urlscan.io logo urlscan.io
SecurityTrails logo

161.35.85.54 Open in urlscan Pro
161.35.85.54  Public Scan

Go To Rescan Add Verdict Report
URL: http://161.35.85.54/fidelity/error.html
Submission: On July 31 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 5 countries across 14 domains to perform 137 HTTP transactions. The main IP is 161.35.85.54, located in New York, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is 161.35.85.54.
This is the only time 161.35.85.54 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 161.35.85.54 14061 (DIGITALOC...)
2 18.195.42.228 16509 (AMAZON-02)
14 91.235.133.177 30286 (THM)
3 54.76.99.142 16509 (AMAZON-02)
2 52.30.191.169 16509 (AMAZON-02)
3 3.124.119.57 16509 (AMAZON-02)
2 2 52.45.41.168 14618 (AMAZON-AES)
2 52.216.242.190 16509 (AMAZON-02)
1 23.43.114.238 20940 (AKAMAI-ASN1)
1 2 69.89.31.230 46606 (UNIFIEDLA...)
3 23.8.8.239 20940 (AKAMAI-ASN1)
1 2.16.186.32 20940 (AKAMAI-ASN1)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 11 104.17.208.240 13335 (CLOUDFLAR...)
17 184.30.221.115 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a04:4e42:1b:... 54113 (FASTLY)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 91.235.132.130 30286 (THM)
1 91.235.134.131 30286 (THM)
1 2a00:1450:400... 15169 (GOOGLE)
37 104.17.209.240 13335 (CLOUDFLAR...)
1 184.30.216.157 20940 (AKAMAI-ASN1)
1 54.213.138.120 16509 (AMAZON-02)
137 24
22    161.35.85.54 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
161.35.85.54
2    18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
nexus.ensighten.com
14    91.235.133.177 (Netherlands)

ASN30286 (THM, US)
cfa.fidelity.com
3    54.76.99.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
fmrcorp.tt.omtrdc.net
2    52.30.191.169 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
dpm.demdex.net
3    3.124.119.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
activate1.fidelity.com
2    52.45.41.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
www.glancecdn.net
2    52.216.242.190 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s3.amazonaws.com
1    23.43.114.238 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a23-43-114-238.deploy.static.akamaitechnologies.com
login.fidelity.com
2    69.89.31.230 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box430.bluehost.com
smallenvelop.com
3    23.8.8.239 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
assets.fidelity.com
1    2.16.186.32 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-32.deploy.static.akamaitechnologies.com
sitecatalystu.fidelity.com
5    2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)
embed.tawk.to
static-v.tawk.to
vsa49.tawk.to
11    104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
siteintercept.qualtrics.com
17    184.30.221.115 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-221-115.deploy.static.akamaitechnologies.com
cdn.walkme.com
3    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)
va.tawk.to
3    91.235.132.130 (Netherlands)

ASN30286 (THM, US)
PTR: h.online-metrix.net
h.online-metrix.net
1    91.235.134.131 (Netherlands)

ASN30286 (THM, US)
5h8i3ud8-9d2dd0fbf20a31e3de8f554b97ede3834f3f608f-am1.e.aa.online-metrix.net
1    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
37    104.17.209.240 (United States)

ASN13335 (CLOUDFLARENET, US)
siteintercept.qualtrics.com
1    184.30.216.157 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-216-157.deploy.static.akamaitechnologies.com
sjc1.qualtrics.com
1    54.213.138.120 (Boardman, United States)

ASN16509 (AMAZON-02, US)
ec.walkme.com
Domain Requested by
46 siteintercept.qualtrics.com zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
siteintercept.qualtrics.com
17 cdn.walkme.com nexus.ensighten.com
cdn.walkme.com
14 cfa.fidelity.com 161.35.85.54
cfa.fidelity.com
3 vsa49.tawk.to embed.tawk.to
3 h.online-metrix.net 1 redirects cfa.fidelity.com
3 cdn.jsdelivr.net embed.tawk.to
3 fonts.googleapis.com embed.tawk.to
3 assets.fidelity.com 161.35.85.54
3 activate1.fidelity.com nexus.ensighten.com
3 fmrcorp.tt.omtrdc.net nexus.ensighten.com
2 va.tawk.to embed.tawk.to
2 zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com 1 redirects
2 smallenvelop.com 1 redirects 161.35.85.54
2 s3.amazonaws.com 161.35.85.54
2 www.glancecdn.net 2 redirects
2 dpm.demdex.net nexus.ensighten.com
2 nexus.ensighten.com 161.35.85.54
1 ec.walkme.com cdn.walkme.com
1 sjc1.qualtrics.com
1 fonts.gstatic.com
1 5h8i3ud8-9d2dd0fbf20a31e3de8f554b97ede3834f3f608f-am1.e.aa.online-metrix.net
1 static-v.tawk.to
1 embed.tawk.to 161.35.85.54
1 sitecatalystu.fidelity.com nexus.ensighten.com
1 login.fidelity.com 161.35.85.54
137 25

This site contains no links.

Subject Issuer Validity Valid
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2019-10-03 -
2020-10-02		 a year crt.sh
CFA.febtest.com
Entrust Certification Authority - L1K		 2020-05-08 -
2021-10-01		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2019-11-09 -
2020-12-02		 a year crt.sh
login.fidelity.com
Entrust Certification Authority - L1K		 2020-02-18 -
2022-02-18		 2 years crt.sh
smallenvelop.com
Let's Encrypt Authority X3		 2020-06-24 -
2020-09-22		 3 months crt.sh
dpcs.fidelity.com
Entrust Certification Authority - L1M		 2019-05-08 -
2021-05-08		 2 years crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-29 -
2021-07-29		 a year crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2018-10-08 -
2021-01-06		 2 years crt.sh
walkme.com
DigiCert SHA2 Secure Server CA		 2020-07-08 -
2020-12-04		 5 months crt.sh
activate1.fidelity.com
Entrust Certification Authority - L1K		 2019-05-29 -
2021-07-12		 2 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2020-07-08 -
2021-04-17		 9 months crt.sh
h.online-metrix.net
Trustwave Organization Validation SHA256 CA, Level 1		 2020-02-20 -
2021-02-19		 a year crt.sh
*.e.aa.online-metrix.net
Go Daddy Secure Certificate Authority - G2		 2019-09-13 -
2021-09-13		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.walkme.com
DigiCert SHA2 Secure Server CA		 2019-04-23 -
2021-06-03		 2 years crt.sh

This page contains 12 frames:

Primary Page: http://161.35.85.54/fidelity/error.html
Frame ID: 63815F3D8A63888EC8F0F886A4C5E499
Requests: 116 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Frame ID: 4B3255A7AF76C033EDE6D296A5F9DED8
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 58BC9139AB0D00A9D3EED01A69338807
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: F49F8959FD7F7CB70CB026EEF6962756
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 597B1D116D74B7A79536C3CBA4410B35
Requests: 4 HTTP requests in this frame

Frame: https://static-v.tawk.to/a-v3/images/bubbles/42-br.svg
Frame ID: 69EFC4B3391479990CA26B507B5C1A0E
Requests: 1 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/HP?session_id=236a63bb4763f02b8e31990870ed6778&org_id=5h8i3ud8&nonce=2de52b3e02fa4f76&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 0B62255576E1B9BAB4EC7272D6450188
Requests: 1 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/ls_fp.html;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76
Frame ID: D72F4F7C9FA68C69FA4A89FD68B7C4B8
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76
Frame ID: 91BB0881D2F63DF690BB2C59FBA01C92
Requests: 1 HTTP requests in this frame

Frame: https://cfa.fidelity.com/fp/top_fp.html;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76
Frame ID: 2CB98D379CC541DD0A07B0688AD4AEC2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.walkme.com/player/lib/20200723-101337-4284c4d1/resources/CD/cdHiddenIframeScript.js
Frame ID: 981736AFFE33FF27B8DA31F89F5FCE1F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.walkme.com/player/lib/20200723-101337-4284c4d1/resources/CD/CDhiddenIframe.compress.html
Frame ID: 102BFBF5E8711095AA667C874631D926
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

137
Requests

77 %
HTTPS

21 %
IPv6

14
Domains

25
Subdomains

24
IPs

5
Countries

2416 kB
Transfer

9194 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19772&site=production HTTP 302
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
Request Chain 25
  • http://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif HTTP 301
  • https://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif
Request Chain 41
  • http://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431 HTTP 301
  • https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Request Chain 47
  • http://www.glancecdn.net/cobrowse/js/GlancePresenceVisitor_4.9.0M.js HTTP 301
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlancePresenceVisitor_4.9.0M.js
Request Chain 60
  • https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&gttl=155520000 HTTP 302
  • https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&k=2

137 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request error.html
161.35.85.54/fidelity/ 		33 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f1b2aefab90090a49341d3fc1da02a6131403e315f6e985593edb3631bbf0183

Request headers

Host
161.35.85.54
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Server
Apache/2.4.29 (Ubuntu)
Last-Modified
Fri, 31 Jul 2020 12:53:02 GMT
ETag
"8587-5abbc44ee79c3-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
6028
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
Bootstrap.js
nexus.ensighten.com/fidelity/hpoptasync/ 		663 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
752ac509c98878a6b24978984d25f1d3f2f2149c63ced50709d02f5360d4cb0c

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:16 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 07:26:07 GMT
server
nginx
etag
W/"5f10010f-a5bb9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=300
head.min.js
161.35.85.54/fidelity/ 		108 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/head.min.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
81e0834cc5fe6ac0231a33249708eaaaf77c05281a0e4b32548d66bd911655f7

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:37 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1afe5-5abbc26d1de32-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
39408
config.js
161.35.85.54/fidelity/ 		1 KB
771 B 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/config.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d00298a9e4e708de4e08d175da6b1c0c5aea23287fc3d83f8847edee2189b8b0

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:38 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"4ef-5abbc26e87412-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
422
bootstrap.js
161.35.85.54/fidelity/ 		631 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/bootstrap.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e2f1827924a9a45f58120e40ef9c9a0cac49ca2fc56cc5456c9f93fe1634961d

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:32 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9daa3-5abbc2691c627-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
nav.min.js
161.35.85.54/fidelity/ 		120 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/nav.min.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
97186953cc577e4f1264131ba85ebee06c7d335656379b7cc60fd9fa0af550f5

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:43 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1e190-5abbc27390744-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
38367
tabset.js
161.35.85.54/fidelity/ 		2 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/tabset.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
36e5138cd940c180adf0fec1a676d2169b8ba35f0e14ea6d1449a075c96d786e

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:46 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"9e2-5abbc275db6e1-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
669
home_page.css
161.35.85.54/fidelity/ 		950 KB
443 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/home_page.css
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
74e1b82be60b75a6f702babbab302c50a60c4ab696eac27c04d47f100125eab7

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:39 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"ed65e-5abbc26fe2f2b-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
master.css
161.35.85.54/fidelity/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/master.css
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
927275320ba4bb925e48576cf6c6d8a5356d492eb6b86e910892f72cdd3b1fbc

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:41 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"a8b-5abbc27165b54-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
766
nav.css
161.35.85.54/fidelity/ 		40 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/nav.css
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
59e2bfc931344de5adf5432dc0ef79280226449d2f11544eb006896a04e968c5

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:41 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"a00f-5abbc2718ad24-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11575
footer.css
161.35.85.54/fidelity/ 		82 B
420 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/footer.css
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
54bd82ccdf1a493c29da4c79dbe64598fe66ba44fa7d269bf5ffe36c2f2e79dc

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:35 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"52-5abbc26bd7ae1-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
86
score.css
161.35.85.54/fidelity/ 		2 KB
846 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/score.css
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
40fb656a5ac156cc237bc46e223ed33ed49cd6c71c3b29de4e582fe6f64173aa

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:44 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"647-5abbc2749ff79-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
510
tabset.css
161.35.85.54/fidelity/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/tabset.css
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
25eca424fd243e12c15f479b5490e14d30a01b800bbb1fbe9387e4a3472bf555

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:46 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"15e8-5abbc275af7ae-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1291
rating.css
161.35.85.54/fidelity/ 		2 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/rating.css
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
da37179f5b8ae1887bd05d777d2ca360fd1b475bb2daf9a7dbd8d09d6627a4fe

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:42 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"843-5abbc272bd7e9-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
647
table.css
161.35.85.54/fidelity/ 		0
279 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/table.css
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Last-Modified
Fri, 31 Jul 2020 12:44:44 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"0-5abbc27479e09"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
0
hp-body.min.js
161.35.85.54/fidelity/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/hp-body.min.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=98
Content-Length
274
Content-Type
text/html; charset=iso-8859-1
banner.min.js
161.35.85.54/fidelity/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/banner.min.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b3d7e4fcbbe34f1cd8e7b55d86f8f7dcc5bb2ab5b405cedd8f9dcda8a62105b6

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:30 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"22f4-5abbc266c7a38-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2825
angular.min.js
161.35.85.54/fidelity/ 		116 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/angular.min.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
0604040cd80a2f23d9ed9ad3b68a090086ccc2d26516f16a61497c70e22cd57b

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:44:29 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"1ce3a-5abbc2658c2c8-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
42995
tags.js
cfa.fidelity.com/fp/ 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/tags.js?org_id=5h8i3ud8&session_id=236A63BB4763F02B8E31990870ED6778
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
5add03cf8dc5a9d53c7cdcf40b61987d85d23332b64497c97b0ce538c240a329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
P3P
CP=IVAa PSAa
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
Connection
Keep-Alive, Keep-Alive
Content-Type
text/javascript;charset=UTF-8
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
5950daa69b1642a5e0e4ce73095824
161.35.85.54/resources/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/resources/5950daa69b1642a5e0e4ce73095824
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
274
Content-Type
text/html; charset=iso-8859-1
json
fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/ 		142 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/json?mbox=target-global-mbox&mboxSession=55749b1ca66a41f08738f8243f21c68d&mboxPC=&mboxPage=a09a36ecd6db4aa2834debc76890ee87&mboxVersion=1.2.3&mboxCount=1&mboxTime=1596207976426&mboxHost=161.35.85.54&mboxURL=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&profile.D83=0&lilo=Lo&profile.cp=p&profile.p1=&profile.p2=&profile.p3=&profile.p4=&profile.p5=&profile.p6=&profile.p7=&profile.p8=&profile.p21=&profile.p22=&profile.p99=&isRWV=false
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37d3b884ae15b884fcc6eb1ee0c83ae32661c38b98615ef10402f736ea92469a

Request headers

Accept
application/json
Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:16 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://161.35.85.54
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
142
X-Request-ID
27a4ecb95d773169121cc2f785486587
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&d_nsid=0&ts=1596200776447
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
52.30.191.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9aae8256a714049df3c1a5ba9f826d9db337a7c2f5484c8699011a00bdc8cc10

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v077-07f4cae64.edge-irl1.demdex.com 5.75.3.20200728075420 3ms (+1ms)
Pragma
no-cache
Content-Encoding
gzip
X-TID
P+u28eaNTbU=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://161.35.85.54
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1192
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
activate1.fidelity.com/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://activate1.fidelity.com/?json=%7B%22op%22%3A%22getProfile%22%2C%22uid%22%3A%227565495a-24e8-4163-8615-88a304709624%22%7D
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
Apigw-Requestid
QiiTWhEnliAEPpw=
GlanceCobrowseLoader_4.9.0M.js
s3.amazonaws.com/glancecdn/cobrowse/js/
Redirect Chain
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19772&site=production
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.242.190 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19b399504472722d29b53e85751d99089d6f98c18ba73931dfbbbe251c4e07a9

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:18 GMT
Last-Modified
Tue, 05 Nov 2019 22:35:58 GMT
Server
AmazonS3
x-amz-request-id
31366518B65AD5AD
ETag
"3fcc37d0e9ddabde15d8f4bdb51cb1e9"
x-amz-version-id
T_IiJ.xSF7THsIBNdbQc2hbXg4MUIuQ2
Cache-Control
public, max-age=31556926
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
9082
x-amz-id-2
zfE8lCQiWAwK6nWIwRaG3cFskcOYe3ORJtjz0fIuTxdWZfyPAk/ahemh0II27at308CfsNvuI1g=

Redirect headers

date
Fri, 31 Jul 2020 13:06:16 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
status
302
location
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
content-length
194
e.gif
nexus.ensighten.com/error/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://nexus.ensighten.com/error/e.gif?msg=jQuery%20is%20not%20defined&lnn=-1&fn=&cid=65&client=fidelity&publishPath=hpoptasync&rid=1278455&did=324702&errorName=ReferenceError
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Cache-Control
no-cache, no-store
Server
nginx
Connection
keep-alive
Expires
Fri, 31 Jul 2020 13:06:15 GMT
fs-widget.jquery.min.js
login.fidelity.com/ftgw/pages/widget/js/ 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.fidelity.com/ftgw/pages/widget/js/fs-widget.jquery.min.js?_=1596200776570
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/head.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.43.114.238 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a23-43-114-238.deploy.static.akamaitechnologies.com
Software
JBCS httpd /
Resource Hash
bebde0e7c1e253b9c812b4ea51e4fa26a6d7f239d0a22cc8ed9cb10c317ef9c4

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
fsreqid
REQ5f241748a3478dce93efc4a22706aa33
Last-Modified
Mon, 18 May 2020 20:15:37 GMT
Server
JBCS httpd
ETag
W/"84248-1589832937000"
P3P
CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
fselapsedtime
1458
fscalleeid
https-login.fidelity.com-5050
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/javascript; charset=iso-8859-1
Content-Length
84248
Preloader_2.gif
smallenvelop.com/wp-content/uploads/2014/08/
Redirect Chain
  • http://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif
  • https://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.89.31.230 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box430.bluehost.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.85.54/fidelity/home_page.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date
Fri, 31 Jul 2020 13:06:17 GMT
Server
nginx/1.14.1
Content-Type
text/html; charset=iso-8859-1
Location
https://smallenvelop.com/wp-content/uploads/2014/08/Preloader_2.gif
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
275
Expires
Fri, 31 Jul 2020 13:06:17 GMT
truncated
/ 		846 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
645e1f1f95aa512d9cb9e774f0f35698bc2a1b349cbfecf79ba893377b3979fe

Request headers

Referer
http://161.35.85.54/fidelity/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		518 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
377dffcb29ed01327a552c58cc827a9ce6293653e87fd6a5b1d252386f2c7f22

Request headers

Referer
http://161.35.85.54/fidelity/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c63d18eb7183a56bdb7bd2178e6e6fdd54b1bcf4b0e7737273be170b3eb99fe

Request headers

Referer
http://161.35.85.54/fidelity/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		119 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dee0231a10703d83caca51875f267f8bcf88c17cc2ae54247224d2066ce02abe

Request headers

Referer
http://161.35.85.54/fidelity/nav.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
FidelitySans-Regular.woff
assets.fidelity.com/fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Regular.woff
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.8.239 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c79b53a4c184b6aa42a77baa110706393290f7ae82ea209ce6f11407ace48b24

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.85.54/fidelity/home_page.css
Origin
http://161.35.85.54

Response headers

x-amz-version-id
NMREx1DTz_Md_UxulXyjER0YBhTXfP8p
ETag
"1164b06880f3cca02a34f8b00555b1b8"
x-amz-request-id
35C15EFDC806656F
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
50220
x-amz-id-2
SX+LGR1I44EvtHeOaeZnEKcPe62i6QoOm5DL8+XEdK4y9t3aGM4cbHAUxcI+9eshG+Gcj2rklDo=
Last-Modified
Thu, 06 Dec 2018 21:21:04 GMT
Server
AmazonS3
Date
Fri, 31 Jul 2020 13:06:16 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=2317
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Fri, 31 Jul 2020 13:44:53 GMT
id
sitecatalystu.fidelity.com/ 		89 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://sitecatalystu.fidelity.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&mid=27341705059989980183464362778868820815&ts=1596200776679
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
2.16.186.32 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-32.deploy.static.akamaitechnologies.com
Software
jag /
Resource Hash
920a217323e93c3e6e9bc376007ff095341669fbaa8197af95d33d0d1c8b1904
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 31 Jul 2020 13:06:17 GMT
x-content-type-options
nosniff
Server
jag
xserver
anedge-799979b5f6-p4f7b
Vary
Origin
x-c
master-1315.Ia06625.M0-426
p3p
CP="This is not a P3P policy"
Access-Control-Allow-Origin
http://161.35.85.54
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript;charset=utf-8
Content-Length
89
x-xss-protection
1; mode=block
truncated
/ 		52 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25aac3c0244fdf4d9f9ddae3db3049ca21dffef72043f769fcde8fb4fda14245

Request headers

Referer
http://161.35.85.54/fidelity/home_page.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
FidelitySans-Bold.woff
assets.fidelity.com/fonts/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Bold.woff
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.8.239 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
92ea6d26d5ee6c1cf58a25d4c6d743d46b08b96c1b037750c1b29ac3ae51a3ac

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.85.54/fidelity/home_page.css
Origin
http://161.35.85.54

Response headers

x-amz-version-id
ugsTBcoJKAjTZEI44PlQZ70Dg3.cyYFR
ETag
"6eca06fb033d0829b5075a48c19079a4"
x-amz-request-id
39946D8FF0160C3B
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
46800
x-amz-id-2
iWMkqbniLjSkWPHQZz2k7Ftp4i9cMiXhTGAH5okXhGyIqu3ojz5nrufk2+mYZyCVCm7bQhaDnBk=
Last-Modified
Thu, 06 Dec 2018 21:21:24 GMT
Server
AmazonS3
Date
Fri, 31 Jul 2020 13:06:16 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=2170
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Fri, 31 Jul 2020 13:42:26 GMT
FidelitySans-Light.woff
assets.fidelity.com/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Light.woff
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.8.8.239 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
87764cf2de53fe063f413bbbe2f22f217198367a5512f851270796d17e7b5b56

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.85.54/fidelity/home_page.css
Origin
http://161.35.85.54

Response headers

x-amz-version-id
Ke.lmoasaAhsR0HOAq9Lr15NQsDrfVRP
ETag
"26cfa5483fdb802f8aed0d9bdd67d76b"
x-amz-request-id
25DFA69F469234DA
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
53316
x-amz-id-2
XzztxIJBs7MTFTtirgTA2rN/SKNQusBHC9uK98JqvLv+HxwYVTtLtDzBD+hMSznJ7KUMyz3jdM0=
Last-Modified
Thu, 06 Dec 2018 21:21:29 GMT
Server
AmazonS3
Date
Fri, 31 Jul 2020 13:06:16 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=3433
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Fri, 31 Jul 2020 14:03:29 GMT
error.html
161.35.85.54/fidelity/ 		33 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/error.html?_=1596200776571
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/head.min.js
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f1b2aefab90090a49341d3fc1da02a6131403e315f6e985593edb3631bbf0183

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://161.35.85.54/fidelity/error.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:53:02 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"8587-5abbc44ee79c3-gzip"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
6028
error.html
161.35.85.54/fidelity/ 		33 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/error.html?_=1596200776572
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/head.min.js
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
f1b2aefab90090a49341d3fc1da02a6131403e315f6e985593edb3631bbf0183

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
http://161.35.85.54/fidelity/error.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Content-Encoding
gzip
Last-Modified
Fri, 31 Jul 2020 12:53:02 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"8587-5abbc44ee79c3-gzip"
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
6028
hp-body.min.js
161.35.85.54/fidelity/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/fidelity/hp-body.min.js
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=97
Content-Length
274
Content-Type
text/html; charset=iso-8859-1
5950daa69b1642a5e0e4ce73095824
161.35.85.54/resources/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://161.35.85.54/resources/5950daa69b1642a5e0e4ce73095824
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
HTTP/1.1
Server
161.35.85.54 New York, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:16 GMT
Server
Apache/2.4.29 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=96
Content-Length
274
Content-Type
text/html; charset=iso-8859-1
default
embed.tawk.to/5f0d9fec5b59f94722bab1ce/ 		504 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Requested by
Host: 161.35.85.54
URL: http://161.35.85.54/fidelity/error.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d889cee9d53619c3d3f6e916ebca38084279174c00e0a60b8374e8fc6be4c7c8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.85.54/fidelity/error.html
Origin
http://161.35.85.54

Response headers

date
Fri, 31 Jul 2020 13:06:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
server
cloudflare
status
200
etag
W/"fulls6891"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, s-maxage=3600
strict-transport-security
max-age=0; includeSubDomains; preload
cf-ray
5bb789278b45d725-FRA
cf-request-id
0446940cb40000d7259437d200000001
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&d_nsid=0&d_mid=27341705059989980183464362778868820815&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=AVID%012F920BA48515D4E2-6000081504F05729&ts=1596200778427
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
52.30.191.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
5e54df0d94ad42aa15b09ec8bc01894fdc1bd14818fb2c19b8e34a5eb70313ce

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v077-05630de9f.edge-irl1.demdex.com 5.75.3.20200728075420 2ms (+1ms)
Pragma
no-cache
Content-Encoding
gzip
X-TID
E4/v/w8oQvU=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://161.35.85.54
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1191
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/
Redirect Chain
  • http://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
  • https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
48fae2be26e019e48301eb0b320a63d51546d4702e9620be53f4c689e60c82e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
122643
cf-polished
origSize=53500
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
044694135e000072ff3bbb1200000001
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"d0fc-DHMR5l0R4V4w2nbRKy5sEl8jbHU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
cf-ray
5bb7893238d072ff-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept

Redirect headers

Date
Fri, 31 Jul 2020 13:06:18 GMT
X-Content-Type-Options
nosniff
Server
cloudflare
Vary
Accept-Encoding
Location
https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
5bb7893188a4fa9c-AMS
cf-request-id
04469412f40000fa9ced983200000001
Expires
Fri, 31 Jul 2020 14:06:18 GMT
walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
482adb0cd7b80ec97699ed293ec299eb5123c4c5eddc4339ad49e934e519adaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
7d8uJOnQQw.1eFZsV9aIgFLWkEZ1yoZO
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
8B30A2BC73D28C3B
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
4392
x-amz-id-2
WIkUd9JaXj4oDHUmYPrq9eOAwjMcpcqf3HMqYkfvJIlcpEZdHakiVz5af1GB+lQVIjyguryRC3Y=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Jul 2020 20:23:42 GMT
server
AmazonS3
date
Fri, 31 Jul 2020 13:06:18 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=26550
etag
"325e6926642edd4ce8138066f74278ad"
accept-ranges
bytes
exec
activate1.fidelity.com/ 		0
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://activate1.fidelity.com/exec?nexusHost=nexus.ensighten.com&space=iot-prod&env=prod&mid=&pixelType=web
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Fri, 31 Jul 2020 13:06:18 GMT
cache-control
no-cache, no-store, must-revalidate
server
nginx
x-offsite-uuid
8abed916-b1fe-405c-a2ad-118badd8baf8
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
activate1.fidelity.com/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://activate1.fidelity.com/?json=%7B%22op%22%3A%22setAttribute%22%2C%22data%22%3A%7B%22k%22%3A%5B%22D401%22%5D%2C%22v%22%3A%5B1596200778438%5D%7D%2C%22uid%22%3A%227565495a-24e8-4163-8615-88a304709624%22%7D
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
3.124.119.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-119-57.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
*
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
Apigw-Requestid
QiiTpjaAFiAEPqA=
check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9
cfa.fidelity.com/fp/ Frame 4B32 		245 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/tags.js?org_id=5h8i3ud8&session_id=236A63BB4763F02B8E31990870ED6778
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e70871843f3577c6a5deaffa9e1f6a5ab63b36ec72452cd77f1d56cb35f66dd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Transfer-Encoding
chunked
tmx-nonce
2de52b3e02fa4f76
Connection
Keep-Alive, Keep-Alive
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Keep-Alive
timeout=2, max=100
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
cfa.fidelity.com/fp/ Frame 4B32 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&ck=0&m=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:18 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
GlancePresenceVisitor_4.9.0M.js
s3.amazonaws.com/glancecdn/cobrowse/js/
Redirect Chain
  • http://www.glancecdn.net/cobrowse/js/GlancePresenceVisitor_4.9.0M.js
  • https://s3.amazonaws.com/glancecdn/cobrowse/js/GlancePresenceVisitor_4.9.0M.js
15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlancePresenceVisitor_4.9.0M.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.242.190 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49b1ccc994a1dc939eeebece2ad6fc41bcaae6c413af553861b78e6bc40c6ca2

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:20 GMT
Last-Modified
Tue, 05 Nov 2019 22:35:58 GMT
Server
AmazonS3
x-amz-request-id
8K5YESBQBQ2W4JAJ
ETag
"84afd2bdb3eae35950304a2d562f4f3f"
x-amz-version-id
FV1E4duaexOZxLb9acLqAsRsfQomxIah
Cache-Control
public, max-age=31556926
x-amz-replication-status
COMPLETED
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
15041
x-amz-id-2
ZojelB2fuo3E7uFKNSaGDQ1D174idAadPtdFEXwvsC/Tj0c6jvG1ZO7apVFhDc9H/7Nc3vVGUx0=

Redirect headers

Location
https://s3.amazonaws.com/glancecdn/cobrowse/js/GlancePresenceVisitor_4.9.0M.js
Date
Fri, 31 Jul 2020 13:06:18 GMT
Server
Microsoft-IIS/8.5
Connection
keep-alive
Access-Control-Allow-Origin
*
Content-Length
201
Content-Type
text/html; charset=UTF-8
clear.png
cfa.fidelity.com/fp/ Frame 4B32 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&w=542861671234858f&ck=0&m=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:18 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
css
fonts.googleapis.com/ Frame 58BC 		8 KB
802 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 31 Jul 2020 12:21:43 GMT
server
ESF
date
Fri, 31 Jul 2020 13:06:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 31 Jul 2020 13:06:18 GMT
css
fonts.googleapis.com/ Frame F49F 		8 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 31 Jul 2020 11:53:49 GMT
server
ESF
date
Fri, 31 Jul 2020 13:06:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 31 Jul 2020 13:06:18 GMT
css
fonts.googleapis.com/ Frame 597B 		8 KB
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 31 Jul 2020 12:17:14 GMT
server
ESF
date
Fri, 31 Jul 2020 13:06:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 31 Jul 2020 13:06:18 GMT
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 597B 		192 B
479 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
6079611
x-cache
HIT, HIT
status
200
content-length
152
etag
W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by
cache-fra19146-FRA, cache-hhn4041-HHN
date
Fri, 31 Jul 2020 13:06:18 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 597B 		295 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
7751330
x-cache
HIT, HIT
status
200
content-length
53890
etag
W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by
cache-fra19174-FRA, cache-hhn4041-HHN
date
Fri, 31 Jul 2020 13:06:18 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
42-br.svg
static-v.tawk.to/a-v3/images/bubbles/ Frame 69EF 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-v.tawk.to/a-v3/images/bubbles/42-br.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1fd910464faae750010db09cd114e8b0466071997d992456624d9ff477688a1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
750695
status
200
vary
Accept-Encoding
cf-request-id
04469413200000c29a41279200000001
pragma
public
last-modified
Mon, 15 Jul 2019 17:38:56 GMT
server
cloudflare
etag
W/"5d2cba30-32f0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
image/svg+xml
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
public, max-age=315360000, must-revalidate, proxy-revalidate
cf-ray
5bb78931c88cc29a-FRA
cf-bgj
h2pri
1596200778501
va.tawk.to/register/ 		686 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/register/1596200778501
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7bfb5d303e0b07b340de0589a86a26af246a6341f955f9e5e33656e01e47e981
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Jul 2020 13:06:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
p3p
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status
200
vary
Accept-Encoding
cf-request-id
04469413210000d7057816a200000001
x-served-by
visitor-application-preemptive-r98s
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
5bb78931ce53d705-FRA
access-control-allow-headers
origin, content-type
json
fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/ 		142 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/json?mbox=PI_Navbar&mboxSession=55749b1ca66a41f08738f8243f21c68d&mboxPC=55749b1ca66a41f08738f8243f21c68d.37_0&mboxPage=a09a36ecd6db4aa2834debc76890ee87&mboxVersion=1.2.3&mboxCount=2&mboxTime=1596207978519&mboxHost=161.35.85.54&mboxURL=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&mboxMCGVID=27341705059989980183464362778868820815&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCAVID=2F920BA48515D4E2-6000081504F05729&mboxMCGLH=6&vst.trk=sitecatalystu.fidelity.com&vst.trks=sitecatalyst.fidelity.com&mboxMCSDID=3DC86ADE67C6EB52-71CB0668B4E0D336&profile.D83=0&lilo=Lo&profile.cp=p&profile.p1=&profile.p2=&profile.p3=&profile.p4=&profile.p5=&profile.p6=&profile.p7=&profile.p8=&profile.p21=&profile.p22=&profile.p99=&isRWV=false
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37d3b884ae15b884fcc6eb1ee0c83ae32661c38b98615ef10402f736ea92469a

Request headers

Accept
application/json
Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:18 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://161.35.85.54
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
142
X-Request-ID
27e1f3c493fa02c65da00fe9e3b64535
json
fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/ 		142 B
581 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/json?mbox=PI_PHP_Hero&mboxSession=55749b1ca66a41f08738f8243f21c68d&mboxPC=55749b1ca66a41f08738f8243f21c68d.37_0&mboxPage=a09a36ecd6db4aa2834debc76890ee87&mboxVersion=1.2.3&mboxCount=3&mboxTime=1596207978526&mboxHost=161.35.85.54&mboxURL=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&mboxMCGVID=27341705059989980183464362778868820815&mboxAAMB=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&mboxMCAVID=2F920BA48515D4E2-6000081504F05729&mboxMCGLH=6&vst.trk=sitecatalystu.fidelity.com&vst.trks=sitecatalyst.fidelity.com&mboxMCSDID=3DC86ADE67C6EB52-71CB0668B4E0D336&profile.D83=0&lilo=Lo&profile.cp=p&profile.p1=&profile.p2=&profile.p3=&profile.p4=&profile.p5=&profile.p6=&profile.p7=&profile.p8=&profile.p21=&profile.p22=&profile.p99=&isRWV=false
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js
Protocol
HTTP/1.1
Server
54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37d3b884ae15b884fcc6eb1ee0c83ae32661c38b98615ef10402f736ea92469a

Request headers

Accept
application/json
Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:18 GMT
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
http://161.35.85.54
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
142
X-Request-ID
e5e074d519ef02011ef01d565186f3b8
HP
cfa.fidelity.com/fp/ Frame 0B62 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/HP?session_id=236a63bb4763f02b8e31990870ed6778&org_id=5h8i3ud8&nonce=2de52b3e02fa4f76&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
cfa.fidelity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://161.35.85.54/fidelity/error.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid=8abed916-b1fe-405c-a2ad-118badd8baf8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.85.54/fidelity/error.html

Response headers

Date
Fri, 31 Jul 2020 13:06:18 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
X-UA-Compatible
IE=Edge
Content-Type
text/html;charset=UTF-8
Content-Language
en-US
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
5792
Keep-Alive
timeout=2, max=99
clear.png
cfa.fidelity.com/fp/ Frame 4B32 		81 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, 5h8i3ud8/2de52b3e02fa4f76236a63bb4763f02b8e31990870ed6778
Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:18 GMT
Last-Modified
Fri, 31 Jul 2020 13:06:18 GMT
Server
Apache
Etag
1dca5861a57c4d9e8d7841bc58268393
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Access-Control-Allow-Origin
http://161.35.85.54
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
Expires
Wed, 30 Jul 2025 13:06:18 GMT
clear.png
h.online-metrix.net/fp/ Frame 4B32
Redirect Chain
  • https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&gttl=155520000
  • https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&k=2
0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&k=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , Netherlands, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:19 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Fri, 31 Jul 2020 13:06:18 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
P3P
CP=IVAa PSAa
Location
https://h.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&k=2
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
Keep-Alive
timeout=2, max=100
Content-Length
323
ls_fp.html;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9
cfa.fidelity.com/fp/ Frame D72F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/ls_fp.html;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
cfa.fidelity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://161.35.85.54/fidelity/error.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid=8abed916-b1fe-405c-a2ad-118badd8baf8; thx_guid=61caaf30972548a5ba677272da71f335
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.85.54/fidelity/error.html

Response headers

Date
Fri, 31 Jul 2020 13:06:18 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=99
Transfer-Encoding
chunked
clear.png
cfa.fidelity.com/fp/ Frame 4B32 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3730246c71633f3734306334333635333a3336383d30666c603031326635323f61633234366663603232343534643b3338663a653c3932
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:18 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9
h.online-metrix.net/fp/ Frame 91BB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.132.130 , Netherlands, ASN30286 (THM, US),
Reverse DNS
h.online-metrix.net
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
h.online-metrix.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://161.35.85.54/fidelity/error.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.85.54/fidelity/error.html

Response headers

Date
Fri, 31 Jul 2020 13:06:18 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=100
Transfer-Encoding
chunked
clear.png
cfa.fidelity.com/fp/ Frame 4B32 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jd=31312426753f373632633433343733303b343a35306e266264746e3d3338373c32383032
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:19 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
top_fp.html;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9
cfa.fidelity.com/fp/ Frame 2CB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/top_fp.html;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
cfa.fidelity.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://161.35.85.54/fidelity/error.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://161.35.85.54/fidelity/error.html

Response headers

Date
Fri, 31 Jul 2020 13:06:19 GMT
Server
Apache
Strict-Transport-Security
max-age=31536000
Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Connection
Keep-Alive, Keep-Alive
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Type
text/html;charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Keep-Alive
timeout=2, max=95
Transfer-Encoding
chunked
clear.png
cfa.fidelity.com/fp/ Frame 4B32 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&ja=343b332624753f3734306334333635333a3336383d30662e613d363024783f3e3224643d333432327833303232266364353134303870313a323026737a7b3f387a32246472703f332c333432322c333038302e313e383024333230302e333438322e333232322e333632322e3332323224302e302e7b636c3f3234266e6a3f607676722531432730462730443336332c3b352c383d26353c273246666b6667646b767b2530446770726d702c6a746f6e2e64703d607c7478273341253044273a443334312c31372c38372c37362530446e696665646174712732466570706d7a2c6a766d6e24723f706e77656b6e5d6464617168566e6164716521706e7765616c5d75696c666d75735d6f676669635d786c63796d7a5e6e636c736523726e7d656b6c5f63666d60655d6361706f60637c5e6461647b6529726c75676b6c5d79776b616b766b6f675e64636e7165237264756569665773606d636b776374675664636e736723726e75656b6c5d72676364706e61716d725664616c736723726477656b6e5d746e615f726e637b65705c6e616e736d2970647767696e5d66677e636e74725c64636e736723726e75656b665f71766f577661677765725c646364716723706e77656b6e5d686374615c64696c71652e606835336331393a353b6d34323b61373a373063313232666230643a6231313e30386b246a736f3f4e6b66777a246a71603f4168706d6f672530323033246a7b6775354e696e757a246c60613f3336247678663d4777706d7067273a4640657a646966246d61746a703f3c323231643361306065613230673661613d363230303a616c333535343233646c36373a38333633663667636330346661313463666a6c373a313133313b34632e677a313d613a366434356635343961603b3763333c6b3238673264393364643f313a363061633532356336612463616635323230383830&jb=33373b266e733f4f6f786b6e6e6127304e352c302d3a30204f6163696c766d7b6a2731422730324b6e76676e2732324f696327323847532d30305825303233385d33365f372b2730304372726e6555676a4b6b742d3a463d31372e33342730382a494a544f4e2730432730326e6969672d3232476d6b6b672b253230416a70676f672732443a312c302c363332332c34392530305b696669706925324437313f2c3134
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:19 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=96
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
clear.png
5h8i3ud8-9d2dd0fbf20a31e3de8f554b97ede3834f3f608f-am1.e.aa.online-metrix.net/fp/ Frame 4B32 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5h8i3ud8-9d2dd0fbf20a31e3de8f554b97ede3834f3f608f-am1.e.aa.online-metrix.net/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.134.131 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:19 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
settings.txt
cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/settings.txt
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b6ef02f0419e5bf73d144810fe9fb1e7acdaa17f0f178da71b1d685a0391c8fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
vck81Fh44yCe0QcnNWLrERRvVeccz45w
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
D76A5F22D3FEC078
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
631
x-amz-id-2
0lwvbGpiBdU1yUL+n/7tarW5wszJVHuRPr/bBkmz6BzN7rLzYOU1hXGARjDYavhltD1ZN0PokHQ=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Jul 2020 20:23:42 GMT
server
AmazonS3
date
Fri, 31 Jul 2020 13:06:19 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=895
etag
"4712023e1a37bb1d029bb5e5e1ffbae3"
accept-ranges
bytes
/
vsa49.tawk.to/s/ 		101 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa49.tawk.to/s/?k=5f24174ac038494eef337d19&u=WZc9mHogsEMe558D1O1l53Svom83LmdzmsVOy%2FhFNzpFcmiNradkGDBepoADRxoW&uv=2&a=5f0d9fec5b59f94722bab1ce&cver=0&pop=false&w=V1dgIV&jv=689&asver=692&ust=false&p=Fidelity%20Investments%20-%20Retirement%20Plans%2C%20Investing%2C%20Brokerage%2C%20Wealth%20Management%2C%20Financial%20Planning%20and%20Advice%2C%20Online%20Trading.&r=&EIO=3&transport=polling&__t=NEa-lvv
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e36c9488168b0ce435d4438c17c3cd38deec18a414496a832911b5932dcbcdfd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
http://161.35.85.54
access-control-allow-credentials
true
cf-ray
5bb789374bc5c29a-FRA
content-length
101
cf-request-id
044694168b0000c29a412a9200000001
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 597B 		413 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
age
7802928
x-cache
HIT, HIT
status
200
content-length
413
etag
W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by
cache-fra19122-FRA, cache-hhn4041-HHN
date
Fri, 31 Jul 2020 13:06:19 GMT
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ Frame F49F 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Origin
http://161.35.85.54

Response headers

date
Thu, 23 Jul 2020 00:25:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:45:55 GMT
server
sffe
age
736873
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14044
x-xss-protection
0
expires
Fri, 23 Jul 2021 00:25:06 GMT
/
vsa49.tawk.to/s/ 		578 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa49.tawk.to/s/?k=5f24174ac038494eef337d19&u=WZc9mHogsEMe558D1O1l53Svom83LmdzmsVOy%2FhFNzpFcmiNradkGDBepoADRxoW&uv=2&a=5f0d9fec5b59f94722bab1ce&cver=0&pop=false&w=V1dgIV&jv=689&asver=692&ust=false&p=Fidelity%20Investments%20-%20Retirement%20Plans%2C%20Investing%2C%20Brokerage%2C%20Wealth%20Management%2C%20Financial%20Planning%20and%20Advice%2C%20Online%20Trading.&r=&EIO=3&transport=polling&__t=NEa-lzw&sid=kMUF_aTzmzehgnvo9wKF
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1170f0a3eaaae58717731210b3d2874d43478dec97b6b8da11df93a2eabab146
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:19 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
http://161.35.85.54
access-control-allow-credentials
true
cf-ray
5bb78938cf88c29a-FRA
content-length
578
cf-request-id
044694177d0000c29a412bc200000001
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		17 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cvGJH8lmjxbKyln&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85801feec215611817f8918aa35dc720c6634412e8b35f03be58579e6a0667dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Jul 2020 13:06:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
5bb78938eb5072ff-AMS
vary
Accept-Encoding
cf-request-id
0446941794000072ff3bbd6200000001
wmjQuery171.js
cdn.walkme.com/player/resources/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/resources/wmjQuery171.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d4b341e0e1b10b8d9d72b33a552d9a4c5f181644a550e6c5290ffbd0df7ff698
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
dlOIL_rgT0aloi1SfIVB2qBEX5hN4XKk
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
4D792858D1666EA3
x-amz-meta-cb-modifiedtime
Sun, 14 Apr 2013 07:28:19 GMT
status
200
vary
Accept-Encoding
content-length
33167
x-amz-id-2
0l6ya+0XuglH0h2UsKLtxPZceMk68lRyebQ6DoAVG/87n/gpin/7eUWK+muY2WtH60EdO9DfLVc=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 10 Jan 2016 09:10:17 GMT
server
AmazonS3
date
Fri, 31 Jul 2020 13:06:19 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=11745561
etag
"bd856ab0099e8b88daeced6a21ed1398"
accept-ranges
bytes
prelib-plugin-579dbbfd-a592-3c99-a85c-ade839c2582a.js
cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/scripts/ 		105 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/scripts/prelib-plugin-579dbbfd-a592-3c99-a85c-ade839c2582a.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8b9b73786f62ed9b6ddce93ee2106b95dbb7ebcbededbf9b2d91ff18aa8c982b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
zQ46s_eae465_f0H0KGXFs7mU57yKncF
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
54973173F4A18C39
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
32293
x-amz-id-2
joNFn76J8RSkRDv60ZnDV8XbUhqJ5u9Lm3WJszU2cG4blaQuujbiy1fdyrc7ZHQUcMDuBxb3XQE=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 Feb 2020 21:09:23 GMT
server
AmazonS3
date
Fri, 31 Jul 2020 13:06:19 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=24714526
etag
"ce5cff3502452ac113edcd0af8cbb8eb"
accept-ranges
bytes
walkme_lib_20200723-101337-4284c4d1.js
cdn.walkme.com/player/lib/ 		1 MB
415 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9d3c768aadbe84faf27a3ce15a2aadbd741b1f64720d5c4dc7e15db821fd609a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
36Om_EFscSkAwBA8ZP0C6dVpQgRahOiQ
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
9FFF2593E06C84F3
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
423851
x-amz-id-2
r7qzcB1NP4OAScCuVUvKBhNqlMQwX1T16SbCTfqO+SVsT3+ok0awzhjG91RKviTYUKA0QY9W8Ts=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 26 Jul 2020 07:10:42 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595747279/ctime:1595747283/gid:0/gname:root/md5:de46dd0cd2bc188cc7c974b1b6800a90/mode:33188/mtime:1595747279/uid:0/uname:root
date
Fri, 31 Jul 2020 13:06:19 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31082825
etag
"de46dd0cd2bc188cc7c974b1b6800a90"
accept-ranges
bytes
walkme_config_58427554f206460aaf3d66fac2e09fac.js
cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_config_58427554f206460aaf3d66fac2e09fac.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
000446608cb1116f5c4fd68177a399e7e1c6759c27d63b447c6c65c740c5d7f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Ao_6jLHjyeMMY5mHEyOstb.lRhOd12YE
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
567B37B3374D1DB6
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1594
x-amz-id-2
xcXX7YMgOB0ZsgcHEUpn6o/rqIpkISQi4saS+M6+6UHzF8MJFvQM79P7mvc6QomwITAlvqVqq5I=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Jul 2020 20:23:32 GMT
server
AmazonS3
date
Fri, 31 Jul 2020 13:06:19 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31475887
etag
"420dffed560be438f8724eb7ebaee201"
accept-ranges
bytes
data_4c183f292f234ba3bd3d25644828fbdd.js
cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/ 		3 MB
255 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/data_4c183f292f234ba3bd3d25644828fbdd.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/users/6323edfaeec74b12a4ce1cf459ffea19/walkme_6323edfaeec74b12a4ce1cf459ffea19_https.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
346a5bdd26fea3e46a199ce7821645e7cc25230fd6dc1f0705daccc204433be3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
m3DLEUFoe3gziD2X45HEIhuscEoWA3Uu
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
8F73CE509BD12C03
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
260391
x-amz-id-2
hojFo6RuIlbrnLH4By0BmGSclwHX3VX4Fe3bU28GFOMauVnMJa0eIu8Cj7DLfVmAxqznSIKxEx4=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Jul 2020 20:23:40 GMT
server
AmazonS3
date
Fri, 31 Jul 2020 13:06:19 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/x-javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31475850
etag
"39d7b00d35db9788be2f0c44dec0fcaa"
accept-ranges
bytes
v3
va.tawk.to/log-performance/ 		5 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://va.tawk.to/log-performance/v3
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Jul 2020 13:06:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
status
200
vary
Accept-Encoding
cf-request-id
04469418320000d705781c6200000001
x-served-by
visitor-application-preemptive-j1lp
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
access-control-allow-methods
POST
content-type
text/html; charset=utf-8
access-control-allow-origin
http://161.35.85.54
access-control-allow-credentials
true
cf-ray
5bb78939ea84d705-FRA
access-control-allow-headers
origin, content-type
/
vsa49.tawk.to/s/ 		4 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vsa49.tawk.to/s/?k=5f24174ac038494eef337d19&u=WZc9mHogsEMe558D1O1l53Svom83LmdzmsVOy%2FhFNzpFcmiNradkGDBepoADRxoW&uv=2&a=5f0d9fec5b59f94722bab1ce&cver=0&pop=false&w=V1dgIV&jv=689&asver=692&ust=false&p=Fidelity%20Investments%20-%20Retirement%20Plans%2C%20Investing%2C%20Brokerage%2C%20Wealth%20Management%2C%20Financial%20Planning%20and%20Advice%2C%20Online%20Trading.&r=&EIO=3&transport=polling&__t=NEa-m0j&sid=kMUF_aTzmzehgnvo9wKF
Requested by
Host: embed.tawk.to
URL: https://embed.tawk.to/5f0d9fec5b59f94722bab1ce/default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
http://161.35.85.54
access-control-allow-credentials
true
cf-ray
5bb78939e9a6c29a-FRA
content-length
4
cf-request-id
04469418330000c29a412c4200000001
clear.png
cfa.fidelity.com/fp/ Frame 4B32 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jac=1&je=3333352624726f3f6e6d246063747176357b206c6d7e6564203a312e32322e2a717663747771203822616a6370676b6c6f227f26697d64603f6464626731616b343731326330676433673735376630646d356662393f373b3261653737373338633532306463633337673561333330313d3230343f38663c64
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:19 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=94
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		87 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
695a90257ebaa0d4053d262d7da44710544c15d1f8da70080ac200fa7cacb1de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:19 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
122942
cf-polished
origSize=89652
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
044694184c000072ff3bbda200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"15e34-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb7893a1bb372ff-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
cdHiddenIframeScript.js
cdn.walkme.com/player/lib/20200723-101337-4284c4d1/resources/CD/ Frame 9817 		244 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200723-101337-4284c4d1/resources/CD/cdHiddenIframeScript.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c7e164623cec10a7bef1f13bf6c53c7415fad63815f9bbd8a3974792a8ad2190
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
hPFAlPQ0KCPYfi_9IYbeHPJKo5xTzkui
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
C23231E97A77D155
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
163
x-amz-id-2
YO8hR9BnDFja81+m3+6bh2gb8agheA9LmBO7ocH0vkhNfmnMa42nsTBTFJDIn5dmD4IrAy1if+0=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 26 Jul 2020 07:08:34 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595747279/ctime:1595747283/gid:0/gname:root/md5:a6abe89a638483d2d4657e7b666392dc/mode:33188/mtime:1595747279/uid:0/uname:root
date
Fri, 31 Jul 2020 13:06:20 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31082798
etag
"a6abe89a638483d2d4657e7b666392dc"
accept-ranges
bytes
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_cvGJH8lmjxbKyln&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web&t=1596200780329&Q_VSI=%7B%22SI_2oDT1dKLOgeFIGN%22%3A%22AS_ezBkISYOIouBniR%22%2C%22SI_9YUbswnCF6g4k05%22%3A%22AS_dgSBESfDvmcztpb%22%2C%22SI_eUPgeLMEq5Uop2B%22%3A%22AS_ezJMosl1OlOkV7L%22%2C%22SI_5ndFaivuSQRQAmh%22%3A%22AS_8va1d4UY6OFFZBP%22%2C%22SI_aavOQmPi2QSZKE5%22%3A%22AS_8ifmb3iJedfHgQl%22%2C%22SI_0vaYdwthIHVvh6R%22%3A%22AS_71KbwLKhybfpMO1%22%2C%22SI_bgaRAZcFBOJ6zwV%22%3A%22AS_8va1d4UY6OFFZBP%22%2C%22SI_0AsPpi6JZXIjgMZ%22%3A%22AS_0AqVa5fIQp7ktXT%22%2C%22SI_aYq2S2L9WYVHefz%22%3A%22AS_1zikv8pXcp0a1Yp%22%2C%22SI_3xF9eIfo8Uzr9lz%22%3A%22DependencyResolver%22%2C%22SI_d0vTh73XVccVBch%22%3A%22DependencyResolver%22%2C%22SI_8bI5O7qUmvDPxrv%22%3A%22AS_8tWaSJJHzb7hoDb%22%2C%22SI_6KILeGGAuPslJ7n%22%3A%22AS_effBsxkZXSfNw1f%22%2C%22SI_aY4q6e1MQfRGQ73%22%3A%22DependencyResolver%22%2C%22SI_bw1hblXpnxk5GYZ%22%3A%22AS_aXmSrXSA90qqq8Z%22%2C%22SI_0qryPRAlBXczdTD%22%3A%22AS_cDgQErqwRLktVNX%22%2C%22SI_20upoDg7GIYGuyh%22%3A%22AS_bHmm5S4AvhgTLRX%22%2C%22SI_1ZATmws6zTwTBNX%22%3A%22DependencyResolver%22%2C%22SI_9slyRRmuwUZ9tfT%22%3A%22AS_dhw1aOwA2lGQ0sJ%22%2C%22SI_bfsdPx7VfKUvT81%22%3A%22DependencyResolver%22%2C%22SI_6tg8PWOi1frIFut%22%3A%22AS_bjBi792elCvqxaB%22%2C%22SI_bmvqwK4G0RfqFHn%22%3A%22AS_837ahSOhNf5tJYx%22%2C%22SI_9NSjltynMtHhMFf%22%3A%22AS_4VoSIWgbsWN00eh%22%7D&Q_DPR=true
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875ba643ac20ce2b74e3b6ec6512e024882efd53e2cdb6696e174ccc9f343efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
5bb7893d2cc872ff-AMS
vary
Accept-Encoding
cf-request-id
0446941a35000072ff3bbe3200000001
clear.png
cfa.fidelity.com/fp/ Frame 4B32 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear.png?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jac=1&je=373a24267567607074615d677a74677066616e5f61783d30302e3130302c33312c33313624756b6f3d7567607074615d616e76657a6661645d6d646e71
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 Jul 2020 13:06:20 GMT
X-Content-Type-Options
nosniff
Server
Apache
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=93
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
CDhiddenIframe.compress.html
cdn.walkme.com/player/lib/20200723-101337-4284c4d1/resources/CD/ Frame 102B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200723-101337-4284c4d1/resources/CD/CDhiddenIframe.compress.html
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
cdn.walkme.com
:scheme
https
:path
/player/lib/20200723-101337-4284c4d1/resources/CD/CDhiddenIframe.compress.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
x-amz-id-2
lZBuCmuyqSKnhRSkH//p7LEnAIKJ15Ude7XtYxrLCO5Z9BlfCgSO33LYBMZ+0i46zkr7noalMVE=
x-amz-request-id
EE7D91AAB0EF575F
x-amz-replication-status
COMPLETED
last-modified
Sun, 26 Jul 2020 07:08:34 GMT
etag
"3f496649dbe5363fab56277f26b2dd94"
x-amz-server-side-encryption
AES256
x-amz-meta-s3cmd-attrs
atime:1595747279/ctime:1595747283/gid:0/gname:root/md5:3f496649dbe5363fab56277f26b2dd94/mode:33188/mtime:1595747279/uid:0/uname:root
content-encoding
gzip
x-amz-version-id
sflutQ2jCphx9fUoIkpCWFvPzrpT_ELo
accept-ranges
bytes
content-type
text/html
content-length
7575
server
AmazonS3
vary
Accept-Encoding
cache-control
max-age=31082764
date
Fri, 31 Jul 2020 13:06:20 GMT
referrer-policy
no-referrer-when-downgrade
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000;preload
12.0da2f5012e49e065e383.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		2 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.0da2f5012e49e065e383.chunk.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
70bf6b2e8fbb9f31e314cc3ff4df9f34f453ada4d0bb7b4362591e30799c74de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
122943
cf-polished
origSize=2639
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941aec000072ff3bbea200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"a4f-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb7893e4d3772ff-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
1.2d7df593a54f23d86743.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/1.2d7df593a54f23d86743.chunk.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6823a0f37f2714ae274b147668fe526449deda0d791f6f08505b6e71e21fe4a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
122943
cf-polished
origSize=26960
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941afd000072ff3bbec200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"6950-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb7893e6d4072ff-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
EmbeddedTargetModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/EmbeddedTargetModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
66f54c12a2365f4ea8f7fcadd49258d19d9a2dbe66771de0aa35695ff06cc3c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
122712
cf-polished
origSize=8259
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941afd000072ff3bbed200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"2043-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb7893e6d4272ff-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
FeedbackLinkModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/FeedbackLinkModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
122675
cf-polished
origSize=3600
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941afe000072ff3bbee200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"e10-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb7893e6d4372ff-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
PopOverModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/PopOverModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
122702
cf-polished
origSize=10483
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941afe000072ff3bbef200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"28f3-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb7893e6d4472ff-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
PopUpModule.js
siteintercept.qualtrics.com/dxjsmodule/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/PopUpModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
54383cb2f70247578458b930aa303a88d1298890285b4c03eed4fc04de93aeca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
122644
cf-polished
origSize=4693
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941afe000072ff3bbf0200000001
last-modified
Wed, 29 Jul 2020 20:50:37 GMT
server
cloudflare
x-powered-by
Express
etag
W/"1255-1739c575948"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
cf-ray
5bb7893e6d4572ff-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
cf-bgj
minify
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bgaRAZcFBOJ6zwV&Version=9&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75130c88fd45f06e63bc933339fde630f4d3aa270150e5f07ebc0934f1c98295
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2600000b4f8295f200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eaafc0b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_bgaRAZcFBOJ6zwV&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2600000b4f82960200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eaafe0b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_eUPgeLMEq5Uop2B&Version=7&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fac61e050d5eb05f5b913840d0d65423757b34191c2dd41f434f4256dc54aa86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2600000b4f82961200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab000b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_eUPgeLMEq5Uop2B&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2600000b4f82962200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab010b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bw1hblXpnxk5GYZ&Version=9&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e72d30c589782e1029538ee2906d6c5f28f30f877e49e617002a16a434a7d6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2700000b4f82963200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab030b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_bw1hblXpnxk5GYZ&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2700000b4f82964200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab050b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_8bI5O7qUmvDPxrv&Version=9&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b97047ef0a69b92e16ffc77395b432d48b14d274778092311a7e138257241de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2700000b4f82965200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab080b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_8bI5O7qUmvDPxrv&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f8296a200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab190b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_2oDT1dKLOgeFIGN&Version=2&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0efcff5e42f48dc59be55debd3f3debb3258a7c37b7d71bb22adb50ab10b450
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f82969200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab180b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_2oDT1dKLOgeFIGN&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f82968200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab170b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_5ndFaivuSQRQAmh&Version=6&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8596f3beb992852b9e2f1bf8bb2460a8b416637203316575786f7efbf9894829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2700000b4f82966200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab090b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_5ndFaivuSQRQAmh&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f8296e200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab200b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0vaYdwthIHVvh6R&Version=11&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ef8b37a63474996a7a2a5f1b20464bdcfda70740b292737fd1369a4c814b155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f8296d200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab1e0b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
981 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_0vaYdwthIHVvh6R&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f8296c200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab1c0b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_bmvqwK4G0RfqFHn&Version=5&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4aeeedcb057ff6abbb45f1ce55dbb4423198ad56a567fa57f88b576fcf932d5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f8296b200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab1b0b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_bmvqwK4G0RfqFHn&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f82972200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab260b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6tg8PWOi1frIFut&Version=2&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75a6828b1d9f1c0234190137a0fd06cf1f55fb492f22e564f1915247a411d19b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f82971200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab240b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_6tg8PWOi1frIFut&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f82970200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab230b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0qryPRAlBXczdTD&Version=6&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b2502073850d32d0771c4f2c5c405d7855e61fad3719bd4efc12687523e3402
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f8296f200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab210b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_0qryPRAlBXczdTD&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f82976200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb2d0b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9YUbswnCF6g4k05&Version=2&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2451f78cdf73cb2817ec2a124bc1a77b9c7100f5c30bdb521b824a83677c83a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f82975200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab2b0b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_9YUbswnCF6g4k05&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f82974200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab2a0b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_aYq2S2L9WYVHefz&Version=2&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06938dd593b945d6da6fe382a54eb2f8798be00d2f67281c8c16529a35bf9193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2b00000b4f82973200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893eab290b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_aYq2S2L9WYVHefz&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f8297a200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb330b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_20upoDg7GIYGuyh&Version=3&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
459da4c8a9f2a70da8e894d10a363dea41b4d4cdb435af95186da4031da26464
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f82979200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb310b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_20upoDg7GIYGuyh&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f82978200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb300b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_6KILeGGAuPslJ7n&Version=2&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e07bd958925ada74f41859021ac752ddc2c7da287a426e8e5ebf8ae3d3073abe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f82977200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb2e0b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
832 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_6KILeGGAuPslJ7n&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f8297e200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb390b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9NSjltynMtHhMFf&Version=1&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6b4a6124675203780f1883d16d012e98448f6dceec35da99e980c073fcf1e71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f8297d200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb370b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		2 KB
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_cRTya5i3wiaWo4Z&Version=6&Q_InterceptID=SI_9NSjltynMtHhMFf&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f8297c200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb350b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_9slyRRmuwUZ9tfT&Version=2&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb55d122ba0e3370c1d5c52c60f16db655f997c045402c2e52187615ce580477
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f8297b200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb340b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		290 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_er32JI1gjlcuQRf&Version=3&Q_InterceptID=SI_9slyRRmuwUZ9tfT&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
0
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f82982200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
expires
Mon, 29 Jul 2030 13:06:20 GMT
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb3d0b4f-AMS
servershortname
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_0AsPpi6JZXIjgMZ&Version=45&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
975d7c1a63e923c75eae51e984bf8adf70516b532bf7f7abc6e6803f84c79819
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f82981200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb3c0b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		328 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_0ia68TaWR1dbtn7&Version=4&Q_InterceptID=SI_0AsPpi6JZXIjgMZ&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1953b94ba034ab9ad857a51e0b28bb70b57a73a7fe51753d05df1cbdf0fb775b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f82980200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb3b0b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=SI_aavOQmPi2QSZKE5&Version=3&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c057703e7565118ba2084013ce7b26196eb48eb1103925bc9f703b2b251fbbb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f8297f200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb3a0b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
Asset.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		304 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Asset.php?Module=CR_9zBaZSEe4Cd5tiJ&Version=1&Q_InterceptID=SI_aavOQmPi2QSZKE5&Q_ORIGIN=http://161.35.85.54&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Requested by
Host: zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
URL: https://zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_cvGJH8lmjxbKyln&Q_LOC=http%3A%2F%2F161.35.85.54%2Ffidelity%2Ferror.html&t=1596200778431
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a8c79033d6f51d9221602443e34d42e174fd3d9fedd49be51747a5217ac01d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 31 Jul 2020 13:06:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
p3p
CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status
200
edge-control
max-age=604800
vary
Accept-Encoding
cf-request-id
0446941b2e00000b4f82983200000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
http://161.35.85.54
cache-control
public, max-age=604800, s-maxage=604800, max-age=315360000
access-control-allow-credentials
true
cf-ray
5bb7893ebb3e0b4f-AMS
servershortname
expires
Mon, 29 Jul 2030 13:06:20 GMT
8.e8b5d2a2.walkme_lib.js
cdn.walkme.com/player/lib/20200723-101337-4284c4d1/ 		685 B
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200723-101337-4284c4d1/8.e8b5d2a2.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
26e0ec68ad05c15af5ebd8f1173359c944654d616f03847d6045603da49a2d1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
AD2g23FgSkaLIWyNlwZaTXaF8Ux7iQ1j
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
6Z1J4MFQ6K9T3TDJ
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
349
x-amz-id-2
6GsrQV0+tfo3HIXvXjZZ/9o1Q4AKqghDe4fwBftjQQg2KJj6/fu2050yQH0Ik3X8Che0T+tyAEc=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 26 Jul 2020 07:08:20 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595747279/ctime:1595747283/gid:0/gname:root/md5:6d723442e2f3259ba743ff5957ab77c8/mode:33188/mtime:1595747279/uid:0/uname:root
date
Fri, 31 Jul 2020 13:06:20 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31085322
etag
"6d723442e2f3259ba743ff5957ab77c8"
accept-ranges
bytes
30.5b8eaba1.walkme_lib.js
cdn.walkme.com/player/lib/20200723-101337-4284c4d1/ 		85 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200723-101337-4284c4d1/30.5b8eaba1.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3735cad79c5fcf7c523f2ae5e32243badaac831042e5200117e37c53e54ef1e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
yW7iJpbgke2IE3M8m3x8qq5E.GfK2WkG
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
BF6FF6676EDB4CF1
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
23997
x-amz-id-2
K2F6RhD2i20VqYDGGs6t9PIRPiCEy/wnqeX2XuiomyWwVWmHoXRtiIovqgT+cCoGwyeWR+6241M=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 26 Jul 2020 07:08:14 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595747278/ctime:1595747283/gid:0/gname:root/md5:ee6962a3d89c4ad9b597e957178886e6/mode:33188/mtime:1595747279/uid:0/uname:root
date
Fri, 31 Jul 2020 13:06:20 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31082775
etag
"ee6962a3d89c4ad9b597e957178886e6"
accept-ranges
bytes
1.49fc4b99.walkme_lib.js
cdn.walkme.com/player/lib/20200723-101337-4284c4d1/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200723-101337-4284c4d1/1.49fc4b99.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7cd5fad0ea425c6c4aae78e1ed3a98b632cbfd7a698f2bfb8eba73f9349c7e69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
ewWUYPPEMDIpt54MkAuu.ZzN8PtePOVF
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
0664AB526D2538E3
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1129
x-amz-id-2
Ces9e5cDadvsle4Gf814DcgA8my1KC6BrmgQoU3ccy90xrawTUshYMmCllQWPMfeyW9XeQ2dxT4=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 26 Jul 2020 07:08:08 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595747278/ctime:1595747283/gid:0/gname:root/md5:4a9840b71fefcadb8d5007696667b778/mode:33188/mtime:1595747278/uid:0/uname:root
date
Fri, 31 Jul 2020 13:06:20 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31082746
etag
"4a9840b71fefcadb8d5007696667b778"
accept-ranges
bytes
21.915c72d3.walkme_lib.js
cdn.walkme.com/player/lib/20200723-101337-4284c4d1/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200723-101337-4284c4d1/21.915c72d3.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
63b79b091ca28b104ac0bde8798a4a076afbefd9d0951800d3a031ead9a26db2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
4RylEhhtl9dHER2mSAe4ZVY6uK5VDIXA
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
B733297C5362F572
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
8901
x-amz-id-2
XAQfIn6BNb2D6ZYjfGW59+m8lIp9NUdpmZ9zXNkuZwcWxlutM4A/p7NNytuRFdTmdSrkFEIyLSA=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 26 Jul 2020 07:08:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595747278/ctime:1595747283/gid:0/gname:root/md5:f5e000e236705f8e962b8d1c34bdc758/mode:33188/mtime:1595747278/uid:0/uname:root
date
Fri, 31 Jul 2020 13:06:20 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31082808
etag
"f5e000e236705f8e962b8d1c34bdc758"
accept-ranges
bytes
17.60004baf.walkme_lib.js
cdn.walkme.com/player/lib/20200723-101337-4284c4d1/ 		951 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/player/lib/20200723-101337-4284c4d1/17.60004baf.walkme_lib.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
593d90b3f850820245ce0e238f1b4e5a6bbeb6a040028abe33c71c974f311b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
3i5UOn4SJPm55SC3wQ4e4StKOd1dgW1R
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
CCA90E7FB1B41DAA
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
544
x-amz-id-2
2NjKwbcdVKAzhFrMeRw1Ethvknig6Xbkvq4QSeym8wKehQF/9YeRJU6FeEFMCWTSdZWPO66H5Ds=
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 26 Jul 2020 07:08:10 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1595747278/ctime:1595747283/gid:0/gname:root/md5:92086730a020a10f157a4d4215898b69/mode:33188/mtime:1595747278/uid:0/uname:root
date
Fri, 31 Jul 2020 13:06:20 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=31082804
etag
"92086730a020a10f157a4d4215898b69"
accept-ranges
bytes
main.js
cdn.walkme.com/chatbot/3.49.0/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/chatbot/3.49.0/main.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3db751f5b77230b08de3d6d32bf1df3da1a7ade6387b101ddfb46dc8ecedfc2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
Iamdle38K_.nD9SyklrIq0SkXsdV6T8O
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
BJ4K3QEK3NDG7PFT
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
1731
x-amz-id-2
w6jA58dA8RDmmSGLpodWR7cIftuNW0vAl5br3Z4AShFJfDPX/BmZiwBiTWEtWGq+6wMBNQcA1vs=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jul 2020 09:30:55 GMT
server
AmazonS3
date
Fri, 31 Jul 2020 13:06:20 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30940092
etag
"2af9213d162a1137bf5763a944729db6"
accept-ranges
bytes
8.49079f500fd175337f6b.js
cdn.walkme.com/chatbot/3.49.0/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/chatbot/3.49.0/8.49079f500fd175337f6b.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/chatbot/3.49.0/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3c1e4a4b4fdcfd8df89c7a352ffd898ad04f1eb1054c935b7507db634b387818
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
5g23cE.t2DWtHwjGURSeeK0a2GrGhR2T
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
85952447214EA7D8
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
15599
x-amz-id-2
ZIW3Pa3hd0my+NSjmxKUyUJos1uMDhkuShK6t8aJBtjPND87GfN0mAK9+ZPp6DHn5eNJhkGRlk0=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jul 2020 09:30:53 GMT
server
AmazonS3
date
Fri, 31 Jul 2020 13:06:20 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30939990
etag
"00292c0006d464fb2ad6a45e925fe8b4"
accept-ranges
bytes
2.49079f500fd175337f6b.js
cdn.walkme.com/chatbot/3.49.0/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.walkme.com/chatbot/3.49.0/2.49079f500fd175337f6b.js
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/chatbot/3.49.0/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.221.115 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-221-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f81993b53e81424b635f59f504d507bc1db03ee7f0c95c729b9d21d5a7d3bf5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
tD0rIWyD5GcWnQdbnMyFvTlCMj6SYTxe
content-encoding
gzip
x-content-type-options
nosniff
x-amz-request-id
AE20F8143192E4A8
x-amz-server-side-encryption
AES256
status
200
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
content-length
11043
x-amz-id-2
aK0Ewj43dxQ0YIo2dzb51LULhOmT/tPUEEbbRXv5WTExqQ/AU/aaR+RkzEZZoT7L58bzslSlnSc=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 24 Jul 2020 09:30:53 GMT
server
AmazonS3
date
Fri, 31 Jul 2020 13:06:20 GMT
strict-transport-security
max-age=31536000;preload
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
max-age=30939992
etag
"3f4b059528904f51249b88213448f6fe"
accept-ranges
bytes
/
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		45 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_Impress=1&Q_CID=CR_0ia68TaWR1dbtn7&Q_SIID=SI_0AsPpi6JZXIjgMZ&Q_ASID=AS_0AqVa5fIQp7ktXT&Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web&r=1596200780916
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.31.3&Q_CLIENTTYPE=web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 31 Jul 2020 13:06:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://161.35.85.54
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
5bb78940cef70b4f-AMS
vary
Accept-Encoding
cf-request-id
0446941c8100000b4f829a9200000001
Graphic.php
sjc1.qualtrics.com/WRQualtricsSiteIntercept/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sjc1.qualtrics.com/WRQualtricsSiteIntercept/Graphic.php?IM=IM_3yKp2nFO4GPtXrD
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.216.157 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a184-30-216-157.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
261810b2a67fd59ab5e89584961e97a6ba419d5db0811ee5baf8b98affb49aa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:20 GMT
Content-Encoding
gzip
ETag
"a97234fecb8fb711964fd6941188e385"
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
image/png
Access-Control-Allow-Origin
*
X-Transaction-Id
7aeb855a-2329-49d8-b80a-1988aff4d503
Cache-Control
public, max-age=31
Content-Disposition
inline; filename=Feedback+tab+small
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Robots-Tag
noindex
Content-Length
1699
X-Request-Id
8f990c12-f2eb-4ed9-89fb-d7e132316e94
Expires
Fri, 31 Jul 2020 13:06:51 GMT
clear3.png;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9
cfa.fidelity.com/fp/ Frame 4B32 		0
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cfa.fidelity.com/fp/clear3.png;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jac=1&je=31303b26247265673d79207467722038392c206e697e2d7b676172636a2f6f67606b6e6520385964616e71672e2276677074205d242a7566666566696c67662a385964616e71672e227177606f697620552c20444d5e494b475f50524b4c562a385964616e71672e226a6b6666656c20552c20757b6d7241662d73656e67617c20385966636e71672c2071676e656176256f6c652a552c2a777365724b662f616c72777420385964616e71672e2276677074205d242a68616664656e4b6620325964636c71672e20686b6666676e205f2422616f666e697a6f223a5b64636e7b672e20636a676169626d7a205f2c205169766764416c496666223a5b64636e7b672e20686b6666676e205f2e207063717b776d726c2a3a5364616c73672e2078637171776d7066205d2e2064712d6e6d6f696c2d6a7d747c6d6e223a5964636471672e227177606f6976205f7f
Requested by
Host: cfa.fidelity.com
URL: https://cfa.fidelity.com/fp/check.js;CIS3SID=9419B3D0AFCA50B4B11A7689D18240D9?org_id=5h8i3ud8&session_id=236a63bb4763f02b8e31990870ed6778&nonce=2de52b3e02fa4f76&jb=3135242668716d773d4e6b6c777824687b6f3f4c61667570246a73623f416a7a6d6f672530323a31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.235.133.177 , Netherlands, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 31 Jul 2020 13:06:23 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Strict-Transport-Security
max-age=31536000
Content-Type
text/javascript;charset=UTF-8
backEvent
ec.walkme.com/event/ 		2 B
152 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ec.walkme.com/event/backEvent
Requested by
Host: cdn.walkme.com
URL: https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.213.138.120 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
http://161.35.85.54/fidelity/error.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

status
200
date
Fri, 31 Jul 2020 13:06:26 GMT
access-control-allow-origin
*
content-length
2
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html; charset=utf-8

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| NEWS_PAGE_REQUEST_TIME object| ensBootstraps object| Bootstrapper object| dmtData undefined| dmtPropertiesAudiences object| dmtPropertiesWhitelist object| dmtConfig function| dmtStatus function| vendorStatus object| regeneratorRuntime function| callTarget object| _dmt function| startMeasurement function| paintContent object| FidMsmt boolean| _adobeProfileUpdate function| _log object| _console number| perfTestInitTime object| _enslog function| $data function| $globals function| $getData function| $defineData boolean| disableLegacyTags object| tmsConfig function| tmsGetCookieValue function| tmsSetCookieValue function| resetCVI function| tmsStripNBSuites function| tmsStripCustomerOnlySuite function| asyncLibsTest object| msConfig function| onContentMeasurementLoaded function| _trackAnalytics function| tmsTrackAnalyticsSendData function| trackAnalyticsEvent object| targetResponses object| targetCardMsmt object| targetCardCatMsmt object| targetCardState object| targetCardOrder boolean| tmsAsyncLazyLoadHasRun function| tmsAsyncLazyLoad number| tmsAsyncLazyLoadCounter function| _pageLoadApp function| variableListCallback function| targetPageParamsAll object| allowed_list string| val object| adobe object| _AT function| mboxCreate function| mboxDefine function| mboxUpdate object| mboxFactories function| fidMboxCreate function| tntWriteTridionCampaign function| tntWriteTridionCampaignWhenReady function| mboxDefaultHTML function| showDefaultImage function| tntMiddlewareTryAgain function| tntMiddleware function| tntMiddlewareWhenReady function| mboxConversionClick function| getCreativeMiddleware function| creativeMiddlewareWhenReady function| tntValidateCreativeURI function| tntMiddlewareCreativeURL function| middlewareCallBack function| Visitor object| s_c_il number| s_c_in object| visitor object| ensightenOptions object| $act object| targetExperiences object| GLANCE_COBROWSE object| Modernizr object| html5 function| yepnope function| $ function| jQuery function| loadWidget object| NavBar function| $nav function| hidePrevious function| closeSection function| showSection function| toggleView string| PIGlobalNav_WWWHOST string| PIGlobalNav_ACTIVEQUOTE_HOST string| PIGlobalNav_ERESEARCH_HOST string| PIGlobalNav_RESEARCHTOOLS_HOST object| PGNBProperties object| jQuery19008035254124988174 object| formValidationRules object| ngLibraryApp object| angular undefined| returnExports object| td_4n boolean| tmx_profiling_started function| tmx_post_session_params_fixed object| td_4J function| tmx_run_page_fingerprinting object| _cf object| Tawk_API object| Tawk_LoadStart object| jQuery110002172311542164731 object| jQuery110003193294608796353 function| tmsjQuery function| Hashtable function| startsWith function| DomDataCollection function| IE_FingerPrint function| Mozilla_FingerPrint function| Opera_FingerPrint function| Timer function| randrange function| detectIE function| getRandomPort object| ProxyCollector function| BlackberryLocationCollector function| detectFields string| SEP string| PAIR string| DEV function| FingerPrint function| urlEncode function| encode_deviceprint function| decode_deviceprint function| post_deviceprint function| post_fingerprints function| add_deviceprint function| form_add_data function| form_add_deviceprint string| HTML5 string| BLACKBERRY string| UNDEFINED string| GEO_LOCATION_DEFAULT_STRUCT object| geoLocator boolean| geoLocatorStatus function| detectDeviceCollectionAPIMode function| init function| startCollection function| stopCollection function| getGeolocationStruct function| HTML5LocationCollector object| TimestampCollector object| UIEventCollector function| UIEvent function| InteractionElement function| UIElementList function| activeXDetect function| stripIllegalChars function| stripFullPath object| BrowserDetect function| convertTimestampToGMT function| getTimestampInMillis function| debug undefined| highLevel function| setPmStrength function| getPmStrength function| forceIE89Synchronicity object| MASKING object| asParamMap object| fpsParamMap string| asPath object| GLANCE string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName function| WalkmeSnippet object| _walkmeInternals object| _walkmeConfig object| wmSnippet undefined| fixedCallback object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.31.3 function| mtjQuery function| wmjQuery function| walkme_pre_lib_loaded string| wm_username function| walkme_ready object| _qsie object| _walkmeWebpackJP object| _makeTutorialEv undefined| WalkMeConfigCallback object| _makeTutorial object| _walkMe object| WalkMeAPI object| WalkMeDataAPI object| WalkMeInsightsAPI object| wmContext function| WalkMeDataClass object| _walkmeABWebpackJP_latest object| __wm-ab-core-js_shared__latest object| wm_target_variables

0 Cookies

10 Console Messages

Source Level URL
Text
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: [getOffer()] request failed [object Object]
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: Rendering mbox failed target-global-mbox error no display - unauthorized mbox host
console-api log URL: https://login.fidelity.com/ftgw/pages/widget/js/fs-widget.jquery.min.js?_=1596200776570(Line 3)
Message:
Init
console-api log URL: https://login.fidelity.com/ftgw/pages/widget/js/fs-widget.jquery.min.js?_=1596200776570(Line 3)
Message:
Non HTTPS error
console-api log URL: https://login.fidelity.com/ftgw/pages/widget/js/fs-widget.jquery.min.js?_=1596200776570(Line 3)
Message:
Error: undefined
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: [getOffer()] request failed [object Object]
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: Rendering mbox failed PI_Navbar error no display - unauthorized mbox host
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: [getOffer()] request failed [object Object]
console-api warning URL: https://nexus.ensighten.com/fidelity/hpoptasync/Bootstrap.js(Line 787)
Message:
AT: Rendering mbox failed PI_PHP_Hero error no display - unauthorized mbox host
console-api debug URL: https://cdn.walkme.com/player/lib/walkme_lib_20200723-101337-4284c4d1.js(Line 212)
Message:
%c [object HTMLImageElement]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5h8i3ud8-9d2dd0fbf20a31e3de8f554b97ede3834f3f608f-am1.e.aa.online-metrix.net
activate1.fidelity.com
assets.fidelity.com
cdn.jsdelivr.net
cdn.walkme.com
cfa.fidelity.com
dpm.demdex.net
ec.walkme.com
embed.tawk.to
fmrcorp.tt.omtrdc.net
fonts.googleapis.com
fonts.gstatic.com
h.online-metrix.net
login.fidelity.com
nexus.ensighten.com
s3.amazonaws.com
sitecatalystu.fidelity.com
siteintercept.qualtrics.com
sjc1.qualtrics.com
smallenvelop.com
static-v.tawk.to
va.tawk.to
vsa49.tawk.to
www.glancecdn.net
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
104.17.208.240
104.17.209.240
161.35.85.54
18.195.42.228
184.30.216.157
184.30.221.115
2.16.186.32
23.43.114.238
23.8.8.239
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2a00:1450:4001:801::200a
2a00:1450:4001:818::2003
2a04:4e42:1b::621
3.124.119.57
52.216.242.190
52.30.191.169
52.45.41.168
54.213.138.120
54.76.99.142
69.89.31.230
91.235.132.130
91.235.133.177
91.235.134.131
000446608cb1116f5c4fd68177a399e7e1c6759c27d63b447c6c65c740c5d7f5
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0604040cd80a2f23d9ed9ad3b68a090086ccc2d26516f16a61497c70e22cd57b
06938dd593b945d6da6fe382a54eb2f8798be00d2f67281c8c16529a35bf9193
0b2502073850d32d0771c4f2c5c405d7855e61fad3719bd4efc12687523e3402
0d67fb1e900ac570b160aaf2200d35ab1d41f00d0979ade72034289e9d3ab262
1170f0a3eaaae58717731210b3d2874d43478dec97b6b8da11df93a2eabab146
1953b94ba034ab9ad857a51e0b28bb70b57a73a7fe51753d05df1cbdf0fb775b
19b399504472722d29b53e85751d99089d6f98c18ba73931dfbbbe251c4e07a9
1c63d18eb7183a56bdb7bd2178e6e6fdd54b1bcf4b0e7737273be170b3eb99fe
1ef8b37a63474996a7a2a5f1b20464bdcfda70740b292737fd1369a4c814b155
2451f78cdf73cb2817ec2a124bc1a77b9c7100f5c30bdb521b824a83677c83a0
25aac3c0244fdf4d9f9ddae3db3049ca21dffef72043f769fcde8fb4fda14245
25eca424fd243e12c15f479b5490e14d30a01b800bbb1fbe9387e4a3472bf555
261810b2a67fd59ab5e89584961e97a6ba419d5db0811ee5baf8b98affb49aa0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26e0ec68ad05c15af5ebd8f1173359c944654d616f03847d6045603da49a2d1c
294394f3b1b6ebe8e536343efb15bb35964899ebce1f52ce37c7389594079987
2b97047ef0a69b92e16ffc77395b432d48b14d274778092311a7e138257241de
346a5bdd26fea3e46a199ce7821645e7cc25230fd6dc1f0705daccc204433be3
36e5138cd940c180adf0fec1a676d2169b8ba35f0e14ea6d1449a075c96d786e
3735cad79c5fcf7c523f2ae5e32243badaac831042e5200117e37c53e54ef1e9
377dffcb29ed01327a552c58cc827a9ce6293653e87fd6a5b1d252386f2c7f22
37d3b884ae15b884fcc6eb1ee0c83ae32661c38b98615ef10402f736ea92469a
3a8c79033d6f51d9221602443e34d42e174fd3d9fedd49be51747a5217ac01d7
3c1e4a4b4fdcfd8df89c7a352ffd898ad04f1eb1054c935b7507db634b387818
3db751f5b77230b08de3d6d32bf1df3da1a7ade6387b101ddfb46dc8ecedfc2f
40fb656a5ac156cc237bc46e223ed33ed49cd6c71c3b29de4e582fe6f64173aa
459da4c8a9f2a70da8e894d10a363dea41b4d4cdb435af95186da4031da26464
482adb0cd7b80ec97699ed293ec299eb5123c4c5eddc4339ad49e934e519adaf
48fae2be26e019e48301eb0b320a63d51546d4702e9620be53f4c689e60c82e7
49b1ccc994a1dc939eeebece2ad6fc41bcaae6c413af553861b78e6bc40c6ca2
4aeeedcb057ff6abbb45f1ce55dbb4423198ad56a567fa57f88b576fcf932d5d
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
54383cb2f70247578458b930aa303a88d1298890285b4c03eed4fc04de93aeca
54bd82ccdf1a493c29da4c79dbe64598fe66ba44fa7d269bf5ffe36c2f2e79dc
55e2b2ab595e0c192f763ad2c2a237f3f92ecc51e843da550393ffb51a7f115b
593d90b3f850820245ce0e238f1b4e5a6bbeb6a040028abe33c71c974f311b05
59e2bfc931344de5adf5432dc0ef79280226449d2f11544eb006896a04e968c5
5add03cf8dc5a9d53c7cdcf40b61987d85d23332b64497c97b0ce538c240a329
5e54df0d94ad42aa15b09ec8bc01894fdc1bd14818fb2c19b8e34a5eb70313ce
63b79b091ca28b104ac0bde8798a4a076afbefd9d0951800d3a031ead9a26db2
645e1f1f95aa512d9cb9e774f0f35698bc2a1b349cbfecf79ba893377b3979fe
66f54c12a2365f4ea8f7fcadd49258d19d9a2dbe66771de0aa35695ff06cc3c6
6823a0f37f2714ae274b147668fe526449deda0d791f6f08505b6e71e21fe4a7
695a90257ebaa0d4053d262d7da44710544c15d1f8da70080ac200fa7cacb1de
6e72d30c589782e1029538ee2906d6c5f28f30f877e49e617002a16a434a7d6b
70bf6b2e8fbb9f31e314cc3ff4df9f34f453ada4d0bb7b4362591e30799c74de
74e1b82be60b75a6f702babbab302c50a60c4ab696eac27c04d47f100125eab7
75130c88fd45f06e63bc933339fde630f4d3aa270150e5f07ebc0934f1c98295
752ac509c98878a6b24978984d25f1d3f2f2149c63ced50709d02f5360d4cb0c
75a6828b1d9f1c0234190137a0fd06cf1f55fb492f22e564f1915247a411d19b
7bfb5d303e0b07b340de0589a86a26af246a6341f955f9e5e33656e01e47e981
7cd5fad0ea425c6c4aae78e1ed3a98b632cbfd7a698f2bfb8eba73f9349c7e69
81e0834cc5fe6ac0231a33249708eaaaf77c05281a0e4b32548d66bd911655f7
85801feec215611817f8918aa35dc720c6634412e8b35f03be58579e6a0667dd
8596f3beb992852b9e2f1bf8bb2460a8b416637203316575786f7efbf9894829
875ba643ac20ce2b74e3b6ec6512e024882efd53e2cdb6696e174ccc9f343efc
87764cf2de53fe063f413bbbe2f22f217198367a5512f851270796d17e7b5b56
8b9b73786f62ed9b6ddce93ee2106b95dbb7ebcbededbf9b2d91ff18aa8c982b
90c8c49df9363f906709ff1407e338b965b70a1eed9f3e573a4306fd267f1c0c
920a217323e93c3e6e9bc376007ff095341669fbaa8197af95d33d0d1c8b1904
927275320ba4bb925e48576cf6c6d8a5356d492eb6b86e910892f72cdd3b1fbc
92ea6d26d5ee6c1cf58a25d4c6d743d46b08b96c1b037750c1b29ac3ae51a3ac
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
97186953cc577e4f1264131ba85ebee06c7d335656379b7cc60fd9fa0af550f5
975d7c1a63e923c75eae51e984bf8adf70516b532bf7f7abc6e6803f84c79819
9aae8256a714049df3c1a5ba9f826d9db337a7c2f5484c8699011a00bdc8cc10
9d3c768aadbe84faf27a3ce15a2aadbd741b1f64720d5c4dc7e15db821fd609a
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
b1fd910464faae750010db09cd114e8b0466071997d992456624d9ff477688a1
b3d7e4fcbbe34f1cd8e7b55d86f8f7dcc5bb2ab5b405cedd8f9dcda8a62105b6
b6ef02f0419e5bf73d144810fe9fb1e7acdaa17f0f178da71b1d685a0391c8fc
bebde0e7c1e253b9c812b4ea51e4fa26a6d7f239d0a22cc8ed9cb10c317ef9c4
c057703e7565118ba2084013ce7b26196eb48eb1103925bc9f703b2b251fbbb7
c79b53a4c184b6aa42a77baa110706393290f7ae82ea209ce6f11407ace48b24
c7e164623cec10a7bef1f13bf6c53c7415fad63815f9bbd8a3974792a8ad2190
d00298a9e4e708de4e08d175da6b1c0c5aea23287fc3d83f8847edee2189b8b0
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d4b341e0e1b10b8d9d72b33a552d9a4c5f181644a550e6c5290ffbd0df7ff698
d889cee9d53619c3d3f6e916ebca38084279174c00e0a60b8374e8fc6be4c7c8
da37179f5b8ae1887bd05d777d2ca360fd1b475bb2daf9a7dbd8d09d6627a4fe
dee0231a10703d83caca51875f267f8bcf88c17cc2ae54247224d2066ce02abe
e07bd958925ada74f41859021ac752ddc2c7da287a426e8e5ebf8ae3d3073abe
e0efcff5e42f48dc59be55debd3f3debb3258a7c37b7d71bb22adb50ab10b450
e2f1827924a9a45f58120e40ef9c9a0cac49ca2fc56cc5456c9f93fe1634961d
e36c9488168b0ce435d4438c17c3cd38deec18a414496a832911b5932dcbcdfd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70871843f3577c6a5deaffa9e1f6a5ab63b36ec72452cd77f1d56cb35f66dd9
eb55d122ba0e3370c1d5c52c60f16db655f997c045402c2e52187615ce580477
f1b2aefab90090a49341d3fc1da02a6131403e315f6e985593edb3631bbf0183
f47f21063dfdcbdeffed3d97689b45efae7a52401cd7fc5b8d07c42d2f232ab9
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6b4a6124675203780f1883d16d012e98448f6dceec35da99e980c073fcf1e71
f81993b53e81424b635f59f504d507bc1db03ee7f0c95c729b9d21d5a7d3bf5a
fac61e050d5eb05f5b913840d0d65423757b34191c2dd41f434f4256dc54aa86