urlscan.io logo urlscan.io
SecurityTrails logo

161.35.207.100 Open in urlscan Pro
161.35.207.100  Public Scan

Go To Rescan Add Verdict Report
URL: http://161.35.207.100/fidelity/error.html
Submission: On July 30 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 14 domains to perform 136 HTTP transactions. The main IP is 161.35.207.100, located in New York, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is 161.35.207.100.
This is the only time 161.35.207.100 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 161.35.207.100 14061 (DIGITALOC...)
2 18.195.42.228 16509 (AMAZON-02)
13 91.235.133.177 30286 (THM)
3 54.76.99.142 16509 (AMAZON-02)
2 52.209.239.68 16509 (AMAZON-02)
3 3.124.119.57 16509 (AMAZON-02)
2 2 54.147.6.169 14618 (AMAZON-AES)
2 52.216.237.205 16509 (AMAZON-02)
1 95.101.45.4 16625 (AKAMAI-AS)
1 2 69.89.31.230 46606 (UNIFIEDLA...)
3 23.37.44.230 16625 (AKAMAI-AS)
1 2.16.186.35 20940 (AKAMAI-ASN1)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:1b:... 54113 (FASTLY)
4 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 11 104.17.208.240 13335 (CLOUDFLAR...)
17 92.123.148.55 16625 (AKAMAI-AS)
1 3 91.235.132.130 30286 (THM)
1 91.235.134.131 30286 (THM)
37 104.17.209.240 13335 (CLOUDFLAR...)
1 92.122.106.46 16625 (AKAMAI-AS)
1 54.70.28.206 16509 (AMAZON-02)
136 25
22    161.35.207.100 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
161.35.207.100
2    18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
13    91.235.133.177 (Netherlands)

ASN30286 (THM, US)
cfa.fidelity.com
3    54.76.99.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
fmrcorp.tt.omtrdc.net
2    52.209.239.68 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-239-68.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
activate1.fidelity.com
2    54.147.6.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
www.glancecdn.net
2    52.216.237.205 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s3.amazonaws.com
1    95.101.45.4 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-45-4.deploy.static.akamaitechnologies.com
login.fidelity.com
2    69.89.31.230 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box430.bluehost.com
smallenvelop.com
3    23.37.44.230 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-44-230.deploy.static.akamaitechnologies.com
assets.fidelity.com
1    2.16.186.35 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-35.deploy.static.akamaitechnologies.com
sitecatalystu.fidelity.com
1    2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
3    2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)
static-v.tawk.to
vsa55.tawk.to
2    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
va.tawk.to
1    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
11    104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
siteintercept.qualtrics.com
17    92.123.148.55 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-148-55.deploy.static.akamaitechnologies.com
cdn.walkme.com
3    91.235.132.130 (Netherlands)

ASN30286 (THM, US)
PTR: h.online-metrix.net
h.online-metrix.net
1    91.235.134.131 (Netherlands)

ASN30286 (THM, US)
5h8i3ud8-9d2dd0fbf20a31e3de8f554b97ede3834f3f608f-am1.e.aa.online-metrix.net
37    104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)
siteintercept.qualtrics.com
1    92.122.106.46 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-106-46.deploy.static.akamaitechnologies.com
sjc1.qualtrics.com
1    54.70.28.206 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-70-28-206.us-west-2.compute.amazonaws.com
ec.walkme.com
Domain Requested by
46 siteintercept.qualtrics.com zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
siteintercept.qualtrics.com
17 cdn.walkme.com nexus.ensighten.com
cdn.walkme.com
13 cfa.fidelity.com 161.35.207.100
cfa.fidelity.com
3 h.online-metrix.net 1 redirects cfa.fidelity.com
3 vsa55.tawk.to embed.tawk.to
3 cdn.jsdelivr.net embed.tawk.to
161.35.207.100
3 fonts.googleapis.com embed.tawk.to
3 assets.fidelity.com 161.35.207.100
3 activate1.fidelity.com nexus.ensighten.com
3 fmrcorp.tt.omtrdc.net nexus.ensighten.com
2 zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com 1 redirects
2 va.tawk.to embed.tawk.to
2 smallenvelop.com 1 redirects 161.35.207.100
2 s3.amazonaws.com 161.35.207.100
2 www.glancecdn.net 2 redirects
2 dpm.demdex.net nexus.ensighten.com
2 nexus.ensighten.com 161.35.207.100
1 ec.walkme.com cdn.walkme.com
1 sjc1.qualtrics.com
1 5h8i3ud8-9d2dd0fbf20a31e3de8f554b97ede3834f3f608f-am1.e.aa.online-metrix.net
1 fonts.gstatic.com 161.35.207.100
1 static-v.tawk.to 161.35.207.100
1 embed.tawk.to 161.35.207.100
1 sitecatalystu.fidelity.com nexus.ensighten.com
1 login.fidelity.com 161.35.207.100
136 25

This site contains no links.

Subject Issuer Validity Valid
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2019-10-03 -
2020-10-02		 a year crt.sh
CFA.febtest.com
Entrust Certification Authority - L1K		 2020-05-08 -
2021-10-01		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
login.fidelity.com
Entrust Certification Authority - L1K		 2020-02-18 -
2022-02-18		 2 years crt.sh
smallenvelop.com
Let's Encrypt Authority X3		 2020-06-24 -
2020-09-22		 3 months crt.sh
dpcs.fidelity.com
Entrust Certification Authority - L1M		 2019-05-08 -
2021-05-08		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-29 -
2021-07-29		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-07-08 -
2021-04-17		 9 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2018-10-08 -
2021-01-06		 2 years crt.sh
walkme.com
DigiCert SHA2 Secure Server CA		 2020-07-08 -
2020-12-04		 5 months crt.sh
activate1.fidelity.com
Entrust Certification Authority - L1K		 2019-05-29 -
2021-07-12		 2 years crt.sh
h.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2020-02-20 -
2021-02-19		 a year crt.sh
*.e.aa.online-metrix.net
Go Daddy Secure Certificate Authority - G2		 2019-09-13 -
2021-09-13		 2 years crt.sh
*.walkme.com
DigiCert SHA2 Secure Server CA		 2019-04-23 -
2021-06-03		 2 years crt.sh

This page contains 12 frames:

Primary Page: http://161.35.207.100/fidelity/error.html
Frame ID: 4AA93414648B0984EF6BBAF3DCD741A7
Requests: 116 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 4066ACFCB8E36326526E3C6770E293CF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 5BBFE218987FE040403AB00F10A90CC3
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 2293EF597F5E272FB54786785541DB8A
Requests: 4 HTTP requests in this frame

Frame: https://static-v.tawk.to/a-v3/images/bubbles/42-br.svg
Frame ID: F573FC6F6CADE902DD51351F30CF94A1
Requests: 1 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Frame ID: 2FCCB1BD66983E6CC32612932FDE3B87
Requests: 11 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/HP?session_id=236a63bb4763f02b8e31990870ed6778&org_id=5h8i3ud8&nonce=7d4a935fd2e672c7&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: F6FC9DAD16670AC41EFA7FB292795B5D
Requests: 1 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/ls_fp.html;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7
Frame ID: 4C989DF43B8EB953CE8FE7B998DE36AC
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7
Frame ID: DC6E41C807152AB3F7E2C1278A2D9DB5
Requests: 1 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/top_fp.html;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7
Frame ID: D709A98034E96A08045010D9036A491B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.walkme.com/player/lib/20200721-145526-15b5911d/resources/CD/cdHiddenIframeScript.js
Frame ID: C35A73F39746435B8852439F2A81EB58
Requests: 1 HTTP requests in this frame

Frame: https://cdn.walkme.com/player/lib/20200721-145526-15b5911d/resources/CD/CDhiddenIframe.compress.html
Frame ID: 495E050346AEE5C8A8822663AC4436E6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

136
Requests

77 %
HTTPS

24 %
IPv6

14
Domains

25
Subdomains

25
IPs

5
Countries

2449 kB
Transfer

9540 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19772&site=production HTTP 302
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
Request Chain 25
  • http://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif HTTP 301
  • https://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif
Request Chain 56
  • http://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218 HTTP 301
  • https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Request Chain 62
  • http://www.glancecdn.net/cobrowse/js/GlancePresenceVisitor_4.9.0M.js HTTP 301
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlancePresenceVisitor_4.9.0M.js
Request Chain 66
  • https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&gttl=155520000 HTTP 302
  • https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&k=2

136 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request error.html
161.35.207.100/fidelity/ 		33 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f1b2aefab90090a49341d3fc1da02a6131403e315f6e985593edb3631bbf0183

Request headers

Host
161.35.207.100
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Server
Apache/2.4.29 (Ubuntu)
Last-Modified
Thu, 30 Jul 2020 13:41:32 GMT
ETag
"8587-5aba8d4941fad-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6028
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
Bootstrap.js
nexus.ensighten.com/fidelity/hpoptasync/ 		663 KB
191 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
752ac509c98878a6b24978984d25f1d3f2f2149c63ced50709d02f5360d4cb0c

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:21 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 07:26:07 GMT
server
nginx
etag
W/"5f10010f-a5bb9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
head.min.js
161.35.207.100/fidelity/ 		108 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/head.min.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
81e0834cc5fe6ac0231a33249708eaaaf77c05281a0e4b32548d66bd911655f7

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:40 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1afe5-5aba8c6b9ea87-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
39408
config.js
161.35.207.100/fidelity/ 		1 KB
771 B 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/config.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d00298a9e4e708de4e08d175da6b1c0c5aea23287fc3d83f8847edee2189b8b0

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:36 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"4ef-5aba8c67c344c-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
422
bootstrap.js
161.35.207.100/fidelity/ 		631 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/bootstrap.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e2f1827924a9a45f58120e40ef9c9a0cac49ca2fc56cc5456c9f93fe1634961d

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:39 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9daa3-5aba8c6a50a50-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
nav.min.js
161.35.207.100/fidelity/ 		120 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/nav.min.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
97186953cc577e4f1264131ba85ebee06c7d335656379b7cc60fd9fa0af550f5

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:45 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1e190-5aba8c70d1d51-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
38367
tabset.js
161.35.207.100/fidelity/ 		2 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/tabset.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
36e5138cd940c180adf0fec1a676d2169b8ba35f0e14ea6d1449a075c96d786e

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:49 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9e2-5aba8c742b558-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
669
home_page.css
161.35.207.100/fidelity/ 		950 KB
443 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/home_page.css
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
74e1b82be60b75a6f702babbab302c50a60c4ab696eac27c04d47f100125eab7

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:45 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"ed65e-5aba8c70c61cc-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
master.css
161.35.207.100/fidelity/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/master.css
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
927275320ba4bb925e48576cf6c6d8a5356d492eb6b86e910892f72cdd3b1fbc

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:43 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"a8b-5aba8c6e1f56f-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
766
nav.css
161.35.207.100/fidelity/ 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/nav.css
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
59e2bfc931344de5adf5432dc0ef79280226449d2f11544eb006896a04e968c5

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:44 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"a00f-5aba8c6f58d83-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11575
footer.css
161.35.207.100/fidelity/ 		82 B
420 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/footer.css
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
54bd82ccdf1a493c29da4c79dbe64598fe66ba44fa7d269bf5ffe36c2f2e79dc

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:39 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"52-5aba8c6ac1ef8-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
86
score.css
161.35.207.100/fidelity/ 		2 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/score.css
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
40fb656a5ac156cc237bc46e223ed33ed49cd6c71c3b29de4e582fe6f64173aa

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:47 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"647-5aba8c7209626-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
510
tabset.css
161.35.207.100/fidelity/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/tabset.css
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
25eca424fd243e12c15f479b5490e14d30a01b800bbb1fbe9387e4a3472bf555

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:48 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"15e8-5aba8c735b4e8-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1291
rating.css
161.35.207.100/fidelity/ 		2 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/rating.css
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
da37179f5b8ae1887bd05d777d2ca360fd1b475bb2daf9a7dbd8d09d6627a4fe

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:47 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"843-5aba8c72028c4-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
647
table.css
161.35.207.100/fidelity/ 		0
279 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/table.css
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Last-Modified
Thu, 30 Jul 2020 13:37:48 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"0-5aba8c72eafdc"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
0
hp-body.min.js
161.35.207.100/fidelity/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/hp-body.min.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
276
Content-Type
text/html; charset=iso-8859-1
banner.min.js
161.35.207.100/fidelity/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/banner.min.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b3d7e4fcbbe34f1cd8e7b55d86f8f7dcc5bb2ab5b405cedd8f9dcda8a62105b6

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:33 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"22f4-5aba8c654e4f8-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2825
angular.min.js
161.35.207.100/fidelity/ 		116 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/angular.min.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0604040cd80a2f23d9ed9ad3b68a090086ccc2d26516f16a61497c70e22cd57b

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:37:35 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1ce3a-5aba8c667253a-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
42995
tags.js
cfa.fidelity.com/fp/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/tags.js?org_id=5h8i3ud8&session_id=236A63BB4763F02B8E31990870ED6778
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
882cb1f95cb768b80c9c06550ca0bc00d8df7364379d44593045712481e5088b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
P3P
CP=IVAa PSAa
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive, Keep-Alive
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
5950daa69b1642a5e0e4ce73095824
161.35.207.100/resources/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/resources/5950daa69b1642a5e0e4ce73095824
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:21 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
276
Content-Type
text/html; charset=iso-8859-1
json
fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/ 		142 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/json?mbox=target-global-mbox&mboxSession=8fc67250691141f49a4cb62d67e08b1d&mboxPC=&mboxPage=4382f2f229b44d0cbe7dcf2e1253df10&mboxVersion=1.2.3&mboxCount=1&mboxTime=1596129802044&mboxHost=161.35.207.100&mboxURL=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&profile.D83=0&lilo=Lo&profile.cp=p&profile.p1=&profile.p2=&profile.p3=&profile.p4=&profile.p5=&profile.p6=&profile.p7=&profile.p8=&profile.p21=&profile.p22=&profile.p99=&isRWV=false
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2c4afce8e481c00c4fa83fea863fcc47e9d5b8d41fc7a7f46eecc6f6bb1f6f15

Request headers

Accept
application/json
Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:22 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://161.35.207.100
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
142
X-Request-ID
fa3e63e8e575bca8fef062b1a54a1dce
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&d_nsid=0&ts=1596122602060
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
52.209.239.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-239-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f40a6f79df0713311f598bc8045ec3cdbae99e1fb654914ec5af2b3dc74be66a

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v077-07a079ee2.edge-irl1.demdex.com 5.75.3.20200728075420 3ms (+1ms)
Pragma
no-cache
Content-Encoding
gzip
X-TID
haXjQARKTw8=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://161.35.207.100
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1196
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
activate1.fidelity.com/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://activate1.fidelity.com/?json=%7B%22op%22%3A%22getProfile%22%2C%22uid%22%3A%22a7bda6f4-a9fb-4d28-b362-8ad8de632d92%22%7D
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:22 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
Apigw-Requestid
QfjcmiloliAEJjA=
GlanceCobrowseLoader_4.9.0M.js
s3.amazonaws.com/glancecdn/cobrowse/js/
Redirect Chain
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19772&site=production
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.237.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19b399504472722d29b53e85751d99089d6f98c18ba73931dfbbbe251c4e07a9

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:23 GMT
Last-Modified
Tue, 05 Nov 2019 22:35:58 GMT
Server
AmazonS3
x-amz-request-id
6Y1G6ZBNBNFKBQAT
ETag
"3fcc37d0e9ddabde15d8f4bdb51cb1e9"
x-amz-version-id
T_IiJ.xSF7THsIBNdbQc2hbXg4MUIuQ2
Cache-Control
public, max-age=31556926
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
9082
x-amz-id-2
dczFuQDWAPAMit6lEZF/PBxwk+DKSD9FEnBrLDbMtQLXM/LMfnwBQVzWMulZqoy0EXfm5XcgENA=

Redirect headers

date
Thu, 30 Jul 2020 15:23:22 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
status
302
location
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
content-length
194
e.gif
nexus.ensighten.com/error/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nexus.ensighten.com/error/e.gif?msg=jQuery%20is%20not%20defined&lnn=-1&fn=&cid=65&client=fidelity&publishPath=hpoptasync&rid=1278455&did=324702&errorName=ReferenceError
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:22 GMT
Cache-Control
no-cache, no-store
Server
nginx
Connection
keep-alive
Expires
Thu, 30 Jul 2020 15:23:21 GMT
fs-widget.jquery.min.js
login.fidelity.com/ftgw/pages/widget/js/ 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.fidelity.com/ftgw/pages/widget/js/fs-widget.jquery.min.js?_=1596122602124
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/head.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
95.101.45.4 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-45-4.deploy.static.akamaitechnologies.com
Software
JBCS httpd /
Resource Hash
bebde0e7c1e253b9c812b4ea51e4fa26a6d7f239d0a22cc8ed9cb10c317ef9c4

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:22 GMT
fsreqid
REQ5f22e5eab0c498749f4e0b98405daa33
Last-Modified
Mon, 18 May 2020 20:14:09 GMT
Server
JBCS httpd
ETag
W/"84248-1589832849000"
P3P
CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
fselapsedtime
1449
fscalleeid
https-login.fidelity.com-5050
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=iso-8859-1
Content-Length
84248
Preloader_2.gif
smallenvelop.com/wp-content/uploads/2014/08/
Redirect Chain
  • http://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif
  • https://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.230 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box430.bluehost.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.207.100/fidelity/home_page.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date
Thu, 30 Jul 2020 15:23:22 GMT
Server
nginx/1.14.1
Content-Type
text/html; charset=iso-8859-1
Location
https://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
275
Expires
Thu, 30 Jul 2020 15:23:22 GMT
truncated
/ 		846 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
645e1f1f95aa512d9cb9e774f0f35698bc2a1b349cbfecf79ba893377b3979fe

Request headers

Referer
http://161.35.207.100/fidelity/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		518 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
377dffcb29ed01327a552c58cc827a9ce6293653e87fd6a5b1d252386f2c7f22

Request headers

Referer
http://161.35.207.100/fidelity/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c63d18eb7183a56bdb7bd2178e6e6fdd54b1bcf4b0e7737273be170b3eb99fe

Request headers

Referer
http://161.35.207.100/fidelity/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		119 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dee0231a10703d83caca51875f267f8bcf88c17cc2ae54247224d2066ce02abe

Request headers

Referer
http://161.35.207.100/fidelity/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
FidelitySans-Regular.woff
assets.fidelity.com/fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Regular.woff
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.44.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-230.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c79b53a4c184b6aa42a77baa110706393290f7ae82ea209ce6f11407ace48b24

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.207.100/fidelity/home_page.css
Origin
http://161.35.207.100

Response headers

x-amz-version-id
NMREx1DTz_Md_UxulXyjER0YBhTXfP8p
ETag
"1164b06880f3cca02a34f8b00555b1b8"
x-amz-request-id
35C15EFDC806656F
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
50220
x-amz-id-2
SX+LGR1I44EvtHeOaeZnEKcPe62i6QoOm5DL8+XEdK4y9t3aGM4cbHAUxcI+9eshG+Gcj2rklDo=
Last-Modified
Thu, 06 Dec 2018 21:21:04 GMT
Server
AmazonS3
Date
Thu, 30 Jul 2020 15:23:22 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=2116
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Thu, 30 Jul 2020 15:58:38 GMT
id
sitecatalystu.fidelity.com/ 		89 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://sitecatalystu.fidelity.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&mid=59377931924921105061975322810417810398&ts=1596122602268
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
2.16.186.35 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-35.deploy.static.akamaitechnologies.com
Software
jag /
Resource Hash
70753129ec26d0e304df3f6706f4b6d320e11e2605f5dbb22944b48e5dc333dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 30 Jul 2020 15:23:22 GMT
x-content-type-options
nosniff
Server
jag
xserver
anedge-799979b5f6-5bz52
Vary
Origin
x-c
master-1315.Ia06625.M0-426
p3p
CP="This is not a P3P policy"
Access-Control-Allow-Origin
http://161.35.207.100
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript;charset=utf-8
Content-Length
89
x-xss-protection
1; mode=block
truncated
/ 		52 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25aac3c0244fdf4d9f9ddae3db3049ca21dffef72043f769fcde8fb4fda14245

Request headers

Referer
http://161.35.207.100/fidelity/home_page.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
FidelitySans-Bold.woff
assets.fidelity.com/fonts/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Bold.woff
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.44.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-230.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
92ea6d26d5ee6c1cf58a25d4c6d743d46b08b96c1b037750c1b29ac3ae51a3ac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.207.100/fidelity/home_page.css
Origin
http://161.35.207.100

Response headers

x-amz-version-id
ugsTBcoJKAjTZEI44PlQZ70Dg3.cyYFR
ETag
"6eca06fb033d0829b5075a48c19079a4"
x-amz-request-id
1CD6DDE647D14910
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
46800
x-amz-id-2
vMaWGRi8GzzNaKzci9nVwxMMZXF7zETJdmhkmCnfozUrl3UgoDGBiA+Pd9LKrPBV7ejwbUN2bPI=
Last-Modified
Thu, 06 Dec 2018 21:21:24 GMT
Server
AmazonS3
Date
Thu, 30 Jul 2020 15:23:22 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=2890
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Thu, 30 Jul 2020 16:11:32 GMT
FidelitySans-Light.woff
assets.fidelity.com/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Light.woff
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.44.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-44-230.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
87764cf2de53fe063f413bbbe2f22f217198367a5512f851270796d17e7b5b56

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.207.100/fidelity/home_page.css
Origin
http://161.35.207.100

Response headers

x-amz-version-id
Ke.lmoasaAhsR0HOAq9Lr15NQsDrfVRP
ETag
"26cfa5483fdb802f8aed0d9bdd67d76b"
x-amz-request-id
3B4A612FFF929448
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
53316
x-amz-id-2
vSUnQTDvRoPMwx1apL05d9OhZn3b+wqfM+PfMmQ25LA2SHnsWfhAKeunrwQovm01vrE1pbLlD9c=
Last-Modified
Thu, 06 Dec 2018 21:21:29 GMT
Server
AmazonS3
Date
Thu, 30 Jul 2020 15:23:22 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=2749
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Thu, 30 Jul 2020 16:09:11 GMT
error.html
161.35.207.100/fidelity/ 		33 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/error.html?_=1596122602125
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/head.min.js
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f1b2aefab90090a49341d3fc1da02a6131403e315f6e985593edb3631bbf0183

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://161.35.207.100/fidelity/error.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:41:32 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"8587-5aba8d4941fad-gzip"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
6028
error.html
161.35.207.100/fidelity/ 		33 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/error.html?_=1596122602126
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/head.min.js
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f1b2aefab90090a49341d3fc1da02a6131403e315f6e985593edb3631bbf0183

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://161.35.207.100/fidelity/error.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 13:41:32 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"8587-5aba8d4941fad-gzip"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
6028
hp-body.min.js
161.35.207.100/fidelity/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/fidelity/hp-body.min.js
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:22 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
276
Content-Type
text/html; charset=iso-8859-1
5950daa69b1642a5e0e4ce73095824
161.35.207.100/resources/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.207.100/resources/5950daa69b1642a5e0e4ce73095824
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.207.100 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:22 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
276
Content-Type
text/html; charset=iso-8859-1
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&d_nsid=0&d_mid=59377931924921105061975322810417810398&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=AVID%012F9172F50515ECFE-60000BE05A745C16&ts=1596122602490
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
52.209.239.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-239-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b0ddfde3c4808ad62fbc74f8dc98fbcbc9485997a4945b9810b822fa84ae1dee

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v077-0945fd0e4.edge-irl1.demdex.com 5.75.3.20200728075420 9ms (+1ms)
Pragma
no-cache
Content-Encoding
gzip
X-TID
+/1DCY3ISiE=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://161.35.207.100
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1196
Expires
Thu, 01 Jan 1970 00:00:00 GMT
default
embed.tawk.to/5f0d9fec5b59f94722bab1ce/ 		504 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d889cee9d53619c3d3f6e916ebca38084279174c00e0a60b8374e8fc6be4c7c8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.207.100/fidelity/error.html
Origin
http://161.35.207.100

Response headers

date
Thu, 30 Jul 2020 15:23:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
947
status
200
vary
Accept-Encoding
cf-request-id
0441eb3424000032602439b200000001
server
cloudflare
etag
W/"fulls6891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, s-maxage=3600
cf-ray
5bb01499db803260-FRA
json
fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/ 		142 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/json?mbox=PI_Navbar&mboxSession=8fc67250691141f49a4cb62d67e08b1d&mboxPC=8fc67250691141f49a4cb62d67e08b1d.37_0&mboxPage=4382f2f229b44d0cbe7dcf2e1253df10&mboxVersion=1.2.3&mboxCount=2&mboxTime=1596129802552&mboxHost=161.35.207.100&mboxURL=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&mboxMCGVID=59377931924921105061975322810417810398&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCAVID=2F9172F50515ECFE-60000BE05A745C16&mboxMCGLH=6&vst.trk=sitecatalystu.fidelity.com&vst.trks=sitecatalyst.fidelity.com&mboxMCSDID=3F15C8E481564804-765AF20245FF80A4&profile.D83=0&lilo=Lo&profile.cp=p&profile.p1=&profile.p2=&profile.p3=&profile.p4=&profile.p5=&profile.p6=&profile.p7=&profile.p8=&profile.p21=&profile.p22=&profile.p99=&isRWV=false
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2c4afce8e481c00c4fa83fea863fcc47e9d5b8d41fc7a7f46eecc6f6bb1f6f15

Request headers

Accept
application/json
Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:22 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://161.35.207.100
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
142
X-Request-ID
ea9f5d1eb2fc2c54f54d47a00f4d7d49
json
fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/ 		142 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/json?mbox=PI_PHP_Hero&mboxSession=8fc67250691141f49a4cb62d67e08b1d&mboxPC=8fc67250691141f49a4cb62d67e08b1d.37_0&mboxPage=4382f2f229b44d0cbe7dcf2e1253df10&mboxVersion=1.2.3&mboxCount=3&mboxTime=1596129802564&mboxHost=161.35.207.100&mboxURL=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&mboxMCGVID=59377931924921105061975322810417810398&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCAVID=2F9172F50515ECFE-60000BE05A745C16&mboxMCGLH=6&vst.trk=sitecatalystu.fidelity.com&vst.trks=sitecatalyst.fidelity.com&mboxMCSDID=3F15C8E481564804-765AF20245FF80A4&profile.D83=0&lilo=Lo&profile.cp=p&profile.p1=&profile.p2=&profile.p3=&profile.p4=&profile.p5=&profile.p6=&profile.p7=&profile.p8=&profile.p21=&profile.p22=&profile.p99=&isRWV=false
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2c4afce8e481c00c4fa83fea863fcc47e9d5b8d41fc7a7f46eecc6f6bb1f6f15

Request headers

Accept
application/json
Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:22 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://161.35.207.100
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
142
X-Request-ID
87c926ba7d0e275041942dd944530952
css
fonts.googleapis.com/ Frame 4066 		8 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Jul 2020 14:14:26 GMT
server
ESF
date
Thu, 30 Jul 2020 15:23:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Jul 2020 15:23:22 GMT
css
fonts.googleapis.com/ Frame 5BBF 		8 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Jul 2020 14:18:44 GMT
server
ESF
date
Thu, 30 Jul 2020 15:23:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Jul 2020 15:23:22 GMT
css
fonts.googleapis.com/ Frame 2293 		8 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 30 Jul 2020 14:12:14 GMT
server
ESF
date
Thu, 30 Jul 2020 15:23:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 30 Jul 2020 15:23:22 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 2293 		192 B
275 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
6001435
x-cache
HIT, HIT
status
200
content-length
152
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by
cache-fra19146-FRA, cache-hhn4056-HHN
date
Thu, 30 Jul 2020 15:23:22 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 2293 		295 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
7673155
x-cache
HIT, HIT
status
200
content-length
53890
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19174-FRA, cache-hhn4056-HHN
date
Thu, 30 Jul 2020 15:23:22 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
42-br.svg
static-v.tawk.to/a-v3/images/bubbles/ Frame F573 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-v.tawk.to/a-v3/images/bubbles/42-br.svg
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1fd910464faae750010db09cd114e8b0466071997d992456624d9ff477688a1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
672519
status
200
vary
Accept-Encoding
cf-request-id
0441eb34b80000976040af6200000001
pragma
public
last-modified
Mon, 15 Jul 2019 17:38:56 GMT
server
cloudflare
etag
W/"5d2cba30-32f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
5bb0149accc19760-FRA
cf-bgj
h2pri
1596122602664
va.tawk.to/register/ 		688 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register/1596122602664
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb1dfe6a7a3798ae5a38063296b2fecbc62b3db25ed81d3cc4964f1b1349faae
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 Jul 2020 15:23:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
cf-request-id
0441eb34bb000097f610391200000001
x-served-by
visitor-application-preemptive-6gdv
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
5bb0149acaba97f6-FRA
access-control-allow-headers
origin, content-type
/
vsa55.tawk.to/s/ 		101 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa55.tawk.to/s/?k=5f22e5eac038494eef1f2c96&u=VqkpHwuWkokvTiL%2BUqBoZUXvZBtVjmnzj4U1bNDSoRxp7SZIf6QaplFO6%2FqJIfU4&uv=2&a=5f0d9fec5b59f94722bab1ce&cver=0&pop=false&w=FzxJIJ&jv=689&asver=685&ust=false&p=Fidelity%20Investments%20-%20Retirement%20Plans%2C%20Investing%2C%20Brokerage%2C%20Wealth%20Management%2C%20Financial%20Planning%20and%20Advice%2C%20Online%20Trading.&r=&EIO=3&transport=polling&__t=NEWKXs5
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cea0bd534ba80d23eab5f3b7221a43ec1ac763aac0555d99394d0aac54b3a9a3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:23 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
http://161.35.207.100
access-control-allow-credentials
true
cf-ray
5bb0149c3dec9760-FRA
content-length
101
cf-request-id
0441eb35a50000976040b08200000001
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 2293 		413 B
544 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
7724752
x-cache
HIT, HIT
status
200
content-length
413
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by
cache-fra19122-FRA, cache-hhn4056-HHN
date
Thu, 30 Jul 2020 15:23:22 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ Frame 5BBF 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Requested by
Host: 161.35.207.100
URL: http://161.35.207.100/fidelity/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Origin
http://161.35.207.100

Response headers

date
Thu, 23 Jul 2020 00:25:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
658696
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Fri, 23 Jul 2021 00:25:06 GMT
/
vsa55.tawk.to/s/ 		580 B
769 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa55.tawk.to/s/?k=5f22e5eac038494eef1f2c96&u=VqkpHwuWkokvTiL%2BUqBoZUXvZBtVjmnzj4U1bNDSoRxp7SZIf6QaplFO6%2FqJIfU4&uv=2&a=5f0d9fec5b59f94722bab1ce&cver=0&pop=false&w=FzxJIJ&jv=689&asver=685&ust=false&p=Fidelity%20Investments%20-%20Retirement%20Plans%2C%20Investing%2C%20Brokerage%2C%20Wealth%20Management%2C%20Financial%20Planning%20and%20Advice%2C%20Online%20Trading.&r=&EIO=3&transport=polling&__t=NEWKXuu.0&sid=tWfQqGRKd1mFZPll4Z-U
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67627bf16675ec658224354f7299573b046aefeb13c7e8633d78a8cec956c02e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:23 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
http://161.35.207.100
access-control-allow-credentials
true
cf-ray
5bb0149d2e729760-FRA
content-length
580
cf-request-id
0441eb363a0000976040b0d200000001
v3
va.tawk.to/log-performance/ 		5 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 Jul 2020 15:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
cf-request-id
0441eb36cd000097f6103bb200000001
x-served-by
visitor-application-preemptive-9c18
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
http://161.35.207.100
access-control-allow-credentials
true
cf-ray
5bb0149e1d9e97f6-FRA
access-control-allow-headers
origin, content-type
/
vsa55.tawk.to/s/ 		4 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa55.tawk.to/s/?k=5f22e5eac038494eef1f2c96&u=VqkpHwuWkokvTiL%2BUqBoZUXvZBtVjmnzj4U1bNDSoRxp7SZIf6QaplFO6%2FqJIfU4&uv=2&a=5f0d9fec5b59f94722bab1ce&cver=0&pop=false&w=FzxJIJ&jv=689&asver=685&ust=false&p=Fidelity%20Investments%20-%20Retirement%20Plans%2C%20Investing%2C%20Brokerage%2C%20Wealth%20Management%2C%20Financial%20Planning%20and%20Advice%2C%20Online%20Trading.&r=&EIO=3&transport=polling&__t=NEWKXxD&sid=tWfQqGRKd1mFZPll4Z-U
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:23 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
http://161.35.207.100
access-control-allow-credentials
true
cf-ray
5bb0149e1f349760-FRA
content-length
4
cf-request-id
0441eb36cf0000976040b19200000001
/
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/
Redirect Chain
  • http://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
  • https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
48fae2be26e019e48301eb0b320a63d51546d4702e9620be53f4c689e60c82e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
44468
cf-polished
origSize=53500
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb374000000b4355343200000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"d0fc-DHMR5l0R4V4w2nbRKy5sEl8jbHU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
5bb0149ec93f0b43-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept

Redirect headers

Date
Thu, 30 Jul 2020 15:23:23 GMT
X-Content-Type-Options
nosniff
Server
cloudflare
Vary
Accept-Encoding
Location
https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5bb0149e4fe1fa80-AMS
cf-request-id
0441eb36f00000fa8080069200000001
Expires
Thu, 30 Jul 2020 16:23:23 GMT
walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
482adb0cd7b80ec97699ed293ec299eb5123c4c5eddc4339ad49e934e519adaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
OVzxP94sUEZwSkn4wMWEM8P0GTLLBZeg
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
8G3SET7Y2H0PDP5R
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
4392
x-amz-id-2
fW+hHzW6WjjrmetSK6Jik9D//EGnMsAxxgXY8mVoOMlVpyANG/Svy05Fn/rqFWfPqHMiY1ynRdE=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jul 2020 17:25:47 GMT
server
AmazonS3
date
Thu, 30 Jul 2020 15:23:23 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=21725
etag
"325e6926642edd4ce8138066f74278ad"
accept-ranges
bytes
exec
activate1.fidelity.com/ 		0
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://activate1.fidelity.com/exec?nexusHost=nexus.ensighten.com&space=iot-prod&env=prod&mid=&pixelType=web
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 30 Jul 2020 15:23:23 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
x-offsite-uuid
be3aeb18-e941-4936-9c75-fc8158417045
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
activate1.fidelity.com/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://activate1.fidelity.com/?json=%7B%22op%22%3A%22setAttribute%22%2C%22data%22%3A%7B%22k%22%3A%5B%22D401%22%5D%2C%22v%22%3A%5B1596122603220%5D%7D%2C%22uid%22%3A%22a7bda6f4-a9fb-4d28-b362-8ad8de632d92%22%7D
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:23 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
Apigw-Requestid
QfjcxiNtFiAEJHA=
check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125
cfa.fidelity.com/fp/ Frame 2FCC 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/tags.js?org_id=5h8i3ud8&session_id=236A63BB4763F02B8E31990870ED6778
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
34b6a138bc53e4a2cd2dc39042a10441520c52ac5fdbe4fd361c88acb50910c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
tmx-nonce
7d4a935fd2e672c7
Connection
Keep-Alive, Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=99
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
cfa.fidelity.com/fp/ Frame 2FCC 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&ck=0&m=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:23 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
GlancePresenceVisitor_4.9.0M.js
s3.amazonaws.com/glancecdn/cobrowse/js/
Redirect Chain
  • http://www.glancecdn.net/cobrowse/js/GlancePresenceVisitor_4.9.0M.js
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlancePresenceVisitor_4.9.0M.js
15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlancePresenceVisitor_4.9.0M.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.237.205 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49b1ccc994a1dc939eeebece2ad6fc41bcaae6c413af553861b78e6bc40c6ca2

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:24 GMT
Last-Modified
Tue, 05 Nov 2019 22:35:58 GMT
Server
AmazonS3
x-amz-request-id
3F47F31642F4BED2
ETag
"84afd2bdb3eae35950304a2d562f4f3f"
x-amz-version-id
FV1E4duaexOZxLb9acLqAsRsfQomxIah
Cache-Control
public, max-age=31556926
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
15041
x-amz-id-2
2e7duipTV18hUl8wJzg1x7xFd2IZCZOntYA/6ADsNI9yhnb0kHyKgJEWqAEuK4hxGt/RPHqlofc=

Redirect headers

Location
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlancePresenceVisitor_4.9.0M.js
Date
Thu, 30 Jul 2020 15:23:23 GMT
Server
Microsoft-IIS/8.5
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
201
Content-Type
text/html; charset=UTF-8
clear.png
cfa.fidelity.com/fp/ Frame 2FCC 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&w=5e296e651232858f&ck=0&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:23 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
HP
cfa.fidelity.com/fp/ Frame F6FC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/HP?session_id=236a63bb4763f02b8e31990870ed6778&org_id=5h8i3ud8&nonce=7d4a935fd2e672c7&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
cfa.fidelity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://161.35.207.100/fidelity/error.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
thx_guid=4647fb2d748143c5a58d34961b8fbd4a; s_vi=[CS]v1|2F9172F50515ECFE-60000BE05A745C16[CE]; bm_sz=811B46955F5BA4D1572247B9196E8EC4~YAAQH7oQAqLuKJRzAQAArRtSoAjoYakClYbqLr+wz/Ttvd/ZvfJH6A7BpGePe8QIVRboMVq5mgwNW12IEDoul0vu93btiEWBUyU5iOeXwZeXWxgdFutDetVAHwerRrSGPBJzLC8TqiIg1JlOgXt6CtIKfdvy9xRzPAObYOmEQACBOWcvAySHdbbYCNuDaAbWf+Y=; _abck=D0BD29F1C9FC3E507DFFBE048C7D5563~-1~YAAQH7oQAqPuKJRzAQAArRtSoARoRpoEKl+W2/G3mOHJhLS7Ow8CQV1+rL8AGHM91Q6mT5kpf6ZHcE2403tOyVx4aD34uQPI34psjp+aErxCr3ULvGsI8bwzrVNpwMko5/W8DHhZRbU+IH6a2Cfhjrciwws2Sh33UPYxB9hUuYBlJZXIUz/tvn6kr4Wxh7qpiJaGxJ/UVGg/n7PkRgoO6lMEiof9Jxr3QC7ZaEXmX6hpRfFwtFTEtrrRkklFRek9WLtqGM1r6IonwSH4GBqNmjAIJJ7SgFs=~-1~-1~-1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.207.100/fidelity/error.html

Response headers

Date
Thu, 30 Jul 2020 15:23:23 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible
IE=Edge
Content-Type
text/html;charset=UTF-8
Content-Language
en-US
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
5793
Keep-Alive
timeout=2, max=99
clear.png
cfa.fidelity.com/fp/ Frame 2FCC 		81 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, 5h8i3ud8/7d4a935fd2e672c7236a63bb4763f02b8e31990870ed6778
Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:23 GMT
Last-Modified
Thu, 30 Jul 2020 15:23:23 GMT
Server
Apache
Etag
919f87a920014830b9dd25c3937ca9f9
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
http://161.35.207.100
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Tue, 29 Jul 2025 15:23:23 GMT
clear.png
h.online-metrix.net/fp/ Frame 2FCC
Redirect Chain
  • https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&gttl=155520000
  • https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&k=2
0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&k=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , Netherlands, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:23 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 30 Jul 2020 15:23:23 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
P3P
CP=IVAa PSAa
Location
https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&k=2
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Keep-Alive
timeout=2, max=100
Content-Length
323
ls_fp.html;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125
cfa.fidelity.com/fp/ Frame 4C98 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/ls_fp.html;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
cfa.fidelity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://161.35.207.100/fidelity/error.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
thx_guid=4647fb2d748143c5a58d34961b8fbd4a; s_vi=[CS]v1|2F9172F50515ECFE-60000BE05A745C16[CE]; bm_sz=811B46955F5BA4D1572247B9196E8EC4~YAAQH7oQAqLuKJRzAQAArRtSoAjoYakClYbqLr+wz/Ttvd/ZvfJH6A7BpGePe8QIVRboMVq5mgwNW12IEDoul0vu93btiEWBUyU5iOeXwZeXWxgdFutDetVAHwerRrSGPBJzLC8TqiIg1JlOgXt6CtIKfdvy9xRzPAObYOmEQACBOWcvAySHdbbYCNuDaAbWf+Y=; _abck=D0BD29F1C9FC3E507DFFBE048C7D5563~-1~YAAQH7oQAqPuKJRzAQAArRtSoARoRpoEKl+W2/G3mOHJhLS7Ow8CQV1+rL8AGHM91Q6mT5kpf6ZHcE2403tOyVx4aD34uQPI34psjp+aErxCr3ULvGsI8bwzrVNpwMko5/W8DHhZRbU+IH6a2Cfhjrciwws2Sh33UPYxB9hUuYBlJZXIUz/tvn6kr4Wxh7qpiJaGxJ/UVGg/n7PkRgoO6lMEiof9Jxr3QC7ZaEXmX6hpRfFwtFTEtrrRkklFRek9WLtqGM1r6IonwSH4GBqNmjAIJJ7SgFs=~-1~-1~-1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.207.100/fidelity/error.html

Response headers

Date
Thu, 30 Jul 2020 15:23:23 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=98
Transfer-Encoding
chunked
clear.png
cfa.fidelity.com/fp/ Frame 2FCC 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3730246c71633f3765306034673637333a3330383d30663a3138306360343430613160343435333a32303064646166336e636434303b34
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:23 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125
h.online-metrix.net/fp/ Frame DC6E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , Netherlands, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
h.online-metrix.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://161.35.207.100/fidelity/error.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.207.100/fidelity/error.html

Response headers

Date
Thu, 30 Jul 2020 15:23:23 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=100
Transfer-Encoding
chunked
clear.png
cfa.fidelity.com/fp/ Frame 2FCC 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jd=31312426753f376732603467343533303b323a35306e266264746e3d3338373836383630
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:23 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
top_fp.html;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125
cfa.fidelity.com/fp/ Frame D709 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/top_fp.html;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
cfa.fidelity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://161.35.207.100/fidelity/error.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.207.100/fidelity/error.html

Response headers

Date
Thu, 30 Jul 2020 15:23:23 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=94
Transfer-Encoding
chunked
clear.png
cfa.fidelity.com/fp/ Frame 2FCC 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&ja=343b372624753f3765306034673637333a3330383d30662e613d363024783f3e3224643d333432327833303232266364353134303870313a323026737a7b3f387a32246472703f332c333432322c333038302e313e383024333230302e333438322e333232322e333632322e3332323224302e302e7b636c3f3234266e6a3f607676722531432730462730443336332c3b352c32383f2e393230253244646b6c676e6b747b2730446570706d702e6a76656c24647a35687c767025334327304e2730443134332c31352c3032352e3332382530466e61646d6e6974792730446d70706d722c6a766f6c24723f726c7765616e5d66646973605c66616c716723786e7765696c5d756b6e666d75715f6f676c69635f7864617167725e66636e716d23726e75656b6c5d61666d60675f63617a6f60617c5666696e736521726e776f6b6c5d71776b6169746b6f675c66636e7b652370647d67616c5f73686d61697f6374675e64636e716523726e77676b6c5772676164786c697b65725e64636e7b6723726c77656b6c5f746e615d706e637165705e6e696c7b6721706c77656b665d666776636e74705e64636e71652372647565696657737e655f76696775677a5c64636c716723726c77656b6c5f68637e615c666964736d2468683d336133313a353b6534323b63353a3730613332326c6230663a6a333934383863246871673f4e6b6e777a246873603f416a726d6f6d253030303b2662716f753d4e6b6c7d7a246c68613f3334267678663f457770677067253a4e426d706c696e246f637c6a703f343232316631613060676332306d3661633d3e30383a3261643337373c3233646436373a3a31363366346563633a346663313c616e60643732313331393b346326677a313f633a3664363766353e3961623b3f613b366332306730663133646437313a363263633532376136612e636164353a3038323030&jb=33373b266e733f4f6f786b6e6e6127304e352c302d3a30204f6163696c766d7b6a2731422730324b6e76676e2732324f696327323847532d30305825303233385d33365f372b2730304372726e6555676a4b6b742d3a463d31372e33342730382a494a544f4e2730432730326e6969672d3232476d6b6b672b253230416a70676f672732443a312c302c363332332c34392530305b696669706925324437313f2c3134
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:23 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
clear.png
5h8i3ud8-9d2dd0fbf20a31e3de8f554b97ede3834f3f608f-am1.e.aa.online-metrix.net/fp/ Frame 2FCC 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5h8i3ud8-9d2dd0fbf20a31e3de8f554b97ede3834f3f608f-am1.e.aa.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.134.131 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:24 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		17 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cvGJH8lmjxbKyln&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00706ee4320b7e0b4bf553aa90c84ba2065eabdd9816cdab38c7056ea29a218f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
5bb014a36be90b43-AMS
vary
Accept-Encoding
cf-request-id
0441eb3a1f00000b4355372200000001
settings.txt
cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0c3223b9c4dccd6f0b44c8465a8bfa2dcdc23e8729b007f94deff654f9f543b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
.PuR.H0HSqHZ8AcVSYL7inAJ72G2onap
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
616AA706604EAAC7
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
632
x-amz-id-2
hIaBiGmr8Ko1JK+wibvDE4BudXJPToXksRdBpqc3+6oAX78FCEbt38ESSp+dGcilcUxt9gAQ5E8=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jul 2020 17:25:47 GMT
server
AmazonS3
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=833
etag
"1b94811fde1a653e18cf48454e54725c"
accept-ranges
bytes
wmjQuery171.js
cdn.walkme.com/player/resources/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/wmjQuery171.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d4b341e0e1b10b8d9d72b33a552d9a4c5f181644a550e6c5290ffbd0df7ff698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
dlOIL_rgT0aloi1SfIVB2qBEX5hN4XKk
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
A949AA5301BAD0A9
x-amz-meta-cb-modifiedtime
Sun, 14 Apr 2013 07:28:19 GMT
status
200
vary
Accept-Encoding
content-length
33167
x-amz-id-2
4+L4nO0IDklDdUso2SzgSFrjiFqGU5z8S06c0rSkPPIAvuDrJNWls8MpC30SM0vsVjek9EEXLfA=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Jan 2016 09:10:17 GMT
server
AmazonS3
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=18036056
etag
"bd856ab0099e8b88daeced6a21ed1398"
accept-ranges
bytes
prelib-plugin-579dbbfd-a592-3c99-a85c-ade839c2582a.js
cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/scripts/ 		105 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/scripts/prelib-plugin-579dbbfd-a592-3c99-a85c-ade839c2582a.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8b9b73786f62ed9b6ddce93ee2106b95dbb7ebcbededbf9b2d91ff18aa8c982b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
zQ46s_eae465_f0H0KGXFs7mU57yKncF
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
4808CD1FA6D44658
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
32293
x-amz-id-2
/bhbp/dkX7NFB6xPQh4zUyRkcbspcxLNr9RgkZ09t62+GIpx4JObiiHk6fBbf1p8QGozyisNx0g=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Feb 2020 21:09:23 GMT
server
AmazonS3
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=24707959
etag
"ce5cff3502452ac113edcd0af8cbb8eb"
accept-ranges
bytes
walkme_lib_20200721-145526-15b5911d.js
cdn.walkme.com/player/lib/ 		1 MB
415 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b1216b84983dcadaced21d95081bb25ec55d6d1c7be56912da78bfced5f1126e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
JxbDCExFd6Kn_19KLUQF4HQK9SGri6PO
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
C10D5BA96370757C
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
423370
x-amz-id-2
quAd5H19cNs2IqynZd6iEihLjH204AstDYelysZrr4QeMLSllKRt6O1WwEpzQ1mGfwpqSg7UzhQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Jul 2020 16:43:30 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595349644/ctime:1595349646/gid:0/gname:root/md5:8005e21dab58085355e79d61bd79aeda/mode:33188/mtime:1595349645/uid:0/uname:root
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30763544
etag
"8005e21dab58085355e79d61bd79aeda"
accept-ranges
bytes
walkme_config_3185233f40f9451d8b006025cb43f8b9.js
cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_config_3185233f40f9451d8b006025cb43f8b9.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1bc34af0626366b6ce668b5391a7d65bb013e57ec1851bd6124d01bedecdf388
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
lBrtg_0k4K6TDBWEV21f_1g7kJS7sTsI
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
C3BA867EC585E5A4
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1590
x-amz-id-2
YGzKokC0IXUEohwuSHLXihCmNybKrqoidu4NU1Royim8sg55hdge0lpo6UdtHQrdny4rtrx3ZbM=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jul 2020 17:25:39 GMT
server
AmazonS3
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31024982
etag
"8388dbb94ecb9f6bcab14212c700151d"
accept-ranges
bytes
data_8a950d80d45f46208b3f790167774745.js
cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/ 		3 MB
290 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/data_8a950d80d45f46208b3f790167774745.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a11a103cd42df86cca85141020e122f6561e01dd3d39d0ccfef2d4fd3b1e9561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
FIH6lgV4yL_AWNlvr8LUx2G3FCGyhquO
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
7M0JFX8Y8K8T9V7P
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
295476
x-amz-id-2
rkvqEmfsvbBcWqdJwUQwG6RVM2fco2mJ7p1XG0I7E9aQefS4knyXdhZvVh2dRUehh2WNz1mc1bE=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jul 2020 17:25:46 GMT
server
AmazonS3
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31024985
etag
"99e6b800c4c22d98223dd0fb86b2afe9"
accept-ranges
bytes
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
695a90257ebaa0d4053d262d7da44710544c15d1f8da70080ac200fa7cacb1de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
44767
cf-polished
origSize=89652
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3ab900000b435537d200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"15e34-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb014a45dee0b43-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
clear.png
cfa.fidelity.com/fp/ Frame 2FCC 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jac=1&je=33353726247567607276615d677876677a6e636c576170353a322e3132302c393b2c33333424756b6d3f75676072766157696c746d7a6e696e5f6d646c7124786f3f6c6f2460637673763f79206c67746d6c203a392630382e2273746376777b203820636a637065696c65207f2663776c683f646c6a653b616336353130633a676431653735376432646737666233353f3332616d3f353d3330613732326469633335653561333132313730303435326e3464
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 30 Jul 2020 15:23:24 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=93
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cdHiddenIframeScript.js
cdn.walkme.com/player/lib/20200721-145526-15b5911d/resources/CD/ Frame C35A 		244 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200721-145526-15b5911d/resources/CD/cdHiddenIframeScript.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c7e164623cec10a7bef1f13bf6c53c7415fad63815f9bbd8a3974792a8ad2190
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
awdBkA5bU_obTy_V380qfc4X8R1RIt0R
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
E5358E9E7272951B
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
163
x-amz-id-2
vaT8XCPfUDKPomhj8UwifvFuBUDK/9/IyeyHOx5LF4/lPhCK2IyMRM75Nj96ftGI8aOMuP0E83o=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Jul 2020 16:41:19 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595349644/ctime:1595349646/gid:0/gname:root/md5:a6abe89a638483d2d4657e7b666392dc/mode:33188/mtime:1595349644/uid:0/uname:root
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30764907
etag
"a6abe89a638483d2d4657e7b666392dc"
accept-ranges
bytes
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cvGJH8lmjxbKyln&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web&t=1596122604540&Q_VSI=%7B%22SI_2oDT1dKLOgeFIGN%22%3A%22AS_ezBkISYOIouBniR%22%2C%22SI_9YUbswnCF6g4k05%22%3A%22AS_dgSBESfDvmcztpb%22%2C%22SI_eUPgeLMEq5Uop2B%22%3A%22AS_ezJMosl1OlOkV7L%22%2C%22SI_5ndFaivuSQRQAmh%22%3A%22AS_8va1d4UY6OFFZBP%22%2C%22SI_aavOQmPi2QSZKE5%22%3A%22AS_8ifmb3iJedfHgQl%22%2C%22SI_0vaYdwthIHVvh6R%22%3A%22AS_71KbwLKhybfpMO1%22%2C%22SI_bgaRAZcFBOJ6zwV%22%3A%22AS_8va1d4UY6OFFZBP%22%2C%22SI_0AsPpi6JZXIjgMZ%22%3A%22AS_0AqVa5fIQp7ktXT%22%2C%22SI_aYq2S2L9WYVHefz%22%3A%22AS_1zikv8pXcp0a1Yp%22%2C%22SI_3xF9eIfo8Uzr9lz%22%3A%22DependencyResolver%22%2C%22SI_d0vTh73XVccVBch%22%3A%22DependencyResolver%22%2C%22SI_8bI5O7qUmvDPxrv%22%3A%22AS_8tWaSJJHzb7hoDb%22%2C%22SI_6KILeGGAuPslJ7n%22%3A%22AS_effBsxkZXSfNw1f%22%2C%22SI_aY4q6e1MQfRGQ73%22%3A%22DependencyResolver%22%2C%22SI_bw1hblXpnxk5GYZ%22%3A%22AS_aXmSrXSA90qqq8Z%22%2C%22SI_0qryPRAlBXczdTD%22%3A%22AS_cDgQErqwRLktVNX%22%2C%22SI_20upoDg7GIYGuyh%22%3A%22AS_bHmm5S4AvhgTLRX%22%2C%22SI_1ZATmws6zTwTBNX%22%3A%22DependencyResolver%22%2C%22SI_9slyRRmuwUZ9tfT%22%3A%22AS_dhw1aOwA2lGQ0sJ%22%2C%22SI_bfsdPx7VfKUvT81%22%3A%22DependencyResolver%22%2C%22SI_6tg8PWOi1frIFut%22%3A%22AS_bjBi792elCvqxaB%22%2C%22SI_bmvqwK4G0RfqFHn%22%3A%22AS_837ahSOhNf5tJYx%22%2C%22SI_9NSjltynMtHhMFf%22%3A%22AS_4VoSIWgbsWN00eh%22%7D&Q_DPR=true
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcf6cb3b3236ec0ec42e6197a13369985d647a06e2dda007dc568cdd935430f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
5bb014a67a420b43-AMS
vary
Accept-Encoding
cf-request-id
0441eb3c0800000b4355394200000001
CDhiddenIframe.compress.html
cdn.walkme.com/player/lib/20200721-145526-15b5911d/resources/CD/ Frame 495E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200721-145526-15b5911d/resources/CD/CDhiddenIframe.compress.html
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdn.walkme.com
:scheme
https
:path
/player/lib/20200721-145526-15b5911d/resources/CD/CDhiddenIframe.compress.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-amz-id-2
L+MVGI1WDxPbxrRWaB5wO1tOEE4Cc9BYLz50+57a/b+cgMr2vkO9D+mMMGBWwMN/khNitCeqtas=
x-amz-request-id
A391DCD5B0DB36D9
x-amz-replication-status
COMPLETED
last-modified
Tue, 21 Jul 2020 16:41:18 GMT
etag
"3f496649dbe5363fab56277f26b2dd94"
x-amz-server-side-encryption
AES256
x-amz-meta-s3cmd-attrs
atime:1595349644/ctime:1595349646/gid:0/gname:root/md5:3f496649dbe5363fab56277f26b2dd94/mode:33188/mtime:1595349644/uid:0/uname:root
content-encoding
gzip
x-amz-version-id
lYDIqJhjnpCGshd2LJrtX.DP4HVZXtjV
accept-ranges
bytes
content-type
text/html
content-length
7575
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=30764693
date
Thu, 30 Jul 2020 15:23:24 GMT
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000;preload
8.f0e2917c.walkme_lib.js
cdn.walkme.com/player/lib/20200721-145526-15b5911d/ 		660 B
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200721-145526-15b5911d/8.f0e2917c.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7393970158a42d24626d0350c2d4b668808092c24a289e1f25697ce814db0ec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
JNb95tGoOE4P2k8ORoOnE2CvCqWTGrxM
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
B09D2AD8AC15D969
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
345
x-amz-id-2
E2iXW4wE9GsG7mikcLRVBA6LZATC7WHkMAY4AC/VLapq8eKn8fSJ8IQMXHShYndSEuc05dYdhJU=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Jul 2020 16:41:04 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595349644/ctime:1595349646/gid:0/gname:root/md5:329091fc3247fc1daa76eb4a17eaff50/mode:33188/mtime:1595349644/uid:0/uname:root
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30764188
etag
"329091fc3247fc1daa76eb4a17eaff50"
accept-ranges
bytes
30.1277cbda.walkme_lib.js
cdn.walkme.com/player/lib/20200721-145526-15b5911d/ 		85 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200721-145526-15b5911d/30.1277cbda.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d77b883b15a3f8b2090cb679377aabf5d0d9699e8fec6387a0b1e07b245a61b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
pZPb4io.YfyJPO1BzKjGM0fRwZWT20PE
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
DE3948177FECD168
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
23993
x-amz-id-2
JqMVNPZ88sR9RscucruUFPfwu5LNjRCc0sEHRQvjL3uqHEMA+P4+ZroIu8EVQ6EmoElb5f2dfJo=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Jul 2020 16:40:57 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595349644/ctime:1595349646/gid:0/gname:root/md5:557535bd3455e81f2c7126a48c6969f9/mode:33188/mtime:1595349644/uid:0/uname:root
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30764586
etag
"557535bd3455e81f2c7126a48c6969f9"
accept-ranges
bytes
1.5b3ca108.walkme_lib.js
cdn.walkme.com/player/lib/20200721-145526-15b5911d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200721-145526-15b5911d/1.5b3ca108.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7638c0678e8a608a0d03a9d7b3fb54c9d8f1c92b2d83421972a754890ee47247
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Q3rDwU_OKhqwjElLjmxW2GCzV9HiE2sf
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
E1ECBA7AD8AA1541
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1129
x-amz-id-2
3UPH3cfFLdnGr7J7/PuwOkERUV3mYMHvnqWx3wiRPeb9w4GTIFdsux0SIFaC4V+5R2LtRvUQyio=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Jul 2020 16:40:51 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595349644/ctime:1595349646/gid:0/gname:root/md5:127eb40ab70956415dbbe9cc0f7a0979/mode:33188/mtime:1595349644/uid:0/uname:root
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30764313
etag
"127eb40ab70956415dbbe9cc0f7a0979"
accept-ranges
bytes
22.768183b7.walkme_lib.js
cdn.walkme.com/player/lib/20200721-145526-15b5911d/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200721-145526-15b5911d/22.768183b7.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3d33ed364e7f8ed54b30b73d5bca406551516bf18d5151c3f0f9e8c0d5f77195
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Gvpg2fa0DP9EJSloigciA9ozugGDRJm8
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
371CC9F0DA9D4388
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
8904
x-amz-id-2
yTVPsrbn3jS6hYek7kJ16Hvxlyyg+rfCyyJoxgRoQuoup5zeetHj9v38KYXfhlxfbIEPJvgUeT0=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Jul 2020 16:40:54 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595349644/ctime:1595349646/gid:0/gname:root/md5:f62529192abc2dbb78e5b4780a3542aa/mode:33188/mtime:1595349644/uid:0/uname:root
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30763567
etag
"f62529192abc2dbb78e5b4780a3542aa"
accept-ranges
bytes
18.3cb6407a.walkme_lib.js
cdn.walkme.com/player/lib/20200721-145526-15b5911d/ 		951 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200721-145526-15b5911d/18.3cb6407a.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
58f10f60a4d15a710601f372cc5220ed1fe940877bb06a35cc62e396a50d2e4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
m2YUJqg9D912UA5w9ipcL2ZNFHpjDRyP
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
710137D1F8DF5406
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
544
x-amz-id-2
thvgdpv5T4+Z97rc98f/JOVMTZFvIRjAvMxSbnXrJleH0yanw0GLDVKB50esHxVJ6YYgkQPLmVY=
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Jul 2020 16:40:53 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595349644/ctime:1595349646/gid:0/gname:root/md5:5ba882fadcc127dbffa4603085a237db/mode:33188/mtime:1595349644/uid:0/uname:root
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30763512
etag
"5ba882fadcc127dbffa4603085a237db"
accept-ranges
bytes
12.0da2f5012e49e065e383.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.0da2f5012e49e065e383.chunk.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
70bf6b2e8fbb9f31e314cc3ff4df9f34f453ada4d0bb7b4362591e30799c74de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
44767
cf-polished
origSize=2639
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d1900000b43553a8200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"a4f-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb014a82d4e0b43-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.2d7df593a54f23d86743.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.2d7df593a54f23d86743.chunk.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6823a0f37f2714ae274b147668fe526449deda0d791f6f08505b6e71e21fe4a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
44767
cf-polished
origSize=26960
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d1900000b43553a9200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"6950-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb014a82d4f0b43-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
EmbeddedTargetModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
66f54c12a2365f4ea8f7fcadd49258d19d9a2dbe66771de0aa35695ff06cc3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
44536
cf-polished
origSize=8259
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d1900000b43553aa200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"2043-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb014a82d500b43-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
FeedbackLinkModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
44499
cf-polished
origSize=3600
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d1900000b43553ab200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"e10-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb014a82d510b43-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
PopOverModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/PopOverModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
44526
cf-polished
origSize=10483
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d1900000b43553ac200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"28f3-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb014a82d540b43-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
PopUpModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/PopUpModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
54383cb2f70247578458b930aa303a88d1298890285b4c03eed4fc04de93aeca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
44468
cf-polished
origSize=4693
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c00000b43553b1200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"1255-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb014a89e090b43-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bgaRAZcFBOJ6zwV&Version=9&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75130c88fd45f06e63bc933339fde630f4d3aa270150e5f07ebc0934f1c98295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d50000072bd4838d200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a88caf72bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_bgaRAZcFBOJ6zwV&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d50000072bd4838e200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a88cb072bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_eUPgeLMEq5Uop2B&Version=7&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac61e050d5eb05f5b913840d0d65423757b34191c2dd41f434f4256dc54aa86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d51000072bd4838f200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a88cb172bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_eUPgeLMEq5Uop2B&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483a7200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89ccd72bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bw1hblXpnxk5GYZ&Version=9&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e72d30c589782e1029538ee2906d6c5f28f30f877e49e617002a16a434a7d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483a8200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cce72bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_bw1hblXpnxk5GYZ&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483ab200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cd172bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_8bI5O7qUmvDPxrv&Version=9&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b97047ef0a69b92e16ffc77395b432d48b14d274778092311a7e138257241de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483aa200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cd072bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_8bI5O7qUmvDPxrv&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483a9200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89ccf72bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_2oDT1dKLOgeFIGN&Version=2&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0efcff5e42f48dc59be55debd3f3debb3258a7c37b7d71bb22adb50ab10b450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483b0200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cd772bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_2oDT1dKLOgeFIGN&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483ad200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cd472bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_5ndFaivuSQRQAmh&Version=6&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8596f3beb992852b9e2f1bf8bb2460a8b416637203316575786f7efbf9894829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483ac200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cd372bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_5ndFaivuSQRQAmh&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483ae200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cd572bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0vaYdwthIHVvh6R&Version=11&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ef8b37a63474996a7a2a5f1b20464bdcfda70740b292737fd1369a4c814b155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483a1200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cc772bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_0vaYdwthIHVvh6R&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483a0200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cc672bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bmvqwK4G0RfqFHn&Version=5&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aeeedcb057ff6abbb45f1ce55dbb4423198ad56a567fa57f88b576fcf932d5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd4839f200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cc572bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_bmvqwK4G0RfqFHn&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd4839e200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cc472bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6tg8PWOi1frIFut&Version=2&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a6828b1d9f1c0234190137a0fd06cf1f55fb492f22e564f1915247a411d19b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd48396200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cbc72bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_6tg8PWOi1frIFut&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483a6200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89ccc72bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0qryPRAlBXczdTD&Version=6&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b2502073850d32d0771c4f2c5c405d7855e61fad3719bd4efc12687523e3402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483a5200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89ccb72bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_0qryPRAlBXczdTD&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd4839d200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cc372bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9YUbswnCF6g4k05&Version=2&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2451f78cdf73cb2817ec2a124bc1a77b9c7100f5c30bdb521b824a83677c83a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d51000072bd48391200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a88cb472bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_9YUbswnCF6g4k05&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483a4200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cca72bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_aYq2S2L9WYVHefz&Version=2&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06938dd593b945d6da6fe382a54eb2f8798be00d2f67281c8c16529a35bf9193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483a3200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cc972bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_aYq2S2L9WYVHefz&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd4839c200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cc272bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_20upoDg7GIYGuyh&Version=3&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
459da4c8a9f2a70da8e894d10a363dea41b4d4cdb435af95186da4031da26464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd48399200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cbf72bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_20upoDg7GIYGuyh&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd48398200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cbe72bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6KILeGGAuPslJ7n&Version=2&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07bd958925ada74f41859021ac752ddc2c7da287a426e8e5ebf8ae3d3073abe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483a2200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cc872bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
568 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_6KILeGGAuPslJ7n&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd4839b200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cc172bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9NSjltynMtHhMFf&Version=1&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6b4a6124675203780f1883d16d012e98448f6dceec35da99e980c073fcf1e71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd48395200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cbb72bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_9NSjltynMtHhMFf&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd4839a200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
expires
Sun, 28 Jul 2030 15:23:24 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cc072bd-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9slyRRmuwUZ9tfT&Version=2&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb55d122ba0e3370c1d5c52c60f16db655f997c045402c2e52187615ce580477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d51000072bd48394200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a88cb772bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_9slyRRmuwUZ9tfT&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d51000072bd48390200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a88cb272bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0AsPpi6JZXIjgMZ&Version=45&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975d7c1a63e923c75eae51e984bf8adf70516b532bf7f7abc6e6803f84c79819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd48397200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cbd72bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		328 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_0ia68TaWR1dbtn7&Version=4&Q_InterceptID=SI_0AsPpi6JZXIjgMZ&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1953b94ba034ab9ad857a51e0b28bb70b57a73a7fe51753d05df1cbdf0fb775b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d5c000072bd483af200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a89cd672bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_aavOQmPi2QSZKE5&Version=3&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c057703e7565118ba2084013ce7b26196eb48eb1103925bc9f703b2b251fbbb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d51000072bd48393200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a88cb672bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		304 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9zBaZSEe4Cd5tiJ&Version=1&Q_InterceptID=SI_aavOQmPi2QSZKE5&Q_ORIGIN=http://161.35.207.100&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.207.100%2Ffidelity%2Ferror.html&t=1596122603218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8c79033d6f51d9221602443e34d42e174fd3d9fedd49be51747a5217ac01d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 30 Jul 2020 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0441eb3d51000072bd48392200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.207.100
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb014a88cb572bd-AMS
servershortname
expires
Sun, 28 Jul 2030 15:23:24 GMT
main.js
cdn.walkme.com/chatbot/3.49.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/chatbot/3.49.0/main.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3db751f5b77230b08de3d6d32bf1df3da1a7ade6387b101ddfb46dc8ecedfc2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Iamdle38K_.nD9SyklrIq0SkXsdV6T8O
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
02564838C3604292
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1731
x-amz-id-2
YofJPO5cuJSsya3pkytTKF5XeMI/60VBT08xtM9Zu/Fl9bb5cF7mQMzoFxn25MsND0VJlcKBDVI=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jul 2020 09:30:55 GMT
server
AmazonS3
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31017482
etag
"2af9213d162a1137bf5763a944729db6"
accept-ranges
bytes
8.49079f500fd175337f6b.js
cdn.walkme.com/chatbot/3.49.0/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/chatbot/3.49.0/8.49079f500fd175337f6b.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/chatbot/3.49.0/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3c1e4a4b4fdcfd8df89c7a352ffd898ad04f1eb1054c935b7507db634b387818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
5g23cE.t2DWtHwjGURSeeK0a2GrGhR2T
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
17329218615ECC2F
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
15599
x-amz-id-2
RSPoHAuRhf+A8gqNuXo7iBqurBO2fk547vulVZY0NROjX6XjnrS64ritu6rNXPYlJxf35SUoeJM=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jul 2020 09:30:53 GMT
server
AmazonS3
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31017502
etag
"00292c0006d464fb2ad6a45e925fe8b4"
accept-ranges
bytes
2.49079f500fd175337f6b.js
cdn.walkme.com/chatbot/3.49.0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/chatbot/3.49.0/2.49079f500fd175337f6b.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/chatbot/3.49.0/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.148.55 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-123-148-55.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f81993b53e81424b635f59f504d507bc1db03ee7f0c95c729b9d21d5a7d3bf5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
tD0rIWyD5GcWnQdbnMyFvTlCMj6SYTxe
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
F653E29AC01F84F3
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
11043
x-amz-id-2
1jzNaSEfkZX4rrjn+JMHa7u0HOuj+sw84sfljMOuW7FLZXZu24k8p/6EZ550dpOwvRBD3jP5XRs=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jul 2020 09:30:53 GMT
server
AmazonS3
date
Thu, 30 Jul 2020 15:23:24 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31017555
etag
"3f4b059528904f51249b88213448f6fe"
accept-ranges
bytes
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		45 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_0ia68TaWR1dbtn7&Q_SIID=SI_0AsPpi6JZXIjgMZ&Q_ASID=AS_0AqVa5fIQp7ktXT&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web&r=1596122605052
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 30 Jul 2020 15:23:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://161.35.207.100
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
5bb014a9ad1972bd-AMS
vary
Accept-Encoding
cf-request-id
0441eb3e06000072bd483b2200000001
Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_3yKp2nFO4GPtXrD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
92.122.106.46 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a92-122-106-46.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
261810b2a67fd59ab5e89584961e97a6ba419d5db0811ee5baf8b98affb49aa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:25 GMT
Content-Encoding
gzip
ETag
"a97234fecb8fb711964fd6941188e385"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Transaction-Id
add3ede3-7766-487d-a5f9-cc7570d09c38
Cache-Control
public, max-age=6
Content-Disposition
inline; filename=Feedback+tab+small
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Robots-Tag
noindex
Content-Length
1699
X-Request-Id
87737d10-a2e4-4297-8640-406b181a49d5
Expires
Thu, 30 Jul 2020 15:23:31 GMT
clear3.png;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125
cfa.fidelity.com/fp/ Frame 2FCC 		0
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear3.png;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jac=1&je=31303b26247265673d79207467722038392c206e697e2d7b676172636a2f6f67606b6e6520385964616e71672e2276677074205d242a7566666566696c67662a385964616e71672e227177606f697620552c20444d5e494b475f50524b4c562a385964616e71672e226a6b6666656c20552c20757b6d7241662d73656e67617c20385966636e71672c2071676e656176256f6c652a552c2a777365724b662f616c72777420385964616e71672e2276677074205d242a68616664656e4b6620325964636c71672e20686b6666676e205f2422616f666e697a6f223a5b64636e7b672e20636a676169626d7a205f2c205169766764416c496666223a5b64636e7b672e20686b6666676e205f2e207063717b776d726c2a3a5364616c73672e2078637171776d7066205d2e2064712d6e6d6f696c2d6a7d747c6d6e223a5964636471672e227177606f6976205f7f
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=FBE020C9BCB1CE445AEB95A7937F6125?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=7d4a935fd2e672c7&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 30 Jul 2020 15:23:28 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
backEvent
ec.walkme.com/event/ 		2 B
152 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/backEvent
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.28.206 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-70-28-206.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://161.35.207.100/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
date
Thu, 30 Jul 2020 15:23:30 GMT
access-control-allow-origin
*
content-length
2
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| NEWS_PAGE_REQUEST_TIME object| ensBootstraps object| Bootstrapper object| dmtData undefined| dmtPropertiesAudiences object| dmtPropertiesWhitelist object| dmtConfig function| dmtStatus function| vendorStatus object| regeneratorRuntime function| callTarget object| _dmt function| startMeasurement function| paintContent object| FidMsmt boolean| _adobeProfileUpdate function| _log object| _console number| perfTestInitTime object| _enslog function| $data function| $globals function| $getData function| $defineData boolean| disableLegacyTags object| tmsConfig function| tmsGetCookieValue function| tmsSetCookieValue function| resetCVI function| tmsStripNBSuites function| tmsStripCustomerOnlySuite function| asyncLibsTest object| msConfig function| onContentMeasurementLoaded function| _trackAnalytics function| tmsTrackAnalyticsSendData function| trackAnalyticsEvent object| targetResponses object| targetCardMsmt object| targetCardCatMsmt object| targetCardState object| targetCardOrder boolean| tmsAsyncLazyLoadHasRun function| tmsAsyncLazyLoad number| tmsAsyncLazyLoadCounter function| _pageLoadApp function| variableListCallback function| targetPageParamsAll object| allowed_list string| val object| adobe object| _AT function| mboxCreate function| mboxDefine function| mboxUpdate object| mboxFactories function| fidMboxCreate function| tntWriteTridionCampaign function| tntWriteTridionCampaignWhenReady function| mboxDefaultHTML function| showDefaultImage function| tntMiddlewareTryAgain function| tntMiddleware function| tntMiddlewareWhenReady function| mboxConversionClick function| getCreativeMiddleware function| creativeMiddlewareWhenReady function| tntValidateCreativeURI function| tntMiddlewareCreativeURL function| middlewareCallBack function| Visitor object| s_c_il number| s_c_in object| visitor object| ensightenOptions object| $act object| targetExperiences object| GLANCE_COBROWSE object| Modernizr object| html5 function| yepnope function| $ function| jQuery function| loadWidget object| NavBar function| $nav function| hidePrevious function| closeSection function| showSection function| toggleView string| PIGlobalNav_WWWHOST string| PIGlobalNav_ACTIVEQUOTE_HOST string| PIGlobalNav_ERESEARCH_HOST string| PIGlobalNav_RESEARCHTOOLS_HOST object| PGNBProperties object| jQuery190018742305454569008 object| formValidationRules object| ngLibraryApp object| angular undefined| returnExports object| td_2q boolean| tmx_profiling_started function| tmx_post_session_params_fixed function| tmx_run_page_fingerprinting object| td_3b object| _cf object| Tawk_API object| Tawk_LoadStart object| jQuery1100009334118517118983 object| jQuery110003172050012135865 function| tmsjQuery string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName object| GLANCE function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug undefined| highLevel function| setPmStrength function| getPmStrength function| forceIE89Synchronicity object| MASKING object| asParamMap object| fpsParamMap string| asPath function| WalkmeSnippet object| _walkmeInternals object| _walkmeConfig object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.31.3 object| wmSnippet undefined| fixedCallback function| mtjQuery function| wmjQuery function| walkme_pre_lib_loaded string| wm_username function| walkme_ready object| _qsie object| _walkmeWebpackJP object| _makeTutorialEv undefined| WalkMeConfigCallback object| _makeTutorial object| _walkMe object| WalkMeAPI object| WalkMeDataAPI object| WalkMeInsightsAPI object| wmContext function| WalkMeDataClass object| _walkmeABWebpackJP_latest object| __wm-ab-core-js_shared__latest object| wm_target_variables

5 Cookies

Domain/Path Name / Value
161.35.207.100/ Name: TawkConnectionTime
Value: 0
161.35.207.100/ Name: AMCV_EDCF01AC512D2B770A490D4C%40AdobeOrg
Value: -330454231%7CMCMID%7C59377931924921105061975322810417810398%7CMCAAMLH-1596727402%7C6%7CMCAAMB-1596727402%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1596129802s%7CNONE%7CMCAID%7C2F9172F50515ECFE-60000BE05A745C16%7CvVersion%7C3.1.2
161.35.207.100/ Name: __tawkuuid
Value: e::161.35.207.100::VqkpHwuWkokvTiL+UqBoZUXvZBtVjmnzj4U1bNDSoRxp7SZIf6QaplFO6/qJIfU4::2
161.35.207.100/ Name: mbox
Value: session#8fc67250691141f49a4cb62d67e08b1d#1596124463|PC#8fc67250691141f49a4cb62d67e08b1d.37_0#1659367403
161.35.207.100/ Name: AMCVS_EDCF01AC512D2B770A490D4C%40AdobeOrg
Value: 1

10 Console Messages

Source Level URL
Text
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: [getOffer()] request failed [object Object]
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: Rendering mbox failed target-global-mbox error no display - unauthorized mbox host
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: [getOffer()] request failed [object Object]
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: Rendering mbox failed PI_Navbar error no display - unauthorized mbox host
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: [getOffer()] request failed [object Object]
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: Rendering mbox failed PI_PHP_Hero error no display - unauthorized mbox host
console-api log URL: https://login.fidelity.com/ftgw/pages/widget/js/fs-widget.jquery.min.js?_=1596122602124(Line 3)
Message:
Init
console-api log URL: https://login.fidelity.com/ftgw/pages/widget/js/fs-widget.jquery.min.js?_=1596122602124(Line 3)
Message:
Non HTTPS error
console-api log URL: https://login.fidelity.com/ftgw/pages/widget/js/fs-widget.jquery.min.js?_=1596122602124(Line 3)
Message:
Error: undefined
console-api debug URL: https://cdn.walkme.com/player/lib/walkme_lib_20200721-145526-15b5911d.js(Line 212)
Message:
%c [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5h8i3ud8-9d2dd0fbf20a31e3de8f554b97ede3834f3f608f-am1.e.aa.online-metrix.net
activate1.fidelity.com
assets.fidelity.com
cdn.jsdelivr.net
cdn.walkme.com
cfa.fidelity.com
dpm.demdex.net
ec.walkme.com
embed.tawk.to
fmrcorp.tt.omtrdc.net
fonts.googleapis.com
fonts.gstatic.com
h.online-metrix.net
login.fidelity.com
nexus.ensighten.com
s3.amazonaws.com
sitecatalystu.fidelity.com
siteintercept.qualtrics.com
sjc1.qualtrics.com
smallenvelop.com
static-v.tawk.to
va.tawk.to
vsa55.tawk.to
www.glancecdn.net
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
161.35.207.100
18.195.42.228
2.16.186.35
23.37.44.230
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2a00:1450:4001:818::2003
2a00:1450:4001:81f::200a
2a04:4e42:1b::621
3.124.119.57
52.209.239.68
52.216.237.205
54.147.6.169
54.70.28.206
54.76.99.142
69.89.31.230
91.235.132.130
91.235.133.177
91.235.134.131
92.122.106.46
92.123.148.55
95.101.45.4
00706ee4320b7e0b4bf553aa90c84ba2065eabdd9816cdab38c7056ea29a218f
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0604040cd80a2f23d9ed9ad3b68a090086ccc2d26516f16a61497c70e22cd57b
06938dd593b945d6da6fe382a54eb2f8798be00d2f67281c8c16529a35bf9193
0b2502073850d32d0771c4f2c5c405d7855e61fad3719bd4efc12687523e3402
0c3223b9c4dccd6f0b44c8465a8bfa2dcdc23e8729b007f94deff654f9f543b0
0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262
1953b94ba034ab9ad857a51e0b28bb70b57a73a7fe51753d05df1cbdf0fb775b
19b399504472722d29b53e85751d99089d6f98c18ba73931dfbbbe251c4e07a9
1bc34af0626366b6ce668b5391a7d65bb013e57ec1851bd6124d01bedecdf388
1c63d18eb7183a56bdb7bd2178e6e6fdd54b1bcf4b0e7737273be170b3eb99fe
1ef8b37a63474996a7a2a5f1b20464bdcfda70740b292737fd1369a4c814b155
2451f78cdf73cb2817ec2a124bc1a77b9c7100f5c30bdb521b824a83677c83a0
25aac3c0244fdf4d9f9ddae3db3049ca21dffef72043f769fcde8fb4fda14245
25eca424fd243e12c15f479b5490e14d30a01b800bbb1fbe9387e4a3472bf555
261810b2a67fd59ab5e89584961e97a6ba419d5db0811ee5baf8b98affb49aa0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
2b97047ef0a69b92e16ffc77395b432d48b14d274778092311a7e138257241de
2c4afce8e481c00c4fa83fea863fcc47e9d5b8d41fc7a7f46eecc6f6bb1f6f15
34b6a138bc53e4a2cd2dc39042a10441520c52ac5fdbe4fd361c88acb50910c7
36e5138cd940c180adf0fec1a676d2169b8ba35f0e14ea6d1449a075c96d786e
377dffcb29ed01327a552c58cc827a9ce6293653e87fd6a5b1d252386f2c7f22
3a8c79033d6f51d9221602443e34d42e174fd3d9fedd49be51747a5217ac01d7
3c1e4a4b4fdcfd8df89c7a352ffd898ad04f1eb1054c935b7507db634b387818
3d33ed364e7f8ed54b30b73d5bca406551516bf18d5151c3f0f9e8c0d5f77195
3db751f5b77230b08de3d6d32bf1df3da1a7ade6387b101ddfb46dc8ecedfc2f
40fb656a5ac156cc237bc46e223ed33ed49cd6c71c3b29de4e582fe6f64173aa
459da4c8a9f2a70da8e894d10a363dea41b4d4cdb435af95186da4031da26464
482adb0cd7b80ec97699ed293ec299eb5123c4c5eddc4339ad49e934e519adaf
48fae2be26e019e48301eb0b320a63d51546d4702e9620be53f4c689e60c82e7
49b1ccc994a1dc939eeebece2ad6fc41bcaae6c413af553861b78e6bc40c6ca2
4aeeedcb057ff6abbb45f1ce55dbb4423198ad56a567fa57f88b576fcf932d5d
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
54383cb2f70247578458b930aa303a88d1298890285b4c03eed4fc04de93aeca
54bd82ccdf1a493c29da4c79dbe64598fe66ba44fa7d269bf5ffe36c2f2e79dc
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
58f10f60a4d15a710601f372cc5220ed1fe940877bb06a35cc62e396a50d2e4e
59e2bfc931344de5adf5432dc0ef79280226449d2f11544eb006896a04e968c5
645e1f1f95aa512d9cb9e774f0f35698bc2a1b349cbfecf79ba893377b3979fe
66f54c12a2365f4ea8f7fcadd49258d19d9a2dbe66771de0aa35695ff06cc3c6
67627bf16675ec658224354f7299573b046aefeb13c7e8633d78a8cec956c02e
6823a0f37f2714ae274b147668fe526449deda0d791f6f08505b6e71e21fe4a7
695a90257ebaa0d4053d262d7da44710544c15d1f8da70080ac200fa7cacb1de
6e72d30c589782e1029538ee2906d6c5f28f30f877e49e617002a16a434a7d6b
70753129ec26d0e304df3f6706f4b6d320e11e2605f5dbb22944b48e5dc333dd
70bf6b2e8fbb9f31e314cc3ff4df9f34f453ada4d0bb7b4362591e30799c74de
7393970158a42d24626d0350c2d4b668808092c24a289e1f25697ce814db0ec2
74e1b82be60b75a6f702babbab302c50a60c4ab696eac27c04d47f100125eab7
75130c88fd45f06e63bc933339fde630f4d3aa270150e5f07ebc0934f1c98295
752ac509c98878a6b24978984d25f1d3f2f2149c63ced50709d02f5360d4cb0c
75a6828b1d9f1c0234190137a0fd06cf1f55fb492f22e564f1915247a411d19b
7638c0678e8a608a0d03a9d7b3fb54c9d8f1c92b2d83421972a754890ee47247
81e0834cc5fe6ac0231a33249708eaaaf77c05281a0e4b32548d66bd911655f7
8596f3beb992852b9e2f1bf8bb2460a8b416637203316575786f7efbf9894829
87764cf2de53fe063f413bbbe2f22f217198367a5512f851270796d17e7b5b56
882cb1f95cb768b80c9c06550ca0bc00d8df7364379d44593045712481e5088b
8b9b73786f62ed9b6ddce93ee2106b95dbb7ebcbededbf9b2d91ff18aa8c982b
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
927275320ba4bb925e48576cf6c6d8a5356d492eb6b86e910892f72cdd3b1fbc
92ea6d26d5ee6c1cf58a25d4c6d743d46b08b96c1b037750c1b29ac3ae51a3ac
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97186953cc577e4f1264131ba85ebee06c7d335656379b7cc60fd9fa0af550f5
975d7c1a63e923c75eae51e984bf8adf70516b532bf7f7abc6e6803f84c79819
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a11a103cd42df86cca85141020e122f6561e01dd3d39d0ccfef2d4fd3b1e9561
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b0ddfde3c4808ad62fbc74f8dc98fbcbc9485997a4945b9810b822fa84ae1dee
b1216b84983dcadaced21d95081bb25ec55d6d1c7be56912da78bfced5f1126e
b1fd910464faae750010db09cd114e8b0466071997d992456624d9ff477688a1
b3d7e4fcbbe34f1cd8e7b55d86f8f7dcc5bb2ab5b405cedd8f9dcda8a62105b6
bebde0e7c1e253b9c812b4ea51e4fa26a6d7f239d0a22cc8ed9cb10c317ef9c4
c057703e7565118ba2084013ce7b26196eb48eb1103925bc9f703b2b251fbbb7
c79b53a4c184b6aa42a77baa110706393290f7ae82ea209ce6f11407ace48b24
c7e164623cec10a7bef1f13bf6c53c7415fad63815f9bbd8a3974792a8ad2190
cea0bd534ba80d23eab5f3b7221a43ec1ac763aac0555d99394d0aac54b3a9a3
d00298a9e4e708de4e08d175da6b1c0c5aea23287fc3d83f8847edee2189b8b0
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d4b341e0e1b10b8d9d72b33a552d9a4c5f181644a550e6c5290ffbd0df7ff698
d77b883b15a3f8b2090cb679377aabf5d0d9699e8fec6387a0b1e07b245a61b5
d889cee9d53619c3d3f6e916ebca38084279174c00e0a60b8374e8fc6be4c7c8
da37179f5b8ae1887bd05d777d2ca360fd1b475bb2daf9a7dbd8d09d6627a4fe
dcf6cb3b3236ec0ec42e6197a13369985d647a06e2dda007dc568cdd935430f1
dee0231a10703d83caca51875f267f8bcf88c17cc2ae54247224d2066ce02abe
e07bd958925ada74f41859021ac752ddc2c7da287a426e8e5ebf8ae3d3073abe
e0efcff5e42f48dc59be55debd3f3debb3258a7c37b7d71bb22adb50ab10b450
e2f1827924a9a45f58120e40ef9c9a0cac49ca2fc56cc5456c9f93fe1634961d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb1dfe6a7a3798ae5a38063296b2fecbc62b3db25ed81d3cc4964f1b1349faae
eb55d122ba0e3370c1d5c52c60f16db655f997c045402c2e52187615ce580477
f1b2aefab90090a49341d3fc1da02a6131403e315f6e985593edb3631bbf0183
f40a6f79df0713311f598bc8045ec3cdbae99e1fb654914ec5af2b3dc74be66a
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6b4a6124675203780f1883d16d012e98448f6dceec35da99e980c073fcf1e71
f81993b53e81424b635f59f504d507bc1db03ee7f0c95c729b9d21d5a7d3bf5a
fac61e050d5eb05f5b913840d0d65423757b34191c2dd41f434f4256dc54aa86