urlscan.io logo urlscan.io
SecurityTrails logo

esescouture.com Open in urlscan Pro
192.163.196.246  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://esescouture.com/Fidelity/
Submission: On November 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 18 domains to perform 44 HTTP transactions. The main IP is 192.163.196.246, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is esescouture.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 19th 2021. Valid for: 3 months.
This is the only time esescouture.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Fidelity (Banking)

Domain & IP information

IP Address AS Autonomous System
8 192.163.196.246 46606 (UNIFIEDLA...)
1 1 35.175.86.79 14618 (AMAZON-AES)
1 2600:9000:206... 16509 (AMAZON-02)
2 2.16.186.216 20940 (AKAMAI-ASN1)
1 18.197.253.20 16509 (AMAZON-02)
7 52.16.165.61 16509 (AMAZON-02)
2 2.16.186.211 20940 (AKAMAI-ASN1)
3 2.16.186.200 20940 (AKAMAI-ASN1)
1 52.51.58.216 16509 (AMAZON-02)
1 2.16.186.185 20940 (AKAMAI-ASN1)
1 1 52.50.54.3 16509 (AMAZON-02)
2 3 35.244.174.68 15169 (GOOGLE)
2 3 37.252.172.45 29990 (ASN-APPNEX)
2 3 142.250.186.34 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
9 10 151.101.130.49 54113 (FASTLY)
1 1 151.101.66.49 54113 (FASTLY)
1 69.173.144.139 26667 (RUBICONPR...)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 2 34.98.64.218 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 185.94.180.126 35220 (SPOTX-AMS)
1 2a03:2880:f11... 32934 (FACEBOOK)
44 21
8    192.163.196.246 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.shreeshivam.in
esescouture.com
1    35.175.86.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-175-86-79.compute-1.amazonaws.com
www.glancecdn.net
1    2600:9000:206f:c800:d:addc:2400:93a1 (United States)

ASN16509 (AMAZON-02, US)
storage.glancecdn.net
2    2.16.186.216 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-216.deploy.static.akamaitechnologies.com
www.fidelity.com
1    18.197.253.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
7    52.16.165.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-165-61.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2.16.186.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-211.deploy.static.akamaitechnologies.com
dmt.fidelity.com
3    2.16.186.200 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-200.deploy.static.akamaitechnologies.com
assets.fidelity.com
1    52.51.58.216 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-58-216.eu-west-1.compute.amazonaws.com
fidelity.demdex.net
1    2.16.186.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-185.deploy.static.akamaitechnologies.com
sitecatalyst.fidelity.com
1    52.50.54.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-54-3.eu-west-1.compute.amazonaws.com
cm.everesttech.net
3    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
3    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
cm.g.doubleclick.net
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
10    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
rtd-tm.everesttech.net
1    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
rtd.tubemogul.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
9 sync-tm.everesttech.net 9 redirects
8 esescouture.com esescouture.com
7 dpm.demdex.net nexus.ensighten.com
esescouture.com
3 cm.g.doubleclick.net 2 redirects esescouture.com
3 ib.adnxs.com 2 redirects esescouture.com
3 idsync.rlcdn.com 2 redirects fidelity.demdex.net
3 assets.fidelity.com esescouture.com
2 sync.search.spotxchange.com 1 redirects esescouture.com
2 us-u.openx.net 1 redirects esescouture.com
2 dsum-sec.casalemedia.com 1 redirects esescouture.com
2 dmt.fidelity.com nexus.ensighten.com
2 www.fidelity.com esescouture.com
1 www.facebook.com esescouture.com
1 image2.pubmatic.com esescouture.com
1 pixel.rubiconproject.com esescouture.com
1 rtd-tm.everesttech.net esescouture.com
1 rtd.tubemogul.com 1 redirects
1 c.bing.com 1 redirects
1 analytics.twitter.com esescouture.com
1 cm.everesttech.net 1 redirects
1 sitecatalyst.fidelity.com nexus.ensighten.com
1 fidelity.demdex.net nexus.ensighten.com
1 nexus.ensighten.com esescouture.com
1 storage.glancecdn.net esescouture.com
1 www.glancecdn.net 1 redirects
44 25
Subject Issuer Validity Valid
esescouture.com
cPanel, Inc. Certification Authority		 2021-10-19 -
2022-01-17		 3 months crt.sh
www.fidelity.com
Entrust Certification Authority - L1M		 2021-10-27 -
2022-10-27		 a year crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-14 -
2022-10-12		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
dmt.fidelity.com
Entrust Certification Authority - L1M		 2021-06-17 -
2022-06-17		 a year crt.sh
dpcs.fidelity.com
Entrust Certification Authority - L1M		 2021-04-13 -
2022-05-08		 a year crt.sh
akamai.piprod4.fidelity.com
Entrust Certification Authority - L1M		 2021-09-30 -
2022-09-30		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://esescouture.com/Fidelity/
Frame ID: 43183F7C139CC699D6245B811359C328
Requests: 29 HTTP requests in this frame

Frame: https://fidelity.demdex.net/dest5.html?d_nsid=0
Frame ID: D224E865344D8AA6EE94EC77B659E04A
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fidelity Investments - Retirement Plans, Investing, Brokerage, Wealth Management, Financial Planning and Advice, Online Trading.

Page Statistics

44
Requests

48 %
HTTPS

13 %
IPv6

18
Domains

25
Subdomains

21
IPs

5
Countries

1015 kB
Transfer

2616 kB
Size

28
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19772&site=production HTTP 302
  • https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
Request Chain 27
  • https://cm.everesttech.net/cm/dd?d_uuid=10691766018175968151614367276706325347 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZZroQAAAKAepwQp
Request Chain 29
  • https://idsync.rlcdn.com/365868.gif?partner_uid=10691766018175968151614367276706325347 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMTA2OTE3NjYwMTgxNzU5NjgxNTE2MTQzNjcyNzY3MDYzMjUzNDcQABoNCKHX2YwGEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=d42b400bd436382b44bf7192dabbaaf964a94f268724900a1c0be2863bc87772b0da87c991749652
Request Chain 30
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3440667897540966672
Request Chain 32
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTA2OTE3NjYwMTgxNzU5NjgxNTE2MTQzNjcyNzY3MDYzMjUzNDc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTA2OTE3NjYwMTgxNzU5NjgxNTE2MTQzNjcyNzY3MDYzMjUzNDc=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPrHZj95O-GSm0iLu5oLDM4&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 34
  • https://c.bing.com/c.gif?uid=10691766018175968151614367276706325347&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3DF9A1E0218E65C836DCB113205C6452
Request Chain 35
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=YZZroQAAAKAepwQp
Request Chain 36
  • https://rtd.tubemogul.com/migrate_et3/ HTTP 302
  • https://rtd-tm.everesttech.net/migrate_et3/
Request Chain 37
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpacm9RQUFBS0FlcHdRcA==
Request Chain 38
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZZroQAAAKAepwQp&expires=90
Request Chain 39
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZZroQAAAKAepwQp HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZZroQAAAKAepwQp&C=1
Request Chain 40
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YZZroQAAAKAepwQp
Request Chain 41
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZZroQAAAKAepwQp HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZZroQAAAKAepwQp
Request Chain 42
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZZroQAAAKAepwQp
Request Chain 43
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZZroQAAAKAepwQp&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZZroQAAAKAepwQp&img=1&__user_check__=1&sync_id=ea7c88f9-4880-11ec-a79e-1d21b9eb0206
Request Chain 44
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZZroQAAAKAepwQp&t=2592000&o=0

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
esescouture.com/Fidelity/ 		368 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.163.196.246 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.shreeshivam.in
Software
Apache /
Resource Hash
1a66ddf47eed0d8b3967e6dac81c875341345ac95af542ef34a10ace5d900278

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Thu, 18 Nov 2021 15:05:03 GMT
Server
Apache
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
39255
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
GlanceCobrowseLoader_4.9.0M.js
storage.glancecdn.net/cobrowse/js/
Redirect Chain
  • https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19772&site=production
  • https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
H2
Server
2600:9000:206f:c800:d:addc:2400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19b399504472722d29b53e85751d99089d6f98c18ba73931dfbbbe251c4e07a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 18:53:36 GMT
content-encoding
gzip
age
2923889
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Tue, 05 Nov 2019 22:35:58 GMT
server
AmazonS3
etag
W/"3fcc37d0e9ddabde15d8f4bdb51cb1e9"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
T_IiJ.xSF7THsIBNdbQc2hbXg4MUIuQ2
via
1.1 2fc0d20914c32e5cd76477ed042298d1.cloudfront.net (CloudFront)
cache-control
public, max-age=31556926
x-amz-cf-pop
FRA56-C1
content-type
text/javascript
x-amz-cf-id
drpDuOJXOpZ2syrUdfFZ6xywhznG02v1PeVDB-QdwDEJTbkpQ_Wszg==

Redirect headers

date
Thu, 18 Nov 2021 15:05:04 GMT
server
Microsoft-IIS/8.5
x-aspnet-version
4.0.30319
location
https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_4.9.0M.js
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
content-length
189
css.css
esescouture.com/Fidelity/ 		900 KB
440 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esescouture.com/Fidelity/css.css
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.163.196.246 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.shreeshivam.in
Software
Apache /
Resource Hash
ec1a416ecdb7b44747a62f6c9d629dcfa941419484fad7d37e3cf720054c676e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/Fidelity/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 15:05:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 14:38:54 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
HP_Master-CSS%5B1%5D.css
esescouture.com/bin-public/060_www_fidelity_com/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esescouture.com/bin-public/060_www_fidelity_com/css/HP_Master-CSS%5B1%5D.css
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.163.196.246 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.shreeshivam.in
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/Fidelity/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 15:05:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
nav-07.18.min.css
www.fidelity.com/bin-public/060_www_fidelity_com/css/ 		43 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.fidelity.com/bin-public/060_www_fidelity_com/css/nav-07.18.min.css
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f55b9d9ac7bc2eb4528447bd8928c9469428956b6bbc9759656e517a44dea2ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
GuyOXJNt3BXtAbUpwHJhqKqS.bXCqDi.
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 20:29:56 GMT
server
AmazonS3
x-amz-request-id
VTV9Y5YM53AQQCAK
etag
"d88524a63ab9582a63b77f76a924536f"
vary
Accept-Encoding
content-type
text/css
date
Thu, 18 Nov 2021 15:05:04 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
content-length
12840
x-amz-id-2
bUiFCcXkmnmmN6MmyDkeLxliQodIsk3tGbAcs+9GKlypcHqIXB17aGlibfDzGGv3QKAl2hzPWKA=
nav-07.18.min.js
www.fidelity.com/bin-public/060_www_fidelity_com/js/ 		101 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.fidelity.com/bin-public/060_www_fidelity_com/js/nav-07.18.min.js
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.216 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3280a25a3c82cd2a29b6c5e18aee0c341e10b5cc381b59eef1bd4ea01219e54c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
x-amz-version-id
_xb0hXl9o3msNBlIBqAdQK3pYACXKKKF
content-encoding
gzip
last-modified
Wed, 08 Aug 2018 00:50:30 GMT
server
AmazonS3
x-amz-request-id
X2QJAEQJHTA62NN5
etag
"1fa0c21a960f0651e4ba7d224096cabc"
vary
Accept-Encoding
content-type
application/x-javascript
date
Thu, 18 Nov 2021 15:05:04 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
36134
x-amz-id-2
bv8bRDORs/bA5Lj6BWiMPUgLn1O7AiJ8tgQdPpGbINLryuRdoK4V73nfOmT1C2OpQqDVQV3l1Ns=
1.png
esescouture.com/Fidelity/ 		56 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://esescouture.com/Fidelity/1.png
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.163.196.246 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.shreeshivam.in
Software
Apache /
Resource Hash
e90598ea92620b5e2df2b055f3f50ed64a70aaada4266a3914d8822f514b6095

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/Fidelity/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 15:05:05 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Jul 2020 14:51:46 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
55383
hp-tabset.js
esescouture.com/bin-public/060_www_fidelity_com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://esescouture.com/bin-public/060_www_fidelity_com/js/hp-tabset.js
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.163.196.246 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.shreeshivam.in
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/Fidelity/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 15:05:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
white-check-new.png
esescouture.com/bin-public/060_www_fidelity_com/images/why-fidelity/ 		0
0
gray-check-new.png
esescouture.com/bin-public/060_www_fidelity_com/images/homepage/ 		0
0
seo-footer.css
esescouture.com/bin-public/060_www_fidelity_com/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esescouture.com/bin-public/060_www_fidelity_com/css/seo-footer.css
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.163.196.246 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.shreeshivam.in
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/Fidelity/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 15:05:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
hp_ret-score-style.css
esescouture.com/bin-public/060_www_fidelity_com/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esescouture.com/bin-public/060_www_fidelity_com/css/hp_ret-score-style.css
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.163.196.246 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.shreeshivam.in
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/Fidelity/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 15:05:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
hp-tabset.css
esescouture.com/bin-public/060_www_fidelity_com/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://esescouture.com/bin-public/060_www_fidelity_com/css/hp-tabset.css
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
192.163.196.246 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
server.shreeshivam.in
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/Fidelity/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 15:05:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
hp_ratings-style.css
esescouture.com/bin-public/060_www_fidelity_com/css/ 		0
0
hp_table-styles.css
esescouture.com/bin-public/060_www_fidelity_com/css/ 		0
0
Bootstrap.js
nexus.ensighten.com/fidelity/prod/ 		737 KB
208 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.197.253.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-253-20.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
bf9b994a6cd28fa4493ce01066438decd0b7e8727cfd33933b09241e689bd7a6

Request headers

Referer
https://esescouture.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 18 Nov 2021 15:05:04 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 08:10:53 GMT
server
nginx
etag
W/"61960a8d-b8247"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&d_nsid=0&ts=1637247904897
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.16.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-165-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5c01f555520eecb417157c4d18e367c9c9637886e2caeb514c82df4c87274acd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://esescouture.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v019-0dce097b6.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
amXUDo0zQp8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://esescouture.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1202
Expires
Thu, 01 Jan 1970 00:00:00 UTC
hp-tabset.js
esescouture.com/bin-public/060_www_fidelity_com/js/ 		0
0
seo-footer.css
esescouture.com/bin-public/060_www_fidelity_com/css/ 		0
0
hp_ret-score-style.css
esescouture.com/bin-public/060_www_fidelity_com/css/ 		0
0
serverComponent.php
dmt.fidelity.com/fidelity/prod/ 		295 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmt.fidelity.com/fidelity/prod/serverComponent.php?namespace=Bootstrapper&staticJsPath=dmt.fidelity.com/fidelity/prod/code/&publishedOn=Thu%20Nov%2018%2008:10:50%20GMT%202021&ClientID=65&PageID=https%3A%2F%2Fesescouture.com%2FFidelity%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ce76ac7a474ffa9278eebe349731d6092b0a994fcfbf91fa6d06bde5a9a525a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 15:05:05 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
295
expires
Thu, 18 Nov 2021 15:05:04 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a458e7d5f78e768334824e9f97f2d362e10a86ee84b3fc9fb9d0441d65f9266d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/svg+xml
FidelitySans-Regular.woff
assets.fidelity.com/fonts/ 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Regular.woff
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/css.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-200.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c79b53a4c184b6aa42a77baa110706393290f7ae82ea209ce6f11407ace48b24

Request headers

Referer
https://esescouture.com/
Origin
https://esescouture.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
NMREx1DTz_Md_UxulXyjER0YBhTXfP8p
ETag
"1164b06880f3cca02a34f8b00555b1b8"
x-amz-request-id
38CCEE23C7E78C42
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
50220
x-amz-id-2
f9GEMWg4QjxNz6FaLOQn1Ytv6LhgRowTmk4UjZE2N21Rd3npDcl+PIWgAp8700LE9vXnjdFyrSg=
Last-Modified
Thu, 06 Dec 2018 21:21:04 GMT
Server
AmazonS3
Date
Thu, 18 Nov 2021 15:05:05 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=821
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Thu, 18 Nov 2021 15:18:46 GMT
truncated
/ 		52 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25aac3c0244fdf4d9f9ddae3db3049ca21dffef72043f769fcde8fb4fda14245

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/png
FidelitySans-Light.woff
assets.fidelity.com/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Light.woff
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/css.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-200.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
87764cf2de53fe063f413bbbe2f22f217198367a5512f851270796d17e7b5b56

Request headers

Referer
https://esescouture.com/
Origin
https://esescouture.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Ke.lmoasaAhsR0HOAq9Lr15NQsDrfVRP
ETag
"26cfa5483fdb802f8aed0d9bdd67d76b"
x-amz-request-id
3MHB1FVX7PC2562F
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
53316
x-amz-id-2
fN1AOHSAkKWvMaJXNe559ZmUoLpK9ZyMZPdorO3tMIcOmdQG8k15g2C3gZZHNkJsn/H33L8dmYM=
Last-Modified
Thu, 06 Dec 2018 21:21:29 GMT
Server
AmazonS3
Date
Thu, 18 Nov 2021 15:05:05 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=1755
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Thu, 18 Nov 2021 15:34:20 GMT
FidelitySans-Bold.woff
assets.fidelity.com/fonts/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.fidelity.com/fonts/FidelitySans-Bold.woff
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/css.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.200 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-200.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
92ea6d26d5ee6c1cf58a25d4c6d743d46b08b96c1b037750c1b29ac3ae51a3ac

Request headers

Referer
https://esescouture.com/
Origin
https://esescouture.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
ugsTBcoJKAjTZEI44PlQZ70Dg3.cyYFR
ETag
"6eca06fb033d0829b5075a48c19079a4"
x-amz-request-id
3KVPPD84484SBQPY
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
46800
x-amz-id-2
O8Kq+ljwIZMPVtq77igKXcPRTi/CPFA/mQ/RbI5yJMVTDR3u3ltNRXPRD7WxX346//lAi8uwfls=
Last-Modified
Thu, 06 Dec 2018 21:21:24 GMT
Server
AmazonS3
Date
Thu, 18 Nov 2021 15:05:05 GMT
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
application/font-woff
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-XSRF-TOKEN
Cache-Control
max-age=625
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
appid, appname, content-type, X-XSRF-TOKEN
Expires
Thu, 18 Nov 2021 15:15:30 GMT
dest5.html
fidelity.demdex.net/ Frame D224 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fidelity.demdex.net/dest5.html?d_nsid=0
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.58.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-51-58-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Thu, 18 Nov 2021 15:05:05 GMT
DCS
dcs-prod-irl1-2-v019-02d0fc293.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Mon, 1 Nov 2021 10:01:09 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
Ue+b7bA2TmE=
Content-Length
2791
Connection
keep-alive
id
sitecatalyst.fidelity.com/ 		48 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sitecatalyst.fidelity.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=EDCF01AC512D2B770A490D4C%40AdobeOrg&mid=04717517012128634422178308063438420798&ts=1637247905233
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-185.deploy.static.akamaitechnologies.com
Software
jag /
Resource Hash
4bc05c27abfa1e910ec66dc917aedeae9c0b36c49a30bf16221c5b800626d7f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://esescouture.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Thu, 18 Nov 2021 15:05:05 GMT
x-content-type-options
nosniff
Server
jag
xserver
anedge-6988cccb6f-dqd4c
Vary
Origin
x-c
main-1542.If2e2aa.M0-523
p3p
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://esescouture.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript;charset=utf-8
Content-Length
48
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YZZroQAAAKAepwQp
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=10691766018175968151614367276706325347
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZZroQAAAKAepwQp
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZZroQAAAKAepwQp
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Server
52.16.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-165-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-0d891b5f4.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Ex8xKt+qTdU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YZZroQAAAKAepwQp
Date
Thu, 18 Nov 2021 15:05:05 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
4e27741df710a17da5263c985d181c69.js
dmt.fidelity.com/fidelity/prod/code/ 		191 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmt.fidelity.com/fidelity/prod/code/4e27741df710a17da5263c985d181c69.js?conditionId0=46215&conditionId1=422684
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/fidelity/prod/Bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-211.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d680a122778fabd321ddecc83f359b0a3f058e661918192bee03f7039270c938

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://esescouture.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 15:05:05 GMT
content-encoding
gzip
last-modified
Thu, 18 Nov 2021 08:10:53 GMT
server
nginx
etag
W/"61960a8d-2fb2d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
content-length
52714
ibs:dpid=477&dpuuid=d42b400bd436382b44bf7192dabbaaf964a94f268724900a1c0be2863bc87772b0da87c991749652
dpm.demdex.net/ Frame D224
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=10691766018175968151614367276706325347
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMTA2OTE3NjYwMTgxNzU5NjgxNTE2MTQzNjcyNzY3MDYzMjUzNDcQABoNCKHX2YwGEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=d42b400bd436382b44bf7192dabbaaf964a94f268724900a1c0be2863bc87772b0da87c991749652
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=d42b400bd436382b44bf7192dabbaaf964a94f268724900a1c0be2863bc87772b0da87c991749652
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Server
52.16.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-165-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-018c6da40.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+vyMN7IpQsc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Thu, 18 Nov 2021 15:05:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=d42b400bd436382b44bf7192dabbaaf964a94f268724900a1c0be2863bc87772b0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
ibs:dpid=358&dpuuid=3440667897540966672
dpm.demdex.net/ Frame D224
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=3440667897540966672
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3440667897540966672
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Server
52.16.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-165-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-0dce097b6.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7KpQ2sKaS58=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 15:05:05 GMT
X-Proxy-Origin
185.232.23.187; 185.232.23.187; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8972c94e-56f8-40e3-be9d-459e1cee48a7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=3440667897540966672
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
365868.gif
idsync.rlcdn.com/ Frame D224 		42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=10691766018175968151614367276706325347
Requested by
Host: fidelity.demdex.net
URL: https://fidelity.demdex.net/dest5.html?d_nsid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Nov 2021 15:05:05 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42
ibs:dpid=771&dpuuid=CAESEPrHZj95O-GSm0iLu5oLDM4&google_cver=1
dpm.demdex.net/ Frame D224
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTA2OTE3NjYwMTgxNzU5NjgxNTE2MTQzNjcyNzY3MDYzMjUzNDc=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTA2OTE3NjYwMTgxNzU5NjgxNTE2MTQzNjcyNzY3MDYzMjUzNDc=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPrHZj95O-GSm0iLu5oLDM4&google_cver=1?gdpr=0&gdpr_consent=
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPrHZj95O-GSm0iLu5oLDM4&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Server
52.16.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-165-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-0886f2468.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
KrAEdDfTShg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEPrHZj95O-GSm0iLu5oLDM4&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ Frame D224 		43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=10691766018175968151614367276706325347&p_id=38594
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 15:05:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
169
pragma
no-cache
last-modified
Thu, 18 Nov 2021 15:05:05 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
1014227f70778ecc2be1cfe722a3925bb33384168cb2a402c3d5e9035e5c6d2e
x-transaction
88b98fd5017e5119
expires
Tue, 31 Mar 1981 05:00:00 GMT
ibs:dpid=1957&dpuuid=3DF9A1E0218E65C836DCB113205C6452
dpm.demdex.net/ Frame D224
Redirect Chain
  • https://c.bing.com/c.gif?uid=10691766018175968151614367276706325347&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3DF9A1E0218E65C836DCB113205C6452
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3DF9A1E0218E65C836DCB113205C6452
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Server
52.16.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-165-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v019-0d7ebfd97.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
DzL12MoOQ0M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 92C449A8E0074AFD9F73C14854D310E8 Ref B: FRAEDGE1309 Ref C: 2021-11-18T15:05:05Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=3DF9A1E0218E65C836DCB113205C6452
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ibs:dpid=782&dpuuid=YZZroQAAAKAepwQp
dpm.demdex.net/ Frame D224
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=YZZroQAAAKAepwQp
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=782&dpuuid=YZZroQAAAKAepwQp
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Server
52.16.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-16-165-61.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v019-0d78772a5.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
IeSOB9jnT2o=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637247906.028609,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://dpm.demdex.net/ibs:dpid=782&dpuuid=YZZroQAAAKAepwQp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
rtd-tm.everesttech.net/migrate_et3/ Frame D224
Redirect Chain
  • https://rtd.tubemogul.com/migrate_et3/
  • https://rtd-tm.everesttech.net/migrate_et3/
0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtd-tm.everesttech.net/migrate_et3/
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
H2
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:06 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1637247906.144385,VS0,VE89
x-served-by
cache-hhn4037-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637247906.129338,VS0,VE0
x-served-by
cache-hhn4053-HHN
x-cache
HIT
location
https://rtd-tm.everesttech.net/migrate_et3/
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame D224
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpacm9RQUFBS0FlcHdRcA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpacm9RQUFBS0FlcHdRcA==
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
H3
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:06 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637247906.216454,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVpacm9RQUFBS0FlcHdRcA==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame D224
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZZroQAAAKAepwQp&expires=90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZZroQAAAKAepwQp&expires=90
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637247906.309513,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YZZroQAAAKAepwQp&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame D224
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZZroQAAAKAepwQp
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZZroQAAAKAepwQp&C=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZZroQAAAKAepwQp&C=1
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 15:05:07 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 18 Nov 2021 15:05:07 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 15:05:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YZZroQAAAKAepwQp&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
279
Expires
Thu, 18 Nov 2021 15:05:06 GMT
setuid
ib.adnxs.com/ Frame D224
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YZZroQAAAKAepwQp
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YZZroQAAAKAepwQp
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Nov 2021 15:05:06 GMT
X-Proxy-Origin
185.232.23.187; 185.232.23.187; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e979a783-8eec-4efe-991d-32d867f12b8c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637247907.505634,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YZZroQAAAKAepwQp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame D224
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YZZroQAAAKAepwQp
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZZroQAAAKAepwQp
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZZroQAAAKAepwQp
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:06 GMT
via
1.1 google
server
OXGW/16.218.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YZZroQAAAKAepwQp
date
Thu, 18 Nov 2021 15:05:06 GMT
via
1.1 google
server
OXGW/16.218.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame D224
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZZroQAAAKAepwQp
1 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZZroQAAAKAepwQp
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 15:05:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:415
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637247907.706945,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YZZroQAAAKAepwQp
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame D224
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZZroQAAAKAepwQp&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZZroQAAAKAepwQp&img=1&__user_check__=1&sync_id=ea7c88f9-4880-11ec-a79e-1d21b9eb0206
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YZZroQAAAKAepwQp&img=1&__user_check__=1&sync_id=ea7c88f9-4880-11ec-a79e-1d21b9eb0206
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Thu, 18 Nov 2021 15:05:06 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
59
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 18 Nov 2021 15:05:06 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YZZroQAAAKAepwQp&img=1&__user_check__=1&sync_id=ea7c88f9-4880-11ec-a79e-1d21b9eb0206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
73
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame D224
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZZroQAAAKAepwQp&t=2592000&o=0
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZZroQAAAKAepwQp&t=2592000&o=0
Requested by
Host: esescouture.com
URL: https://esescouture.com/Fidelity/
Protocol
H2
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://fidelity.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Thu, 18 Nov 2021 07:05:07 PST
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
cpNDTPOsAf+q5JX17TeNm1PiaxWs3LVuXeHxWCBfxlKjonYEfOzyu3imqItSJpDNCEBFYWDGQo+WhZvRnScf6Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
expires
Thu, 18 Nov 2021 07:05:07 PST

Redirect headers

pragma
no-cache
date
Thu, 18 Nov 2021 15:05:06 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637247907.909985,VS0,VE0
x-served-by
cache-hhn4037-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YZZroQAAAKAepwQp&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
esescouture.com
URL
https://esescouture.com/bin-public/060_www_fidelity_com/images/why-fidelity/white-check-new.png
Domain
esescouture.com
URL
https://esescouture.com/bin-public/060_www_fidelity_com/images/homepage/gray-check-new.png
Domain
esescouture.com
URL
https://esescouture.com/bin-public/060_www_fidelity_com/css/hp_ratings-style.css
Domain
esescouture.com
URL
https://esescouture.com/bin-public/060_www_fidelity_com/css/hp_table-styles.css
Domain
esescouture.com
URL
https://esescouture.com/bin-public/060_www_fidelity_com/js/hp-tabset.js
Domain
esescouture.com
URL
https://esescouture.com/bin-public/060_www_fidelity_com/css/seo-footer.css
Domain
esescouture.com
URL
https://esescouture.com/bin-public/060_www_fidelity_com/css/hp_ret-score-style.css

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Fidelity (Banking)

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| GLANCE object| ttMETA function| ttMBX object| ensBootstraps object| Bootstrapper function| dmtParseCookie undefined| dmtPropertiesAudiences object| dmtLifeStageSegment object| dmtWLPendo object| dmtAllowSidecar object| dmtPropertiesWhitelist object| dmtConfig object| dmtData function| dmtStatus function| vendorStatus object| dmtFloodLight object| dmtFloodlightActions object| dmtGoogleAds object| dmtGoogleAdsActions object| dmtVariables function| _pageLoadApp function| variableListCallback function| $defineData object| regeneratorRuntime function| callTarget object| _dmt function| startMeasurement function| paintContent object| FidMsmt boolean| _adobeProfileUpdate function| _log object| _console number| perfTestInitTime object| _enslog function| $data function| $globals function| $getData boolean| disableLegacyTags object| tmsConfig function| tmsGetCookieValue function| tmsSetCookieValue function| resetCVI function| tmsStripNBSuites function| tmsStripCustomerOnlySuite function| asyncLibsTest object| msConfig function| onContentMeasurementLoaded function| _trackAnalytics function| tmsTrackAnalyticsSendData function| trackAnalyticsEvent object| targetResponses object| targetCardMsmt object| targetCardCatMsmt object| targetCardState object| targetCardOrder function| targetPageParamsAll object| allowed_list string| val object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate object| mboxFactories function| fidMboxCreate function| tntWriteTridionCampaign function| tntWriteTridionCampaignWhenReady string| csExpCall object| obfDPExpMetaData undefined| getExperienceData object| targetResponsesClone function| tntMiddlewareTryAgain function| tntMiddlewareMNO function| tntMiddleWareMNODisplay function| trackClickEvent function| tntMiddleware function| tntMiddlewareWhenReady function| tntMiddlewareGlobalMbox function| tntMiddlewareWhenGlobalMboxReady function| changeTitleTCMID function| getCreativeMiddleware function| creativeMiddlewareWhenReady function| tntValidateCreativeURI function| tntMiddlewareCreativeURL function| Visitor object| s_c_il number| s_c_in object| visitor object| targetExperiences object| GLANCE_COBROWSE string| PIGlobalNav_WWWHOST string| PIGlobalNav_ACTIVEQUOTE_HOST string| PIGlobalNav_ERESEARCH_HOST string| PIGlobalNav_RESEARCHTOOLS_HOST object| PGNBProperties undefined| $ undefined| jQuery object| NavBar function| $nav function| tmsSendIEventTag function| tmsSendIPageTag function| tmsSendCustomIEventTag function| tmsSendCustomIEventTagNew object| ivs function| AppMeasurement_Module_AudienceManagement function| AppMeasurement number| s_objectID number| s_giq

28 Cookies

Domain/Path Name / Value
esescouture.com/ Name: PHPSESSID
Value: 2c25592ca726ae04849fabd0af724ccc
www.fidelity.com/ Name: akaalb_www_binpublic_alb
Value: ~op=EAST_AWS_WWW:WWW-EAST|~rv=74~m=WWW-EAST:0|~os=f1162b9d355bd32846e2d2dc4b3e9a05~id=92d291e9cb674d24075bfd6dda628520
.esescouture.com/ Name: language
Value: en-gb
.esescouture.com/ Name: currency
Value: INR
.demdex.net/ Name: demdex
Value: 10691766018175968151614367276706325347
esescouture.com/ Name: AMCVS_EDCF01AC512D2B770A490D4C%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YZZroQAAAKAepwQp
.dpm.demdex.net/ Name: dpm
Value: 10691766018175968151614367276706325347
esescouture.com/ Name: AMCV_EDCF01AC512D2B770A490D4C%40AdobeOrg
Value: -330454231%7CMCIDTS%7C18950%7CMCMID%7C04717517012128634422178308063438420798%7CMCAAMLH-1637852705%7C6%7CMCAAMB-1637852705%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1637255105s%7CNONE%7CMCSYNCSOP%7C411-18957%7CMCAID%7CNONE%7CvVersion%7C3.1.2
.rlcdn.com/ Name: rlas3
Value: KDqg/CcCpArpaeySyMf6fsuLD5C9+pq/aCzOkNjufzU=
.rlcdn.com/ Name: pxrc
Value: CKHX2YwGEgUI6AcQABIGCPHrARAA
.adnxs.com/ Name: uuid2
Value: 3440667897540966672
.doubleclick.net/ Name: IDE
Value: AHWqTUmPbCXmO7CAgZVCN4v4rDwqsERY2-je0763VeDo2o99CsxCdIqVgKk5oSmYod8
.bing.com/ Name: MUID
Value: 3DF9A1E0218E65C836DCB113205C6452
esescouture.com/ Name: OCSESSID
Value: 4a14690c8142b22974321be336
.twitter.com/ Name: personalization_id
Value: "v1_1Llof+Agnabs4R4uPCLGQQ=="
.casalemedia.com/ Name: CMID
Value: YZZrourXdL4tIwR32GtipgAA
.casalemedia.com/ Name: CMPS
Value: 5209
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2E>4m@*.k!]tbPl1MwL(!R7qUY$*a@+N.?YWJXsDvs?XD#L.kqWo4G/X%W#.wL5oa9/sZwfzrVag-)x<wEexQ67Oe!@Gjl*]I)b
.openx.net/ Name: i
Value: a1f9c07d-4f66-43aa-9a40-622a24d0da34|1637247906
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YZZroQAAAKAepwQp&KRTB&22978-YZZroQAAAKAepwQp&KRTB&23194-YZZroQAAAKAepwQp&KRTB&23209-YZZroQAAAKAepwQp
.pubmatic.com/ Name: PugT
Value: 1637247906
.pubmatic.com/ Name: PUBMDCID
Value: 3
.spotxchange.com/ Name: audience
Value: ea7c888e-4880-11ec-a79e-1d21b9eb0206
.demdex.net/ Name: dextp
Value: 60-1-1637247905389|358-1-1637247905490|477-1-1637247905591|771-1-1637247905693|1123-1-1637247905793|1957-1-1637247905895|144228-1-1637247905996|144229-1-1637247906097|144230-1-1637247906198|144231-1-1637247906299|144232-1-1637247906400|144233-1-1637247906500|144234-1-1637247906601|144235-1-1637247906702|144236-1-1637247906803|144237-1-1637247906906
.casalemedia.com/ Name: CMPRO
Value: 1173
.casalemedia.com/ Name: CMRUM3
Value: 5861966ba32760YZZroQAAAKAepwQp
.casalemedia.com/ Name: CMST
Value: YZZro2GWa6MA

7 Console Messages

Source Level URL
Text
network error URL: https://esescouture.com/bin-public/060_www_fidelity_com/js/hp-tabset.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://esescouture.com/bin-public/060_www_fidelity_com/css/HP_Master-CSS%5B1%5D.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://esescouture.com/Fidelity/(Line 193)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://nexus.ensighten.com/fidelity/prod/Bootstrap.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://esescouture.com/Fidelity/(Line 193)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://nexus.ensighten.com/fidelity/prod/Bootstrap.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://esescouture.com/bin-public/060_www_fidelity_com/css/seo-footer.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://esescouture.com/bin-public/060_www_fidelity_com/css/hp_ret-score-style.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://esescouture.com/bin-public/060_www_fidelity_com/css/hp-tabset.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
assets.fidelity.com
c.bing.com
cm.everesttech.net
cm.g.doubleclick.net
dmt.fidelity.com
dpm.demdex.net
dsum-sec.casalemedia.com
esescouture.com
fidelity.demdex.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
nexus.ensighten.com
pixel.rubiconproject.com
rtd-tm.everesttech.net
rtd.tubemogul.com
sitecatalyst.fidelity.com
storage.glancecdn.net
sync-tm.everesttech.net
sync.search.spotxchange.com
us-u.openx.net
www.facebook.com
www.fidelity.com
www.glancecdn.net
esescouture.com
104.244.42.195
142.250.186.34
151.101.130.49
151.101.66.49
18.197.253.20
185.64.190.80
185.94.180.126
192.163.196.246
2.16.186.185
2.16.186.200
2.16.186.211
2.16.186.216
2.18.234.21
2600:9000:206f:c800:d:addc:2400:93a1
2620:1ec:c11::200
2a03:2880:f11c:8183:face:b00c:0:25de
34.98.64.218
35.175.86.79
35.244.174.68
37.252.172.45
52.16.165.61
52.50.54.3
52.51.58.216
69.173.144.139
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
19b399504472722d29b53e85751d99089d6f98c18ba73931dfbbbe251c4e07a9
1a66ddf47eed0d8b3967e6dac81c875341345ac95af542ef34a10ace5d900278
25aac3c0244fdf4d9f9ddae3db3049ca21dffef72043f769fcde8fb4fda14245
3280a25a3c82cd2a29b6c5e18aee0c341e10b5cc381b59eef1bd4ea01219e54c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc05c27abfa1e910ec66dc917aedeae9c0b36c49a30bf16221c5b800626d7f7
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c01f555520eecb417157c4d18e367c9c9637886e2caeb514c82df4c87274acd
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
87764cf2de53fe063f413bbbe2f22f217198367a5512f851270796d17e7b5b56
92ea6d26d5ee6c1cf58a25d4c6d743d46b08b96c1b037750c1b29ac3ae51a3ac
a458e7d5f78e768334824e9f97f2d362e10a86ee84b3fc9fb9d0441d65f9266d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bf9b994a6cd28fa4493ce01066438decd0b7e8727cfd33933b09241e689bd7a6
c79b53a4c184b6aa42a77baa110706393290f7ae82ea209ce6f11407ace48b24
ce76ac7a474ffa9278eebe349731d6092b0a994fcfbf91fa6d06bde5a9a525a6
d680a122778fabd321ddecc83f359b0a3f058e661918192bee03f7039270c938
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e90598ea92620b5e2df2b055f3f50ed64a70aaada4266a3914d8822f514b6095
ec1a416ecdb7b44747a62f6c9d629dcfa941419484fad7d37e3cf720054c676e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f55b9d9ac7bc2eb4528447bd8928c9469428956b6bbc9759656e517a44dea2ab