pOWp5JnB1cmxQYXJhbUluZm89Mzk2OTMxNDEw HTTP 302
https://login.voya.com/voyassoui/index.html?domain=cnpsavings.voya.com&target=link://fe/bGluaz1UT0tFTl9MT0dJTl9QT1NUX1ZFUklGSUNBVElPTiZ0eXBlPU1BX1JFVF9VUERBVEUmdG9rPXlpcXczcHB0cGVlajk0NXl1ejN4ZW41dDI3ZW1pOWp5JnB1cmxQYXJhbUluZm89Mzk2OTMxNDEw Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://click.mail.edelmanfinancialengines.com/?qs=22e6873a5dcf27f5b25de7c06b8793287c86c4e23b39f2bdec97ccbb53ad0128af4ebadff851d683a076e038d9c2415f4e5df7c1a44d3d406453028619bdfc36 HTTP 302
- https://www.financialengines.com/framework/emaillogin.act?&tok=yiqw3pptpeej945yuz3xen5t27emi9jy&type=MA_RET_UPDATE&purlParamInfo=396931410 HTTP 302
- https://www.financialengines.com/app/outbound-sso/?target=TOKEN_LOGIN_POST_VERIFICATION%26type%3DMA_RET_UPDATE%26tok%3Dyiqw3pptpeej945yuz3xen5t27emi9jy%26purlParamInfo%3D396931410&poid=cnpvoya
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
www.financialengines.com/app/outbound-sso/ Redirect Chain
|
934 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
outbound-sso.ad0a9e53a77a7ded8aff.css
www.financialengines.com/app/outbound-sso/ |
1 KB 997 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.ad0a9e53a77a7ded8aff.js
www.financialengines.com/app/outbound-sso/ |
71 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
collector
http-inputs-financialengines.splunkcloud.com/services/ |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collector
http-inputs-financialengines.splunkcloud.com/services/ |
27 B 429 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aggregate
www.financialengines.com/api/v1/planowners/cnpvoya/ |
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
collector
http-inputs-financialengines.splunkcloud.com/services/ |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
collector
http-inputs-financialengines.splunkcloud.com/services/ |
27 B 429 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
index.html
login.voya.com/voyassoui/ Redirect Chain
|
9 KB 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
main.css
login.voya.com/voyassoui/static/public/css/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
main.js
login.voya.com/voyassoui/static/public/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
info.js
login.voya.com/mga/sps/ac/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
main-bundle.js
login.voya.com/voyassoui/static/public/js/bundles/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
smartbanner.min.css
login.voya.com/voyassoui/static/public/smartbanner/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
smartbanner.min.js
login.voya.com/voyassoui/static/public/smartbanner/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.voya.com
- URL
- https://login.voya.com/voyassoui/static/public/css/main.css?ac9c2c0424?20170308
- Domain
- login.voya.com
- URL
- https://login.voya.com/voyassoui/static/public/js/main.js?da9ffcf11a?20191004
- Domain
- login.voya.com
- URL
- https://login.voya.com/mga/sps/ac/js/info.js
- Domain
- login.voya.com
- URL
- https://login.voya.com/voyassoui/static/public/js/bundles/main-bundle.js?884e460049?20191004
- Domain
- login.voya.com
- URL
- https://login.voya.com/voyassoui/static/public/smartbanner/smartbanner.min.css
- Domain
- login.voya.com
- URL
- https://login.voya.com/voyassoui/static/public/smartbanner/smartbanner.min.js
Verdicts & Comments Add Verdict or Comment
1 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.financialengines.com/ | Name: SameSite Value: None |
|
.financialengines.com/ | Name: sessFlag Value: true |
|
.financialengines.com/ | Name: sessionToken Value: fa034629-1bb5-48b5-8a0a-6cec6e131a66 |
|
.financialengines.com/ | Name: authType Value: aws |
|
.financialengines.com/ | Name: s Value: GW-PRD-20240106-2024-0000076 |
|
.financialengines.com/ | Name: sessionId Value: GW-PRD-20240106-2024-0000076 |
|
.financialengines.com/ | Name: daVars Value: %7B%22sponsorDateStamp%22%3A%22cnpvoya%3A20240106%22%2C%22enrStatus%22%3A%22MEMBER%22%2C%22envType%22%3A%22USER_PROD%22%2C%22providerId%22%3A%22ssga%22%2C%22sponsorId%22%3A%22cnpvoya%22%2C%22namespace%22%3A%22%22%2C%22userType%22%3A%22USER%22%2C%22sessionId%22%3A%22GW-PRD-20240106-2024-0000076%22%2C%22isUserTemp%22%3A%22false%22%2C%22pageName%22%3A%22%22%2C%22userId%22%3A%2266824661%22%7D |
|
www.financialengines.com/ | Name: ADRUM_BTa Value: R:192|g:98c2baf6-c78f-4788-b7f0-5b17b2cce444|n:financial-engines_727a9d82-a197-4abb-9c03-248d548012cf |
|
www.financialengines.com/ | Name: ADRUM_BT1 Value: R:192|i:1787420|e:205 |
|
.financialengines.com/ | Name: ptc Value: "e2d84213-ebdf-4e35-a3ec-65a736ba3877::1704601476067" |
|
.voya.com/ | Name: PD-S-MYVOYA-SESSION-ID Value: 0_qvJSRcollCj0V4lNrvVWtYVN8xfbdlMq+N5NIKjDBp2R8jrE0uU=_AAAAAAA=_uSe4vdKkUml9vc03ZKr9fovELcI= |
|
.voya.com/ | Name: __cf_bm Value: QCsyBwEiISNHheTif8pLtlqUq212aFnNCFadCfMPkzY-1704601477-1-AcJZ6/9rwqrc3M3mCWz/jhLgVJ94f3PmjtbTorrDaD0CHhYKxZfn3jxivkzXLnj8WOJZfXz4zoPMrT4nbUVcdes= |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
click.mail.edelmanfinancialengines.com
http-inputs-financialengines.splunkcloud.com
login.voya.com
my.voya.com
www.financialengines.com
login.voya.com
13.111.148.97
172.64.146.245
2a02:26f0:3500:890::2d5b
44.242.30.195
8931409157d628bde00c82d74677e3a8ce39ae307feffdee562974520dcc59f8
8c7c9aa848551c68049e9dc19b2b5aba8fef5438ec310d4b750d811ad40558a5
b81a7c135218ba3c0065389d47b564e962bd13b95f6e3677b8398999c29cc10b