origin.fidelityaap.com Open in urlscan Pro
69.84.141.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://origin.fidelityaap.com/
Effective URL:
https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F
Submission: On January 20 via automatic, source certstream-suspicious (January 20th 2024, 8:53:32 am UTC) — Scanned from DE

Summary HTTP 12 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 69.84.141.190, located in Lynn, United States and belongs to COLOSPACE, US. The main domain is origin.fidelityaap.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on January 19th 2024. Valid for: a year.

This is the only time origin.fidelityaap.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	69.84.141.190 69.84.141.190	27382 (COLOSPACE) (COLOSPACE)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2.19.96.9 2.19.96.9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	3

7 69.84.141.190 (Lynn, United States) 1 redirects

ASN27382 (COLOSPACE, US)
PTR: 69.84.141.190.static.rev.colospace.com

origin.fidelityaap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.96.9 (Düsseldorf, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-9.deploy.static.akamaitechnologies.com

fiws.fidelity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clearingcustody.fidelity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	fidelityaap.com 1 redirects origin.fidelityaap.com	170 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	59 KB
2	fidelity.com 1 redirects fiws.fidelity.com clearingcustody.fidelity.com — Cisco Umbrella Rank: 733817	4 KB
12	3

	Domain	Requested by
7	origin.fidelityaap.com	1 redirects origin.fidelityaap.com
5	cdnjs.cloudflare.com	origin.fidelityaap.com
1	clearingcustody.fidelity.com	origin.fidelityaap.com
1	fiws.fidelity.com	1 redirects
12	4

This site contains links to these domains. Also see Links.

Domain
www.sipc.org
personal.fidelity.com
www.fidelity.com

Subject Issuer	Validity	Valid
fidelityaap.com Entrust Certification Authority - L1K	`2024-01-19` - `2025-01-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F
Frame ID: A0FADA99416123B6E72E92913E2786A0
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Attorney Access - Log in

Page URL History Show full URLs

https://origin.fidelityaap.com/ HTTP 302
https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F Page URL

Detected technologies

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

232 kB
Transfer

680 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.sipc.org/
Title: SIPC

Search URL Search Domain Scan URL

URL: http://personal.fidelity.com/misc/legal/legal.html.cvsr
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.fidelity.com/security/overview
Title: Security

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://origin.fidelityaap.com/ HTTP 302
https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://fiws.fidelity.com/fi/images/fidelity-color-blocks.gif HTTP 301
https://clearingcustody.fidelity.com/fi/images/fidelity-color-blocks.gif

12 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Login Show response
origin.fidelityaap.com/Account/
Redirect Chain

https://origin.fidelityaap.com/
https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

9 KB
4 KB

104ms
103ms

Document
text/html

69.84.141.190
COLOSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.84.141.190 Lynn, United States, ASN27382 (COLOSPACE, US),

Reverse DNS

69.84.141.190.static.rev.colospace.com

Software

Microsoft-IIS/10.0 /

Resource Hash

5f951675da460dbf39163e6d46dedcd8efbcb10bf92733db19a079ee166ccff9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache,no-cache
content-encoding: gzip
content-length: 3489
content-type: text/html; charset=utf-8
date: Sat, 20 Jan 2024 08:53:27 GMT
expires: -1,-1
feature-policy: geolocation 'self'; vibrate 'none'
pragma: no-cache
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private,no-cache
content-length: 0
date: Sat, 20 Jan 2024 08:53:27 GMT
expires: -1
feature-policy: geolocation 'self'; vibrate 'none'
location: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 css
origin.fidelityaap.com/Content/ 165 KB
39 KB 105ms
104ms Stylesheet
text/css 69.84.141.190
COLOSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://origin.fidelityaap.com/Content/css?v=KzTEje6qmAVBuqBjNWxl2gBkFVKGLe8-w-ZdiXA-HVo1

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.84.141.190 Lynn, United States, ASN27382 (COLOSPACE, US),

Reverse DNS

69.84.141.190.static.rev.colospace.com

Software

Microsoft-IIS/10.0 /

Resource Hash

a9adbad5f4f5c41f3e63548bc602c94b175d237c148029835e3ea6db60f497ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 08:53:27 GMT
last-modified: Sat, 20 Jan 2024 08:53:27 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
cache-control: public,no-cache
feature-policy: geolocation 'self'; vibrate 'none'
content-length: 39478
x-xss-protection: 1; mode=block
expires: Sun, 19 Jan 2025 08:53:27 GMT,-1

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 35ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://origin.fidelityaap.com/
Origin: https://origin.fidelityaap.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 08:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5810541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SG%2FBNdqNUSmN1e2Xz36krXcYYItwC%2FHA3Uj8lzy9EN%2B5NPEncxhx6EXLvqsTIgUhd%2FhT1azGaXNIIOZIQODYS9411XotkYJ8BVVbiSq6mFXT55rvEoEDu7%2BmU5%2FEOM6Jx5rFv%2FoEy38xpG4BOAP5VAJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84861651bf713a7a-FRA
expires: Thu, 09 Jan 2025 08:53:27 GMT

GET
H2 200 Fidelity_Email_Logo.gif
origin.fidelityaap.com/Images/ 5 KB
5 KB 96ms
95ms Image
image/gif 69.84.141.190
COLOSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://origin.fidelityaap.com/Images/Fidelity_Email_Logo.gif

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.84.141.190 Lynn, United States, ASN27382 (COLOSPACE, US),

Reverse DNS

69.84.141.190.static.rev.colospace.com

Software

Microsoft-IIS/10.0 /

Resource Hash

3a9ac3554582155bce27aedf47e35dae8a7779134d6fe15480755136a9968427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 20 Jan 2024 08:53:27 GMT
x-content-type-options: nosniff
last-modified: Sat, 12 Mar 2022 15:27:44 GMT
server: Microsoft-IIS/10.0
etag: "1c576eb82536d81:0"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache
feature-policy: geolocation 'self'; vibrate 'none'
accept-ranges: bytes
content-length: 4839
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 modernizr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 11 KB
5 KB 37ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://origin.fidelityaap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 08:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4596742
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3980
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-2b4c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIK1Hb9tpiR5o0PdublWCngESYVBY%2FOoFc%2BaKxbWm3QqdvvnnRBBwWnMueMwqs4aWTRDhZwE0dWUmB%2FyEoKYoTyMpG018Y8WWmGPnfujenH5R5sHGRtuy%2BPfAJfg0REX5NhvdHK82Z2jCNv%2FwNVMbJI9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84861651becb2bdc-FRA
expires: Thu, 09 Jan 2025 08:53:27 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/ 24 KB
7 KB 22ms
21ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://origin.fidelityaap.com/
Origin: https://origin.fidelityaap.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 08:53:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4590371
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6970
last-modified: Fri, 29 May 2020 16:54:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ed13e63-5f7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ACQW5Yr%2BVdwRcm0QBVTCyu68G0FlpfTPE54KAnOyxv6DtFIUo3Txsd3OFKx7wRp0Fg58%2BsR60Kan9SRPCwCu1pDWbDfa1whSuNF6OmhoMeZmGo4nYaCFE%2BTwU1hiEXBHGhydN8BdULvgeQtWuunLPL2h"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84861651ef8b3a7a-FRA
expires: Thu, 09 Jan 2025 08:53:27 GMT

GET
H2 200 jqueryValFoolProofBundle Show response
origin.fidelityaap.com/bundles/ 4 KB
2 KB 137ms
136ms Script
text/javascript 69.84.141.190
COLOSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://origin.fidelityaap.com/bundles/jqueryValFoolProofBundle?v=Eh3OlHJ-NJnHMr2iVDY_Pu4TnCNjk_LfeCbNU_ECPjY1

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.84.141.190 Lynn, United States, ASN27382 (COLOSPACE, US),

Reverse DNS

69.84.141.190.static.rev.colospace.com

Software

Microsoft-IIS/10.0 /

Resource Hash

e41a41c8289a78bca1fadbf4bf148b1a38cc1bd78dda4d1abca8d009a8f3836b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 08:53:27 GMT
last-modified: Sat, 20 Jan 2024 08:53:28 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public,no-cache
feature-policy: geolocation 'self'; vibrate 'none'
content-length: 1615
x-xss-protection: 1; mode=block
expires: Sun, 19 Jan 2025 08:53:28 GMT,-1

GET
H2 200 lodash.compat.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lodash.js/2.4.1/ 31 KB
11 KB 15ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lodash.js/2.4.1/lodash.compat.min.js

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8f75f4c03903f582cec6d67dbac2b69480aadc39046889adaed377b3f25de4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://origin.fidelityaap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 08:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4413869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10520
last-modified: Mon, 04 May 2020 16:12:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed2-7a6d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=colW0LAZ1A%2FKj4groZt%2FqvtPAn%2Bwg2%2FmoUJB75l%2BEHpfJOOt%2BhnNAYd1Vti%2BEUTGkY8dyn2%2Fmls5PhGYflTkotOyFbAV0s5hrG8v7Qs9JySa7ordkOqTTFNzjAewy2czzJGdunUhNa6UMscOtpNUzeOv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 848616523f3e2bdc-FRA
expires: Thu, 09 Jan 2025 08:53:28 GMT

GET
H2 200 localVendorBundle Show response
origin.fidelityaap.com/bundles/ 310 KB
120 KB 108ms
108ms Script
text/javascript 69.84.141.190
COLOSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://origin.fidelityaap.com/bundles/localVendorBundle?v=aKG7ThD_qD9tmaloO62og8ru46kXnXVORee96lVao-U1

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.84.141.190 Lynn, United States, ASN27382 (COLOSPACE, US),

Reverse DNS

69.84.141.190.static.rev.colospace.com

Software

Microsoft-IIS/10.0 /

Resource Hash

12e08c9a6e8da2b2f34cdafa70fe709494ace6fe19a8328f0958a8aa68ac8bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 08:53:27 GMT
last-modified: Sat, 20 Jan 2024 08:53:28 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public,no-cache
feature-policy: geolocation 'self'; vibrate 'none'
x-xss-protection: 1; mode=block
expires: Sun, 19 Jan 2025 08:53:28 GMT,-1

GET
H3 200 dropzone.min.js Show response
cdnjs.cloudflare.com/ajax/libs/dropzone/4.2.0/min/ 33 KB
9 KB 14ms
14ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/dropzone/4.2.0/min/dropzone.min.js

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8acb17337389e4a7936cf7ef6c2d0932fbff16b385f785437cc0229667b6c48f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://origin.fidelityaap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 20 Jan 2024 08:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5809430
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8639
last-modified: Mon, 04 May 2020 16:09:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e3e-823b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=be%2BsYZqN5UnnVoLWgajnPuHaJysN0qOgs9A9WriggnkCeLOEqiAd8Xwj1BNsfBmDHwy1u1g2BUqHijEcZ5Toxoolnhpr9fiBvipZps%2FSzucvRE1X6bcb%2FXwE9fHzwjQ7iOJvQTfAHy92nM4IhkAJqdXD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84861652e9014d67-FRA
expires: Thu, 09 Jan 2025 08:53:28 GMT

GET
H2 200 app Show response
origin.fidelityaap.com/bundles/ 1017 B
743 B 165ms
164ms Script
text/javascript 69.84.141.190
COLOSPACE

General

Check archive.org

Show headers Download Go to

Full URL

https://origin.fidelityaap.com/bundles/app?v=ZRDVdz1eGpkNKqQ8OJEGi5B6FabuDuTIhQ9tPI5IXnk1

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.84.141.190 Lynn, United States, ASN27382 (COLOSPACE, US),

Reverse DNS

69.84.141.190.static.rev.colospace.com

Software

Microsoft-IIS/10.0 /

Resource Hash

0717c9f4a9bc155a1f5b8620e10fc31847cbca40e8ffaec9bd631df40cafc5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://origin.fidelityaap.com/Account/Login?ReturnUrl=%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 20 Jan 2024 08:53:27 GMT
last-modified: Sat, 20 Jan 2024 08:53:28 GMT
server: Microsoft-IIS/10.0
vary: User-Agent,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: public,no-cache
feature-policy: geolocation 'self'; vibrate 'none'
content-length: 697
x-xss-protection: 1; mode=block
expires: Sun, 19 Jan 2025 08:53:28 GMT,-1

GET
H/1.1

200
OK

fidelity-color-blocks.gif
clearingcustody.fidelity.com/fi/images/
Redirect Chain

https://fiws.fidelity.com/fi/images/fidelity-color-blocks.gif
https://clearingcustody.fidelity.com/fi/images/fidelity-color-blocks.gif

1 KB
2 KB

192ms
144ms

Image
image/gif

2.19.96.9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://clearingcustody.fidelity.com/fi/images/fidelity-color-blocks.gif

Requested by

Host: origin.fidelityaap.com
URL: https://origin.fidelityaap.com/Content/css?v=KzTEje6qmAVBuqBjNWxl2gBkFVKGLe8-w-ZdiXA-HVo1

Protocol

HTTP/1.1

Server

2.19.96.9 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-19-96-9.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

03359336a3d70ad54edba621359887789431bcef1a8286aa437326720956392b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://origin.fidelityaap.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
Date: Sat, 20 Jan 2024 08:53:29 GMT
X-Content-Type-Options: nosniff
P3P: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
fscalleeid: https-institutional.fidelity.com-8443
Connection: keep-alive
Content-Length: 1466
X-XSS-Protection: 1; mode=block
fsreqid: REQ65ab8a09d718047d9bdf4e3290b5aa33
Referrer-Policy: same-origin
Last-Modified: Thu, 18 Jan 2024 20:24:08 GMT
Server: Apache
ETag: "5ba-60f3e25460a00"
Vary: User-Agent
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif; charset=iso-8859-1
fselapsedtime: 243
Feature-Policy: microphone 'none'; camera 'self'; geolocation 'self'; sync-xhr 'self'
Cache-Control: max-age=86400
Accept-Ranges: bytes

Redirect headers

Strict-Transport-Security: max-age=31536000; includeSubdomains;
fsreqid: REQ65ab8a09bb5c9fad85ced5bce9e9aa33
Date: Sat, 20 Jan 2024 08:53:29 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://clearingcustody.fidelity.com/fi/images/fidelity-color-blocks.gif
fselapsedtime: 247
fscalleeid: https-institutional.fidelity.com-8443
Connection: keep-alive
Content-Length: 0
fserror: Apache error; src=https-institutional.fidelity.com-8443; hs=301+Moved+Permanent

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			origin.fidelityaap.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken Value: n2kCTm0eMVn2T9LSz6Ufb4qWELcA6JYuUsrZOQNg_sKBLc3_hEXT9ug-7c32oTG6J7QU46WJbtoQEgDE9B8nDdLiWSTa0DIBT43u1ZiQFRU1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Feature-Policy header: Unrecognized feature: 'vibrate'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
clearingcustody.fidelity.com
fiws.fidelity.com
origin.fidelityaap.com
2.19.96.9
2606:4700::6811:180e
69.84.141.190
03359336a3d70ad54edba621359887789431bcef1a8286aa437326720956392b
0717c9f4a9bc155a1f5b8620e10fc31847cbca40e8ffaec9bd631df40cafc5d3
12e08c9a6e8da2b2f34cdafa70fe709494ace6fe19a8328f0958a8aa68ac8bf4
3a9ac3554582155bce27aedf47e35dae8a7779134d6fe15480755136a9968427
5f951675da460dbf39163e6d46dedcd8efbcb10bf92733db19a079ee166ccff9
8acb17337389e4a7936cf7ef6c2d0932fbff16b385f785437cc0229667b6c48f
a9adbad5f4f5c41f3e63548bc602c94b175d237c148029835e3ea6db60f497ca
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
e41a41c8289a78bca1fadbf4bf148b1a38cc1bd78dda4d1abca8d009a8f3836b
e8f75f4c03903f582cec6d67dbac2b69480aadc39046889adaed377b3f25de4f
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

origin.fidelityaap.com Open in urlscan Pro 69.84.141.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

12 Requests

92 %HTTPS

33 %IPv6

3 Domains

4 Subdomains

3 IPs

2 Countries

232 kBTransfer

680 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

origin.fidelityaap.com Open in urlscan Pro
69.84.141.190 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

92 %
HTTPS

33 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

232 kB
Transfer

680 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions