urlscan.io logo urlscan.io
SecurityTrails logo

kifaayatiproductions.com Open in urlscan Pro
2607:f1c0:100f:f000::2c5  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Submission: On September 21 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 11 domains to perform 34 HTTP transactions. The main IP is 2607:f1c0:100f:f000::2c5, located in United States and belongs to ONEANDONE-AS Brauerstrasse 48, DE. The main domain is kifaayatiproductions.com.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on September 21st 2020. Valid for: a year.
This is the only time kifaayatiproductions.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online) Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
3 2607:f1c0:100... 8560 (ONEANDONE...)
3 184.31.87.246 20940 (AKAMAI-ASN1)
8 18.197.253.20 16509 (AMAZON-02)
1 184.30.216.87 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.48.45.48 16509 (AMAZON-02)
3 52.48.66.74 16509 (AMAZON-02)
4 3.124.119.57 16509 (AMAZON-02)
3 184.31.83.67 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 66.117.28.86 15224 (OMNITURE)
34 12
3    2607:f1c0:100f:f000::2c5 (United States)

ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE)
kifaayatiproductions.com
3    184.31.87.246 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-87-246.deploy.static.akamaitechnologies.com
sitecatalyst.fidelity.com
8    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
1    184.30.216.87 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-216-87.deploy.static.akamaitechnologies.com
login.fidelity.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    52.48.45.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-45-48.eu-west-1.compute.amazonaws.com
fmrcorp.tt.omtrdc.net
3    52.48.66.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-66-74.eu-west-1.compute.amazonaws.com
dpm.demdex.net
fidelity.demdex.net
4    3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
activate1.fidelity.com
3    184.31.83.67 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-31-83-67.deploy.static.akamaitechnologies.com
assets.fidelity.com
2    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    66.117.28.86 (United States)

ASN15224 (OMNITURE, US)
cm.everesttech.net
Domain Requested by
8 nexus.ensighten.com kifaayatiproductions.com
nexus.ensighten.com
4 activate1.fidelity.com nexus.ensighten.com
3 assets.fidelity.com kifaayatiproductions.com
3 sitecatalyst.fidelity.com kifaayatiproductions.com
nexus.ensighten.com
3 kifaayatiproductions.com kifaayatiproductions.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 dpm.demdex.net nexus.ensighten.com
kifaayatiproductions.com
1 cm.everesttech.net 1 redirects
1 fidelity.demdex.net nexus.ensighten.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fmrcorp.tt.omtrdc.net nexus.ensighten.com
1 www.googletagmanager.com kifaayatiproductions.com
1 login.fidelity.com kifaayatiproductions.com
0 clixqa4.fmr.com Failed nexus.ensighten.com
0 garvkoch.club Failed kifaayatiproductions.com
34 15

This site contains links to these domains. Also see Links.

Domain
www.fidelity.com
login.fidelity.com
Subject Issuer Validity Valid
*.kifaayatiproductions.com
Encryption Everywhere DV TLS CA - G1		 2020-09-21 -
2021-09-21		 a year crt.sh
investments.fidelity.com
Entrust Certification Authority - L1M		 2020-02-11 -
2022-05-10		 2 years crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2019-10-03 -
2020-10-02		 a year crt.sh
login.fidelity.com
Entrust Certification Authority - L1K		 2020-02-18 -
2022-02-18		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2017-10-19 -
2020-11-25		 3 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
activate1.fidelity.com
Entrust Certification Authority - L1K		 2019-05-29 -
2021-07-12		 2 years crt.sh
dpcs.fidelity.com
Entrust Certification Authority - L1M		 2019-05-08 -
2021-05-08		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://kifaayatiproductions.com/1error/phpinfo.html
Frame ID: 98F108835C55657D04F594C4ACFBD8B4
Requests: 37 HTTP requests in this frame

Frame: https://fidelity.demdex.net/dest5.html?d_nsid=0
Frame ID: 439FF986F9504AA84990CF7036E0E016
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

34
Requests

88 %
HTTPS

33 %
IPv6

11
Domains

15
Subdomains

12
IPs

5
Countries

542 kB
Transfer

1316 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://cm.everesttech.net/cm/dd?d_uuid=60341397222969360751126520738061843386 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X2kQ1wAAB2Y5mRTJ

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request phpinfo.html
kifaayatiproductions.com/1error/ 		131 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2c5 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
f1622db01cbd095ad132648bafda4c57fd0c08505fdb76022e9e13a66ed93826

Request headers

:method
GET
:authority
kifaayatiproductions.com
:scheme
https
:path
/1error/phpinfo.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html
date
Mon, 21 Sep 2020 20:45:10 GMT
server
Apache
last-modified
Mon, 21 Sep 2020 20:45:10 GMT
etag
W/"20cad-5afde6bef5200"
content-encoding
gzip
s49118668935261
sitecatalyst.fidelity.com/b/ss/fidelitycom/10/JS-2.9.0/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sitecatalyst.fidelity.com/b/ss/fidelitycom/10/JS-2.9.0/s49118668935261?AQB=1&ndh=1&pf=1&callback=s_c_il%5B1%5D.doPostbacks&et=1&t=26/5/2020%200:20:22%205%20420&d.&nsid=0&jsonv=1&.d&ts=1593156025&mid=29159961307977268078847636526024084064&aid=2F7AD0DC0515B293-4000099E453E50EA&ce=UTF-8&ns=fidelity&pageName=Fid.com%20web%7CLogin%7CNo%20CID%7CCorporate%20Login&g=https://digital.fidelity.com/prgw/digital/login/full-page?AuthRedUrl=https://oltx.fidelity.com/ftgw/fbc/ofsummary/defaultPage&c.&p0=71&VSCHANNEL=Fid.com%20web&VSPAGE=Corporate%20Login&VSPURP=Customer%20Service&VSPGVER=Full%20Page&VSSECSUB=/Login/No%20CID&VSSOURCE=Fidelity&actData1=No%20Activate%20Data&ens_loc=head&d80=0&d83=0&dateDetail=26%7C5%7C0:00%7C20&lilo=Lo&mboxVersion=1.2.3&new_piDData2=No%20Activate%20Data&p9=No%20NavBar%20Interaction&piDData1=No%20Activate%20Data&piDData2=No%20Activate%20Data&piDData3=No%20Activate%20Data&piDData5=No%20Activate%20Data&piDData6=No%20Activate%20Data&piDData7=No%20Activate%20Data&piDData9=No%20Activate%20Data&rmdata=rNA%7Cg00%7Cei0%7Cci0&subdomain=digital&wiDData1=No%20Activate%20Data&SEC=Login&SEC1=No%20CID&channelManager=Typed/Bookmarked&channelManagerDetail=tb%7CFid.com%20web%7CLogin%7CNo%20CID%7CCorporate%20Login&channelManagerKeyword=n/a&channelManagerStacking=Typed/Bookmarked%20%3E%20Typed/Bookmarked%20%3E%20Typed/Bookmarked%20%3E%20Referring%20Domains%20%3E%20Typed/Bookmarked&p1=5ef5a1b773cf4a1c92f12e61d688aa33&p8=%7C%7C&VSFORMAT=412%7CSmall%7CNo%20App%20Format&ecidAIDDebug=2F7AD0DC0515B293-4000099E453E50EA&ecidMIDDebug=29159961307977268078847636526024084064&.c&v16=D=c11&v18=D=c16&v21=First%20Visit&v75=2020-6-25%7CS.2.9.0%7CTMS&s=412x732&c=24&j=1.6&v=N&k=Y&bw=412&bh=732&mcorgid=EDCF01AC512D2B770A490D4C@AdobeOrg&AQE=1
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.87.246 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-87-246.deploy.static.akamaitechnologies.com
Software
jag /
Resource Hash
6092c9a038f67b9fadeadc997e94dde49397956324342faa2815b8b439ca38f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-aam-tid
ta+qfyUVTH0=
Date
Mon, 21 Sep 2020 20:45:13 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
x-c
master-1362.Ibf4d3d.M0-447
p3p
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
1581
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-v081-0352f8310.edge-irl1.demdex.com 5.78.0.20200908113611 8ms (+1ms)
Pragma
no-cache
Last-Modified
Tue, 22 Sep 2020 20:45:12 GMT
Server
jag
xserver
anedge-7f667bf655-lzht5
ETag
3437522413113671680-4621580646304707451
Vary
*, Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Sun, 20 Sep 2020 20:45:12 GMT
e4ad97d52fdd240b848712b5cc3815dc.js
nexus.ensighten.com/fidelity/prod/code/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/fidelity/prod/code/e4ad97d52fdd240b848712b5cc3815dc.js?conditionId0=488612
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
be8b6c87fa710cbe992c97bc4e0f0f8f2ae42581d679c662ba5cd21cf0e2fdb0

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 20:45:11 GMT
content-encoding
gzip
last-modified
Thu, 09 May 2019 08:16:56 GMT
server
nginx
etag
W/"5cd3e1f8-3ec5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
ae46f0d88c02e921e5e5ca8215414f76.js
nexus.ensighten.com/fidelity/prod/code/ 		24 B
247 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/fidelity/prod/code/ae46f0d88c02e921e5e5ca8215414f76.js?conditionId0=46215&conditionId1=422684
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1eeac0c64e470dee27f5a247a04d72fdc46f8b5e6809fdd865c01dc56a2853a8

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 20:45:11 GMT
last-modified
Thu, 05 Apr 2012 12:15:43 GMT
server
nginx
etag
"4f7d8cef-18"
content-type
application/javascript; charset=utf-8
status
200
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
24
expires
Mon, 21 Sep 2020 20:45:10 GMT
serverComponent.php
nexus.ensighten.com/fidelity/prod/ 		504 B
646 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/fidelity/prod/serverComponent.php?r=650059.1377262026&ClientID=65&PageID=https://digital.fidelity.com/prgw/digital/login/full-page?AuthRedUrl=https://oltx.fidelity.com/ftgw/fbc/ofsummary/defaultPage
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
da238e7cbb9b0bf4c20ba247fee7f38624d682236d9f8aa3b1628cd1f3a0e4ff

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 21 Sep 2020 20:45:11 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
504
expires
Mon, 21 Sep 2020 20:45:10 GMT
Bootstrap.js
nexus.ensighten.com/fidelity/prod/ 		687 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e2c6457c1bf15cf08f6f93d0ea049ef2eaecd67b0f7ff29f756d2cd05a724438

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 20:45:11 GMT
content-encoding
gzip
last-modified
Fri, 18 Sep 2020 21:30:06 GMT
server
nginx
etag
W/"5f6526de-abb69"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
retail-79f67ac1a7ebb11c5147.js
garvkoch.club/prgw/digital/login/dist/ 		0
0
fs-widget.authunp.config.js
login.fidelity.com/ftgw/pages/capability/widget/config/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.fidelity.com/ftgw/pages/capability/widget/config/fs-widget.authunp.config.js
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.216.87 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-216-87.deploy.static.akamaitechnologies.com
Software
JBCS httpd /
Resource Hash
b9efac9677aa04e08a2ba0054930a1e3225f727f4a031e1f38d1faa73537476b

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 21 Sep 2020 20:45:11 GMT
fsreqid
REQ5f64990c6baa29dc9719033019e4aa33
Last-Modified
Mon, 17 Aug 2020 13:48:26 GMT
Server
JBCS httpd
ETag
W/"2773-1597672106000"
Vary
Accept-Encoding
P3P
CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
Content-Encoding
gzip
fselapsedtime
1906
fscalleeid
https-login.fidelity.com-5050
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=iso-8859-1
Content-Length
920
jquery-3.js
garvkoch.club/ 		0
0
ajax2.gif
garvkoch.club/ 		0
0
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-57009086-4
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08d3b273f6d58547c0de4cd5cb98ff5bee8bf6d94f9483d514d130fe1da7e568
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 20:45:11 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35658
x-xss-protection
0
last-modified
Mon, 21 Sep 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 21 Sep 2020 20:45:11 GMT
json
fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/ 		142 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/json?mbox=target-global-mbox&mboxSession=48f02a4f259b4dc985dbd9ac7ac58b73&mboxPC=&mboxPage=9df77323b6b644c68183076cef93f3d3&mboxVersion=1.2.3&mboxCount=1&mboxTime=1600728311459&mboxHost=kifaayatiproductions.com&mboxURL=https%3A%2F%2Fkifaayatiproductions.com%2F1error%2Fphpinfo.html&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&profile.D83=0&lilo=Lo&profile.cp=p&profile.p1=&profile.p2=&profile.p3=&profile.p4=&profile.p5=&profile.p6=&profile.p7=&profile.p8=&profile.p21=&profile.p22=&profile.p99=&isRWV=false
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.45.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-45-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b8a8df352218963f139c12550810d45734833db47087e72c4163552317513ae0

Request headers

Accept
application/json
Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 21 Sep 2020 20:45:11 GMT
status
200
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://kifaayatiproductions.com
cache-control
no-cache
access-control-allow-credentials
true
timing-allow-origin
*
content-length
142
x-request-id
93e2507dcf829b178ba97cba85ef590b
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&d_nsid=0&ts=1600721111474
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.66.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-66-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0fa40f460e71aee1e610ce7eaa54f9b6c34dd4d398f4b56fc047f37edfe6031b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v081-0e5b946a5.edge-irl1.demdex.com 5.78.0.20200908113611 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
pZooOALdSOs=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://kifaayatiproductions.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1195
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
activate1.fidelity.com/ 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://activate1.fidelity.com/?json=%7B%22op%22%3A%22getProfile%22%2C%22uid%22%3A%2270c41ee7-e3ce-461f-bed1-b59785cd7961%22%7D
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 20:45:11 GMT
server
nginx
status
200
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
access-control-allow-headers
*
content-length
0
apigw-requestid
TO-Rtj8tFiAEPEQ=
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
170c22b59d68deed748cc0b577f49a828d751cb5b201fabee8f5b2eb515d4998

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		602 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88fcd7367c73e5096e5aacbd42d0aa95a4256aa4a7db3bbf09a0037e11ebea3d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
FidelitySans-Regular.woff2
assets.fidelity.com/fonts/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Regular.woff2
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.83.67 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-83-67.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7a407e54294c6ef2fe14317f6653ff26f73749e20d8c8e53a4016f822a5024fe

Request headers

Origin
https://kifaayatiproductions.com
Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
cpgqIAHuy6FoHTLc0oJM1uJOyTbiLcLT
ETag
"cd5a50acd18c4f6fab4076cdc9133e9a"
x-amz-request-id
205C9D7F80B34A61
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
38612
x-amz-id-2
TzUA9m1wQVGxkueXmJL5eV/ag8HLlgOnAbYjM1N0nQkljB9TZbXZjjSxbwim4DkzdERChyf8y1A=
Last-Modified
Thu, 06 Dec 2018 21:21:15 GMT
Server
AmazonS3
Date
Mon, 21 Sep 2020 20:45:11 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=2781
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Mon, 21 Sep 2020 21:31:32 GMT
truncated
/ 		367 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d950fbf30c30d940dc7bf68424c4b72fbabb9df459198beba73ddc1df2fa8918

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
FidelitySans-Light.woff2
assets.fidelity.com/fonts/ 		40 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Light.woff2
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.83.67 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-83-67.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7aa0292c8b5387df9165be7dec812d4636f0848f97093801e7c0d2d89d0ce62b

Request headers

Origin
https://kifaayatiproductions.com
Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
rmoOPMlBTN4tSHbjfZXPBKRE8RWzeRcl
ETag
"fd6b0d7667a12e684bd5a0208f653f0e"
x-amz-request-id
6465B1FEA31B48DC
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
40980
x-amz-id-2
HOgsDzqiIBht0OFKo+wL1VeV5qDxlYi6YMDYPl7dTwoDuh/f6/vUx1TwjyYUkSAVOQSAvjUS+zk=
Last-Modified
Thu, 06 Dec 2018 21:21:19 GMT
Server
AmazonS3
Date
Mon, 21 Sep 2020 20:45:11 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=2369
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Mon, 21 Sep 2020 21:24:40 GMT
FidelitySans-Bold.woff2
assets.fidelity.com/fonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Bold.woff2
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.83.67 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-83-67.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
67c80d56758cda1bb5bec77917aaf74c32006a0bc09a7dd164c556de2c754487

Request headers

Origin
https://kifaayatiproductions.com
Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
CumvHJLSFkOz7Pue9MInRl2Za8_2YyXs
ETag
"60c67bd3120a745a1c4fcadd68d304c9"
x-amz-request-id
7H0P1Z1VDS6MFS2T
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
35812
x-amz-id-2
wSl1Z3cXLtDGzoa+Ub1y5LaGSi2G8SL3Ze4xMyimaGvXOk3d5gui9kBTRq8VL7/OnpMBrz2SOmA=
Last-Modified
Thu, 06 Dec 2018 21:21:16 GMT
Server
AmazonS3
Date
Mon, 21 Sep 2020 20:45:11 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=1720
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Mon, 21 Sep 2020 21:13:51 GMT
serverComponent.php
nexus.ensighten.com/fidelity/prod/ 		293 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/fidelity/prod/serverComponent.php?r=838111785.8140869&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/fidelity/prod/code/&publishedOn=Fri%20Sep%2018%2021:29:59%20GMT%202020&ClientID=65&PageID=https%3A%2F%2Fkifaayatiproductions.com%2F1error%2Fphpinfo.html
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548e583035e5cc1523d99ae3a4119e0eb71e6c024651d7d196b83f6e7754d2cd

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 21 Sep 2020 20:45:11 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
293
expires
Mon, 21 Sep 2020 20:45:10 GMT
Funk.ogg
kifaayatiproductions.com/1error/ 		1 KB
1 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://kifaayatiproductions.com/1error/Funk.ogg
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2c5 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
f59803fbb1b71e1037cb9cbdf12da1c99ef1666f5b6d0b66185d5a0eb26bbc0d
Security Headers
Name Value
X-Frame-Options deny

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

status
404
date
Mon, 21 Sep 2020 20:45:11 GMT
server
Apache
content-length
1364
x-frame-options
deny
content-type
text/html
truncated
/ 		239 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
phpinfo.html
kifaayatiproductions.com/1error/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kifaayatiproductions.com/1error/phpinfo.html
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2607:f1c0:100f:f000::2c5 , United States, ASN8560 (ONEANDONE-AS Brauerstrasse 48, DE),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 21 Sep 2020 20:45:11 GMT
content-encoding
gzip
last-modified
Mon, 21 Sep 2020 20:45:11 GMT
server
Apache
etag
W/"20cad-5afde6bef5200"
content-type
text/html
perf.rnc
nexus.ensighten.com/fidelity/prod/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/fidelity/prod/perf.rnc?cid=65&ns=1600721110651&ce=279&cs=31&dc=0&dclee=913&dcles=913&di=913&dl=523&dle=31&dls=1&fs=0&lee=0&les=0&rede=0&reds=0&reqs=279&resps=519&respe=661&scs=150&ues=0&uee=0
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Mon, 21 Sep 2020 20:45:11 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 21 Sep 2020 20:45:10 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-57009086-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Sep 2020 01:50:37 GMT
server
Golfe2
age
5371
date
Mon, 21 Sep 2020 19:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18650
expires
Mon, 21 Sep 2020 21:15:40 GMT
cc18770833a7121ac7de0dae180046c7.js
nexus.ensighten.com/fidelity/prod/code/ 		166 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/fidelity/prod/code/cc18770833a7121ac7de0dae180046c7.js?conditionId0=46215&conditionId1=422684
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
83c98643781aefd64cf2e995aa6a081bd2fad0505fe918e468b14d512ae5c9b9

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 20:45:11 GMT
content-encoding
gzip
last-modified
Thu, 10 Sep 2020 09:07:47 GMT
server
nginx
etag
W/"5f59ece3-298a2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=315360000
collect
www.google-analytics.com/j/ 		2 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j86&a=948791065&t=pageview&_s=1&dl=https%3A%2F%2Fkifaayatiproductions.com%2F1error%2Fphpinfo.html&ul=en-us&de=UTF-8&dt=Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1325851616&gjid=1249859451&cid=836004635.1600721112&tid=UA-57009086-4&_gid=96418591.1600721112&_r=1&gtm=2ou990&z=180505394
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 21 Sep 2020 20:45:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://kifaayatiproductions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-57009086-4&cid=836004635.1600721112&jid=1325851616&gjid=1249859451&_gid=96418591.1600721112&_u=IEBAAUAAAAAAAC~&z=230927121
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 21 Sep 2020 20:45:11 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://kifaayatiproductions.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
activate1.fidelity.com/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://activate1.fidelity.com/?json=%7B%22op%22%3A%22setAttribute%22%2C%22data%22%3A%7B%22k%22%3A%5B%22sc_3%22%2C%22sc_2%22%2C%22sc_4%22%2C%22D98%22%5D%2C%22v%22%3A%5B%7B%22val%22%3A1%2C%22exp%22%3A1600708511016%7D%2C%7B%22val%22%3A%22Typed%2FBookmarkedTyped%2FBookmarkedundefined%22%2C%22exp%22%3A1600708511016%7D%2C%7B%22val%22%3A%22%5B%5B%27Typed%2FBookmarked%27%2C%271600706711017%27%5D%5D%22%2C%22exp%22%3A1758473111017%7D%2C%22p99%20unavailable%22%5D%7D%2C%22uid%22%3A%2270c41ee7-e3ce-461f-bed1-b59785cd7961%22%7D
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 20:45:11 GMT
server
nginx
status
200
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
access-control-allow-headers
*
content-length
0
apigw-requestid
TO-RugNhliAEPZQ=
Cookie set dest5.html
fidelity.demdex.net/ Frame 439F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://fidelity.demdex.net/dest5.html?d_nsid=0
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.66.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-66-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
fidelity.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://kifaayatiproductions.com/1error/phpinfo.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=60341397222969360751126520738061843386
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://kifaayatiproductions.com/1error/phpinfo.html

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 09 Sep 2020 13:37:19 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=60341397222969360751126520738061843386;Path=/;Domain=.demdex.net;Expires=Sat, 20-Mar-2021 20:45:11 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
skG8SgceSHE=
Content-Length
2785
Connection
keep-alive
id
sitecatalyst.fidelity.com/ 		48 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sitecatalyst.fidelity.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&mid=66203175792767546460576374427047732199&ts=1600721111735
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.87.246 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-87-246.deploy.static.akamaitechnologies.com
Software
jag /
Resource Hash
b8d1f055bca8437c26196e46e02cfd1ec074d79e9437680f7adf2afde2af707c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 21 Sep 2020 20:45:12 GMT
x-content-type-options
nosniff
Server
jag
xserver
anedge-7f667bf655-9mncw
Vary
Origin
x-c
master-1362.Ibf4d3d.M0-447
p3p
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://kifaayatiproductions.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript;charset=utf-8
Content-Length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=X2kQ1wAAB2Y5mRTJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=60341397222969360751126520738061843386
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=X2kQ1wAAB2Y5mRTJ
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X2kQ1wAAB2Y5mRTJ
Requested by
Host: kifaayatiproductions.com
URL: https://kifaayatiproductions.com/1error/phpinfo.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.66.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-66-74.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v081-06c30e60b.edge-irl1.demdex.com 5.78.0.20200908113611 1ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
XzStLH2LTMg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 21 Sep 2020 20:45:11 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=X2kQ1wAAB2Y5mRTJ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
s45182534546040
sitecatalyst.fidelity.com/b/ss/fidelitycom/10/JS-2.9.0/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sitecatalyst.fidelity.com/b/ss/fidelitycom/10/JS-2.9.0/s45182534546040?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=21%2F8%2F2020%2022%3A45%3A12%201%20-120&d.&nsid=0&jsonv=1&.d&ts=1600721112&mid=66203175792767546460576374427047732199&aamlh=6&ce=UTF-8&ns=fidelity&pageName=Fid.com%20web%7CLogin%7CNo%20CID%7CCorporate%20Login&g=https%3A%2F%2Fkifaayatiproductions.com%2F1error%2Fphpinfo.html%23forward&c.&VSCHANNEL=Fid.com%20web&VSPAGE=Corporate%20Login&VSPURP=Customer%20Service&VSPGVER=Full%20Page&VSSECSUB=%2FLogin%2FNo%20CID&VSSOURCE=Fidelity&actData1=No%20Activate%20Data&ens_loc=head&d80=0&d83=0&dateDetail=39%7C1%7C22%3A30%7C45&lilo=Lo&mboxVersion=1.2.3&new_piDData2=No%20Activate%20Data&p9=No%20NavBar%20Interaction&piDData1=No%20Activate%20Data&piDData2=No%20Activate%20Data&piDData3=No%20Activate%20Data&piDData5=No%20Activate%20Data&piDData6=No%20Activate%20Data&piDData7=No%20Activate%20Data&piDData9=No%20Activate%20Data&rmdata=rNA%7Cg00%7Cei0%7CciNA&subdomain=kifaayatiproductions&wiDData1=No%20Activate%20Data&SEC=Login&SEC1=No%20CID&channelManager=Typed%2FBookmarked&channelManagerDetail=tb%7CFid.com%20web%7CLogin%7CNo%20CID%7CCorporate%20Login&channelManagerKeyword=n%2Fa&channelManagerStacking=Typed%2FBookmarked&p8=%7C%7C&VSFORMAT=1600%7CLarge%7CNo%20App%20Format&ecidMIDDebug=66203175792767546460576374427047732199&.c&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v16=D%3Dc11&v18=D%3Dc16&v21=First%20Visit&v75=2020-9-18%7CS.2.9.0%7CTMS&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&AQE=1
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/code/cc18770833a7121ac7de0dae180046c7.js?conditionId0=46215&conditionId1=422684
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.31.87.246 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-31-87-246.deploy.static.akamaitechnologies.com
Software
jag /
Resource Hash
02fea9fb5f9900121415bbbb37902c095c82107c8fae2911edbdea523a62e4ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-aam-tid
+Zo0ez5cTbA=
Date
Mon, 21 Sep 2020 20:45:13 GMT
Content-Encoding
gzip
x-content-type-options
nosniff
x-c
master-1362.Ibf4d3d.M0-447
p3p
CP="This is not a P3P policy"
Connection
keep-alive
Content-Length
1129
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-v081-0909922a3.edge-irl1.demdex.com 5.78.0.20200908113611 6ms (+1ms)
Pragma
no-cache
Last-Modified
Tue, 22 Sep 2020 20:45:12 GMT
Server
jag
xserver
anedge-7f667bf655-wvxln
ETag
3437522413113671680-4621689117851341892
Vary
*, Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Expires
Sun, 20 Sep 2020 20:45:12 GMT
clix
clixqa4.fmr.com/ 		0
0
exec
activate1.fidelity.com/ 		0
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://activate1.fidelity.com/exec?nexusHost=nexus.ensighten.com&space=iot-prod&env=prod&mid=&pixelType=web
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Mon, 21 Sep 2020 20:45:13 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
x-offsite-uuid
a91b98ee-a429-4b2e-86aa-8407fade6697
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
activate1.fidelity.com/ 		0
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://activate1.fidelity.com/?json=%7B%22op%22%3A%22setAttribute%22%2C%22data%22%3A%7B%22k%22%3A%5B%22D401%22%5D%2C%22v%22%3A%5B1600721113494%5D%7D%2C%22uid%22%3A%2270c41ee7-e3ce-461f-bed1-b59785cd7961%22%7D
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 21 Sep 2020 20:45:13 GMT
server
nginx
status
200
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
access-control-allow-headers
*
content-length
0
apigw-requestid
TO-SAgVcliAEQrg=
TagAuditBeacon.rnc
nexus.ensighten.com/fidelity/prod/ 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexus.ensighten.com/fidelity/prod/TagAuditBeacon.rnc?cid=65&data=[-1|-1|1;636298|3347117|1;429482|3341746|1;-1|-1|1;-1|-1|1;264161|1717665|1;-1|-1|1;426765|3279495|1;502577|3222041|1;289279|715864|1;471958|3294320|1;-1|-1|1;-1|-1|1;454053|1971031|1;384544|1790290|1;451827|3096785|1;-1|-1|1;-1|-1|1;312557|3107233|1;-1|-1|1;-1|-1|1;264164|1790242|1;-1|-1|1;-1|-1|1;396391|2512838|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;-1|-1|1;391489|2355363|1;633957|3246227|1;430803|2512834|1;-1|-1|1;-1|-1|1;599913|3350578|1;-1|-1|1;-1|-1|1;-1|-1|1;450223|3222072|1;-1|-1|1;-1|-1|1;264162|1790259|1;264163|1717645|1;384007|2695508|1;519924|2331611|1;-1|-1|1;-1|-1|1;490033|2141848|1;501368|3246056|1;-1|-1|1;-1|-1|1;553902|2655593|1;599214|3257184|1;451851|3107137|1;181705|230380|1;231978|330161|1;463584|2512127|1;233151|350456|1;553153|2786205|1;243550|431895|1;636|1790154|1;495048|2930455|1;450207|1790359|1;456486|2467847|1;447000|1867658|1;251385|1790352|1;451841|3279497|1;642799|3319068|0;516699|2331637|1;362254|1279195|1;131452|1790361|1;452184|3342969|1;28273|1790319|1;296833|2930049|1;599786|2929518|1;134434|432010|1;-1|-1|1;-1|-1|1]&idx=0&r=838111785.8140869
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://kifaayatiproductions.com/1error/phpinfo.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
date
Mon, 21 Sep 2020 20:45:14 GMT
cache-control
no-cache, no-store
server
nginx
expires
Mon, 21 Sep 2020 20:45:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
garvkoch.club
URL
https://garvkoch.club/prgw/digital/login/dist/retail-79f67ac1a7ebb11c5147.js
Domain
garvkoch.club
URL
https://garvkoch.club/jquery-3.js
Domain
garvkoch.club
URL
https://garvkoch.club/ajax2.gif
Domain
clixqa4.fmr.com
URL
https://clixqa4.fmr.com/clix

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Tech Support Scam (Consumer)

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| SCRIPT_DATA object| dmtData object| ensBootstraps object| Bootstrapper undefined| dmtPropertiesAudiences object| dmtPropertiesWhitelist object| dmtConfig function| dmtStatus function| vendorStatus function| _pageLoadApp function| variableListCallback function| $defineData object| regeneratorRuntime function| callTarget object| _dmt function| startMeasurement function| paintContent object| FidMsmt boolean| _adobeProfileUpdate function| _log object| _console number| perfTestInitTime object| _enslog function| $data function| $globals function| $getData boolean| disableLegacyTags object| tmsConfig function| tmsGetCookieValue function| tmsSetCookieValue function| resetCVI function| tmsStripNBSuites function| tmsStripCustomerOnlySuite function| asyncLibsTest object| msConfig function| onContentMeasurementLoaded function| _trackAnalytics function| tmsTrackAnalyticsSendData function| trackAnalyticsEvent object| targetResponses object| targetCardMsmt object| targetCardCatMsmt object| targetCardState object| targetCardOrder function| targetPageParamsAll object| allowed_list string| val object| adobe object| _AT function| mboxCreate function| mboxDefine function| mboxUpdate object| mboxFactories function| fidMboxCreate function| tntWriteTridionCampaign function| tntWriteTridionCampaignWhenReady string| csExpCall object| obfDPExpMetaData undefined| getExperienceData object| targetResponsesClone function| tntMiddlewareTryAgain function| tntMiddlewareMNO function| tntMiddleWareMNODisplay function| trackClickEvent function| tntMiddleware function| tntMiddlewareWhenReady function| tntMiddlewareGlobalMbox function| tntMiddlewareWhenGlobalMboxReady function| changeTitleTCMID function| getCreativeMiddleware function| creativeMiddlewareWhenReady function| tntValidateCreativeURI function| tntMiddlewareCreativeURL function| Visitor object| s_c_il number| s_c_in object| visitor object| ensightenOptions object| $act object| targetExperiences string| scriptFilename string| scriptUrl object| urlMatches function| loadWidget object| ttMETA function| ttMBX string| gourl function| move function| pop function| PopIt function| UnPopIt number| idleTime function| timerIncrement function| getURLParameter string| stroka function| toggleFullScreen function| ajay function| openMultipleTabs function| poponload string| link_redirect undefined| ignoreHashChange object| w object| m object| td function| nocontextmenu function| norightclick function| countdown function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| tmsSendIEventTag function| tmsSendIPageTag function| tmsSendCustomIEventTag function| tmsSendCustomIEventTagNew object| ivs function| AppMeasurement_Module_AudienceManagement function| AppMeasurement number| s_objectID number| s_giq string| s_account object| s function| s_gi function| tmsReadCVI function| tmsTrackInitialPageView function| tmsResetSelectContextData function| tmsRebuildSCPageName function| tmsNavBarInteraction function| tmsTrackCustomLinks function| tmsTrackCustomLinksWithEvents function| trackPageView function| tmsTrackPageView function| tmsTrackGenericContentChangeAsPV function| tmsTrackGenericContentChangeAsExitPV function| tmsTrackContentChangeAsPV function| tmsTrackGenericInteraction function| tmsTrackInteraction function| tmsTrackSocialShare function| tmsTrackContacts function| tmsTrackContentInteraction function| tmsTrackCustomGenericContentChangeAsPV function| tmsTrackCustomContentChangeAsPV function| tmsTrackCustomPermGenericContentChangeAsPV function| tmsTrackCustomPermContentChangeAsPV function| tmsTrackSearchResultInteraction function| tmsTrackSearchModuleInteraction function| tmsTrackInvestorCenter function| tmsTrackInvestorCenterCTC function| DIL string| key number| a string| qp object| dl_names object| var_names object| o object| targetMeasurementNames function| tmsTrackCustomQuotePV function| tmsSetupLegacyTracking number| perfTestLoadedTime function| old_write number| nmins number| nsecs string| s_tnt object| s_i_fidelitycom

13 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 60341397222969360751126520738061843386
.kifaayatiproductions.com/ Name: s_sess
Value: %20s_cc%3Dtrue%3B
.kifaayatiproductions.com/ Name: s_pers
Value: %20visitStart%3D1600721111698%7C1632257111698%3B%20gpv_c11%3DFid.com%2520web%257CLogin%257CNo%2520CID%257CCorporate%2520Login%7C1600722912781%3B
kifaayatiproductions.com/ Name: AMCV_EDCF01AC512D2B770A490D4C%40AdobeOrg
Value: -330454231%7CMCIDTS%7C18527%7CMCMID%7C66203175792767546460576374427047732199%7CMCAAMLH-1601325911%7C6%7CMCAAMB-1601325911%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1600728311s%7CNONE%7CMCSYNCSOP%7C411-18534%7CMCAID%7CNONE%7CvVersion%7C3.1.2
.kifaayatiproductions.com/ Name: aam_uuid
Value: 60341397222969360751126520738061843386
kifaayatiproductions.com/ Name: AMCVS_EDCF01AC512D2B770A490D4C%40AdobeOrg
Value: 1
.kifaayatiproductions.com/ Name: mbox
Value: session#48f02a4f259b4dc985dbd9ac7ac58b73#1600722972|PC#48f02a4f259b4dc985dbd9ac7ac58b73.37_0#1663965912
.kifaayatiproductions.com/ Name: _gat_gtag_UA_57009086_4
Value: 1
.demdex.net/ Name: dextp
Value: 60-1-1600721112013|358-1-1600721112114|477-1-1600721112216|771-1-1600721112317|1123-1-1600721112420|1957-1-1600721112522|144228-1-1600721112624|144229-1-1600721112726|144230-1-1600721112828|144231-1-1600721112930|144232-1-1600721113031|144233-1-1600721113132|144234-1-1600721113233|144235-1-1600721113334|144236-1-1600721113435
.kifaayatiproductions.com/ Name: _ga
Value: GA1.2.836004635.1600721112
.kifaayatiproductions.com/ Name: _gid
Value: GA1.2.96418591.1600721112
.kifaayatiproductions.com/ Name: AAMC_fidelity_0
Value: REGION%7C6
.kifaayatiproductions.com/ Name: check
Value: true

2 Console Messages

Source Level URL
Text
console-api warning URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js(Line 911)
Message:
AT: [getOffer()] request failed [object Object]
console-api warning URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js(Line 911)
Message:
AT: Rendering mbox failed target-global-mbox error no display - unauthorized mbox host

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

activate1.fidelity.com
assets.fidelity.com
clixqa4.fmr.com
cm.everesttech.net
dpm.demdex.net
fidelity.demdex.net
fmrcorp.tt.omtrdc.net
garvkoch.club
kifaayatiproductions.com
login.fidelity.com
nexus.ensighten.com
sitecatalyst.fidelity.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
clixqa4.fmr.com
garvkoch.club
18.197.253.20
184.30.216.87
184.31.83.67
184.31.87.246
2607:f1c0:100f:f000::2c5
2a00:1450:4001:809::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c07::9a
3.124.119.57
52.48.45.48
52.48.66.74
66.117.28.86
02fea9fb5f9900121415bbbb37902c095c82107c8fae2911edbdea523a62e4ab
08d3b273f6d58547c0de4cd5cb98ff5bee8bf6d94f9483d514d130fe1da7e568
0fa40f460e71aee1e610ce7eaa54f9b6c34dd4d398f4b56fc047f37edfe6031b
170c22b59d68deed748cc0b577f49a828d751cb5b201fabee8f5b2eb515d4998
1eeac0c64e470dee27f5a247a04d72fdc46f8b5e6809fdd865c01dc56a2853a8
548e583035e5cc1523d99ae3a4119e0eb71e6c024651d7d196b83f6e7754d2cd
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6092c9a038f67b9fadeadc997e94dde49397956324342faa2815b8b439ca38f9
67c80d56758cda1bb5bec77917aaf74c32006a0bc09a7dd164c556de2c754487
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a407e54294c6ef2fe14317f6653ff26f73749e20d8c8e53a4016f822a5024fe
7aa0292c8b5387df9165be7dec812d4636f0848f97093801e7c0d2d89d0ce62b
83c98643781aefd64cf2e995aa6a081bd2fad0505fe918e468b14d512ae5c9b9
88fcd7367c73e5096e5aacbd42d0aa95a4256aa4a7db3bbf09a0037e11ebea3d
b8a8df352218963f139c12550810d45734833db47087e72c4163552317513ae0
b8d1f055bca8437c26196e46e02cfd1ec074d79e9437680f7adf2afde2af707c
b9efac9677aa04e08a2ba0054930a1e3225f727f4a031e1f38d1faa73537476b
bd08b9849632e73574f62ca80572a17f9bbd9bb1010fe8c6380e641460abd96c
be8b6c87fa710cbe992c97bc4e0f0f8f2ae42581d679c662ba5cd21cf0e2fdb0
d950fbf30c30d940dc7bf68424c4b72fbabb9df459198beba73ddc1df2fa8918
da238e7cbb9b0bf4c20ba247fee7f38624d682236d9f8aa3b1628cd1f3a0e4ff
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2c6457c1bf15cf08f6f93d0ea049ef2eaecd67b0f7ff29f756d2cd05a724438
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1622db01cbd095ad132648bafda4c57fd0c08505fdb76022e9e13a66ed93826
f59803fbb1b71e1037cb9cbdf12da1c99ef1666f5b6d0b66185d5a0eb26bbc0d