www.aboutchet.com
Open in
urlscan Pro
2.16.186.202
Malicious Activity!
Public Scan
Effective URL: https://www.aboutchet.com/
Submission: On April 05 via api from US
Summary
TLS certificate: Issued by Entrust Certification Authority - L1M on February 5th 2021. Valid for: a year.
This is the only time www.aboutchet.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fidelity (Banking)Domain & IP information
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-202.deploy.static.akamaitechnologies.com
www.aboutchet.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a84-53-140-34.deploy.static.akamaitechnologies.com
dmt.fidelity.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-148-199.deploy.static.akamaitechnologies.com
www.fidelity.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a84-53-140-104.deploy.static.akamaitechnologies.com
scs.fidelity.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-133-54.eu-west-1.compute.amazonaws.com
fmrcorp.tt.omtrdc.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-252-43.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-152-233.eu-west-1.compute.amazonaws.com
fidelity.demdex.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-155-142.deploy.static.akamaitechnologies.com
sitecatalyst.fidelity.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-11-244.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com |
ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-144-182.deploy.static.akamaitechnologies.com
assets.fidelity.com |
ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
cm.g.doubleclick.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN13335 (CLOUDFLARENET, US)
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com |
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net |
Domain | Requested by | |
---|---|---|
37 | www.aboutchet.com |
www.aboutchet.com
|
9 | sync-tm.everesttech.net | 9 redirects |
8 | dpm.demdex.net |
dmt.fidelity.com
www.aboutchet.com |
5 | www.fidelity.com |
www.aboutchet.com
|
4 | www.googletagmanager.com |
dmt.fidelity.com
www.googletagmanager.com |
3 | cm.g.doubleclick.net | 2 redirects |
3 | assets.fidelity.com |
www.aboutchet.com
|
3 | ib.adnxs.com | 2 redirects |
3 | idsync.rlcdn.com |
2 redirects
fidelity.demdex.net
|
3 | nexus.ensighten.com |
dmt.fidelity.com
www.aboutchet.com |
2 | sync.search.spotxchange.com | 1 redirects |
2 | us-u.openx.net | 1 redirects |
2 | dsum-sec.casalemedia.com | 1 redirects |
2 | www.google.de | |
2 | www.google.com | |
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
2 | sitecatalyst.fidelity.com |
dmt.fidelity.com
nexus.ensighten.com |
2 | fmrcorp.tt.omtrdc.net |
dmt.fidelity.com
|
2 | scs.fidelity.com |
www.aboutchet.com
scs.fidelity.com |
1 | www.facebook.com | |
1 | image2.pubmatic.com | |
1 | pixel.rubiconproject.com | |
1 | rtd-tm.everesttech.net | |
1 | rtd.tubemogul.com | 1 redirects |
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | c.bing.com | 1 redirects |
1 | zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com |
dmt.fidelity.com
|
1 | analytics.twitter.com |
www.aboutchet.com
|
1 | cm.everesttech.net | 1 redirects |
1 | fidelity.demdex.net |
dmt.fidelity.com
|
1 | dmt.fidelity.com |
www.aboutchet.com
|
1 | blog.ctchet.com | 1 redirects |
0 | clixqa4.fmr.com Failed |
nexus.ensighten.com
|
90 | 35 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
pi-vanity2.fidelity.com Entrust Certification Authority - L1M |
2021-02-05 - 2022-02-05 |
a year | crt.sh |
dmt.fidelity.com Entrust Certification Authority - L1M |
2021-03-22 - 2022-04-21 |
a year | crt.sh |
www.fidelity.com Entrust Certification Authority - L1M |
2020-01-10 - 2022-01-10 |
2 years | crt.sh |
scs.fidelity.com Entrust Certification Authority - L1M |
2021-03-30 - 2022-04-29 |
a year | crt.sh |
*.tt.omtrdc.net DigiCert SHA2 Secure Server CA |
2020-11-02 - 2021-11-09 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
investments.fidelity.com Entrust Certification Authority - L1M |
2020-11-07 - 2021-12-06 |
a year | crt.sh |
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA |
2021-02-25 - 2022-03-28 |
a year | crt.sh |
dpcs.fidelity.com Entrust Certification Authority - L1M |
2019-05-08 - 2021-05-08 |
2 years | crt.sh |
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-02-05 - 2022-02-04 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
*.qualtrics.com DigiCert SHA2 Secure Server CA |
2020-10-26 - 2021-11-26 |
a year | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-03-16 - 2021-06-08 |
3 months | crt.sh |
g2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2021-03-24 - 2021-04-25 |
a month | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-18 - 2022-01-18 |
a year | crt.sh |
san.casalemedia.com GeoTrust RSA CA 2018 |
2021-02-05 - 2022-02-09 |
a year | crt.sh |
*.adnxs.com GeoTrust ECC CA 2018 |
2021-03-05 - 2022-02-19 |
a year | crt.sh |
*.openx.net GeoTrust RSA CA 2018 |
2020-06-18 - 2021-08-17 |
a year | crt.sh |
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1 |
2020-12-07 - 2021-12-14 |
a year | crt.sh |
*.search.spotxchange.com GeoTrust RSA CA 2018 |
2019-03-20 - 2021-04-21 |
2 years | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-02-10 - 2021-05-10 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.aboutchet.com/
Frame ID: EF171695E15306358C535EBD8B1873BC
Requests: 79 HTTP requests in this frame
Frame:
https://fidelity.demdex.net/dest5.html?d_nsid=0
Frame ID: BABF6EF99DA86D5336647B2AA341C3A2
Requests: 17 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://blog.ctchet.com/wp-login.php
HTTP 301
https://www.aboutchet.com/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
ZURB Foundation (Web Frameworks) Expand
Detected patterns
- html /<link[^>]+foundation[^>"]+css/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Ensighten (Tag Managers) Expand
Detected patterns
- script /\/\/nexus\.ensighten\.com\//i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
123 Outgoing links
These are links going to different origins than the main page.
Title: Fidelity.com Home
Search URL Search Domain Scan URL
Title: Customer Service
Search URL Search Domain Scan URL
Title: Profile
Search URL Search Domain Scan URL
Title: Open an Account
Search URL Search Domain Scan URL
Title: Refer a Friend
Search URL Search Domain Scan URL
Title: Log In
Search URL Search Domain Scan URL
Title: Log Out
Search URL Search Domain Scan URL
Title: Portfolio Log In Required
Search URL Search Domain Scan URL
Title: Portfolio
Search URL Search Domain Scan URL
Title: AccountPositions Log In Required
Search URL Search Domain Scan URL
Title: AccountPositions
Search URL Search Domain Scan URL
Title: Trade Log In Required
Search URL Search Domain Scan URL
Title: Trade
Search URL Search Domain Scan URL
Title: Active Trader Pro
Search URL Search Domain Scan URL
Title: Transfers
Search URL Search Domain Scan URL
Title: Cash Management Log In Required
Search URL Search Domain Scan URL
Title: Bill Pay Log In Required
Search URL Search Domain Scan URL
Title: Full View Log In Required
Search URL Search Domain Scan URL
Title: Security Settings Log In Required
Search URL Search Domain Scan URL
Title: Account Features Log In Required
Search URL Search Domain Scan URL
Title: Account Features
Search URL Search Domain Scan URL
Title: Statements Log In Required
Search URL Search Domain Scan URL
Title: Tax Forms & Information
Search URL Search Domain Scan URL
Title: Retirement DistributionsLog In Required
Search URL Search Domain Scan URL
Title: Fidelity Rewards+Log In Required
Search URL Search Domain Scan URL
Title: New Account ChecklistLog In Required
Search URL Search Domain Scan URL
Title: What We Offer
Search URL Search Domain Scan URL
Title: My Goals
Search URL Search Domain Scan URL
Title: Financial Basics
Search URL Search Domain Scan URL
Title: Building Savings
Search URL Search Domain Scan URL
Title: Robo Investing Plus Financial Advice
Search URL Search Domain Scan URL
Title: Wealth Management
Search URL Search Domain Scan URL
Title: Find an advisor
Search URL Search Domain Scan URL
Title: Retirement
Search URL Search Domain Scan URL
Title: Life Events
Search URL Search Domain Scan URL
Title: News
Search URL Search Domain Scan URL
Title: Watch List Log In Required
Search URL Search Domain Scan URL
Title: Quotes
Search URL Search Domain Scan URL
Title: Quotes
Search URL Search Domain Scan URL
Title: Alerts Log In Required
Search URL Search Domain Scan URL
Title: Mutual Funds
Search URL Search Domain Scan URL
Title: Stocks
Search URL Search Domain Scan URL
Title: Fixed Income, Bonds & CDs
Search URL Search Domain Scan URL
Title: ETFs
Search URL Search Domain Scan URL
Title: Options
Search URL Search Domain Scan URL
Title: Markets & Sectors
Search URL Search Domain Scan URL
Title: IPOs
Search URL Search Domain Scan URL
Title: Annuities
Search URL Search Domain Scan URL
Title: Learning Center
Search URL Search Domain Scan URL
Title: Notebook
Search URL Search Domain Scan URL
Title: Notebook
Search URL Search Domain Scan URL
Title: Mutual Funds
Search URL Search Domain Scan URL
Title: Retirement & IRAs
Search URL Search Domain Scan URL
Title: Trading
Search URL Search Domain Scan URL
Title: Stocks
Search URL Search Domain Scan URL
Title: Fixed Income, Bonds & CDs
Search URL Search Domain Scan URL
Title: ETFs
Search URL Search Domain Scan URL
Title: Options
Search URL Search Domain Scan URL
Title: Sector Investing
Search URL Search Domain Scan URL
Title: Cash Management & Credit Cards
Search URL Search Domain Scan URL
Title: Managed Accounts
Search URL Search Domain Scan URL
Title: 529 College Savings
Search URL Search Domain Scan URL
Title: Health Savings Account
Search URL Search Domain Scan URL
Title: Annuities
Search URL Search Domain Scan URL
Title: Life Insurance & Long Term Care
Search URL Search Domain Scan URL
Title: Charitable Giving
Search URL Search Domain Scan URL
Title: The Fidelity Advantage
Search URL Search Domain Scan URL
Title: Planning & Advice
Search URL Search Domain Scan URL
Title: Trading
Search URL Search Domain Scan URL
Title: Straightforward Pricing
Search URL Search Domain Scan URL
Title: Insights & Tools
Search URL Search Domain Scan URL
Title: Security & Protection
Search URL Search Domain Scan URL
Title: About Fidelity
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Learn more about the CHET transition and account activation
Search URL Search Domain Scan URL
Title: Home
Search URL Search Domain Scan URL
Title: Find out what you'll need before you open an accountOpens in a new window
Search URL Search Domain Scan URL
Title: Open a CHET account
Search URL Search Domain Scan URL
Title: Log in to your CHET accountLog In Required
Search URL Search Domain Scan URL
Title: Plan details
Search URL Search Domain Scan URL
Title: Investment options
Search URL Search Domain Scan URL
Title: CHET Plan FAQs
Search URL Search Domain Scan URL
Title: Baby Scholars
Search URL Search Domain Scan URL
Title: Ayuda en Español
Search URL Search Domain Scan URL
Title: Fund your accountLog In Required
Search URL Search Domain Scan URL
Title: Set up automatic contributions
Search URL Search Domain Scan URL
Title: Invite friends and family to gift
Search URL Search Domain Scan URL
Title: Learn about college planning
Search URL Search Domain Scan URL
Title: See if you're on track
Search URL Search Domain Scan URL
Title: Learn more about the CHET transition and account activation
Search URL Search Domain Scan URL
Title: Find out more about the state sponsor
Search URL Search Domain Scan URL
Title: Como Ahorrar Para La Educación Superior (PDF)
Search URL Search Domain Scan URL
Title: Abre una cuenta CHET
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Fact Kit
Search URL Search Domain Scan URL
Title: Bonds
Search URL Search Domain Scan URL
Title: CDs
Search URL Search Domain Scan URL
Title: Investor Centers
Search URL Search Domain Scan URL
Title: Small Business Retirement Plans
Search URL Search Domain Scan URL
Title: Guest Access
Search URL Search Domain Scan URL
Title: FidSafe
Search URL Search Domain Scan URL
Title: FINRA's BrokerCheck
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: YouTube
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Fidelity Mobile®
Search URL Search Domain Scan URL
Title: Refer a Friend
Search URL Search Domain Scan URL
Title: News Releases
Search URL Search Domain Scan URL
Title: International
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Disclosures
Search URL Search Domain Scan URL
Title: application and supporting documents
Search URL Search Domain Scan URL
Title: Learn more
Search URL Search Domain Scan URL
Title: View information
Search URL Search Domain Scan URL
Title: This guide (PDF)
Search URL Search Domain Scan URL
Title: MSRB.orgOpens in a new window
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://blog.ctchet.com/wp-login.php
HTTP 301
https://www.aboutchet.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 42- https://cm.everesttech.net/cm/dd?d_uuid=62111633234118120304467770110946450066 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YGtJWwAAAFjHHgLs
- https://idsync.rlcdn.com/365868.gif?partner_uid=62111633234118120304467770110946450066 HTTP 307
- https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNjIxMTE2MzMyMzQxMTgxMjAzMDQ0Njc3NzAxMTA5NDY0NTAwNjYQABoNCNySrYMGEgUI6AcQAEIASgA HTTP 307
- https://dpm.demdex.net/ibs:dpid=477&dpuuid=86726121ed5482194431f28c26507b3b3df8b2e3a8a9c2d039afedab93348d00b0da87c991749652
- https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
- https://dpm.demdex.net/ibs:dpid=358&dpuuid=4613550101463487195
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjIxMTE2MzMyMzQxMTgxMjAzMDQ0Njc3NzAxMTA5NDY0NTAwNjY= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjIxMTE2MzMyMzQxMTgxMjAzMDQ0Njc3NzAxMTA5NDY0NTAwNjY=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEFmJI7osd5mTJijiaiaeMuQ&google_cver=1?gdpr=0&gdpr_consent=
- https://c.bing.com/c.gif?uid=62111633234118120304467770110946450066&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=1957&dpuuid=26C889BD405065771ED499AD4182649F
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dpm.demdex.net/ibs:dpid=782&dpuuid=YGtJWwAAAFjHHgLs
- https://rtd.tubemogul.com/migrate_et3/ HTTP 302
- https://rtd-tm.everesttech.net/migrate_et3/
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WUd0Sld3QUFBRmpISGdMcw==
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YGtJWwAAAFjHHgLs&expires=90
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YGtJWwAAAFjHHgLs HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YGtJWwAAAFjHHgLs&C=1
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=YGtJWwAAAFjHHgLs
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=YGtJWwAAAFjHHgLs HTTP 302
- https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YGtJWwAAAFjHHgLs
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YGtJWwAAAFjHHgLs
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YGtJWwAAAFjHHgLs&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YGtJWwAAAFjHHgLs&img=1&__user_check__=1&sync_id=b5c20a33-9634-11eb-8d65-1669d4c94806
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://www.facebook.com/fr/b.php?p=1531105787105294&e=YGtJWwAAAFjHHgLs&t=2592000&o=0
90 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.aboutchet.com/ Redirect Chain
|
89 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-head.min.js
www.aboutchet.com/bin-public/060_www_fidelity_com/js/ |
108 KB 39 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
dmt.fidelity.com/prod/meas/ |
708 KB 204 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
foundation-responsive-main.css
www.aboutchet.com/bin-public/060_www_fidelity_com/css/ |
1 MB 554 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
WF_Master-CSS.css
www.aboutchet.com/bin-public/060_www_fidelity_com/css/ |
15 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fix-table-text-elements.css
www.aboutchet.com/bin-public/060_www_fidelity_com/css/ |
1 KB 788 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nav-07.18.min.css
www.fidelity.com/bin-public/060_www_fidelity_com/css/ |
34 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nav-07.18.min.js
www.fidelity.com/bin-public/060_www_fidelity_com/js/ |
101 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
closex_blk_big.gif
www.aboutchet.com/bin-public/060_www_fidelity_com/images/css/ |
283 B 621 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tax_advantages_icon.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/icon-images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flex_use_funds_icon.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/icon-images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
investment_choices_icon.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/icon-images/ |
555 B 894 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
account_details_icon.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/icon-images/ |
588 B 928 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1_icon.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/college-529/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_icon.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/college-529/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3_icon.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/college-529/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Shawn_Wooden_circle.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/college-529/ |
51 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chet-baby-scholars_logo.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/college-529/ |
60 KB 61 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scholarship-cap.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/college-529/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
call.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/icon/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
newspaper-folded.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/icon/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkedin.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/ |
592 B 930 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
youtube.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/ |
482 B 820 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twitter-icon.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/ |
546 B 888 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/ |
550 B 888 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fidelity-mobile-icon.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
refer-social.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/ |
964 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Fidelity-footer-logo.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dojo.xd.js
www.fidelity.com/rct/2.0.0/dojo/dojo/ |
91 KB 36 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rct-ui.js
www.fidelity.com/rct/2.0.0/rct-ui/ |
78 KB 23 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddedquotes.js.shtml
scs.fidelity.com/common/always-cached/embeddedquotes/1.0/js/ |
15 KB 6 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
www.aboutchet.com/bin-public/060_www_fidelity_com/js/ |
79 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-body.min.js
www.aboutchet.com/bin-public/060_www_fidelity_com/js/ |
165 KB 40 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form-validation.min.js
www.aboutchet.com/bin-public/060_www_fidelity_com/js/ |
37 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a005aa18farn19019db784575101bc28
www.aboutchet.com/resource/ |
89 KB 19 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/ |
142 B 444 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serverComponent.php
nexus.ensighten.com/fidelity/prod/ |
293 B 436 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9fe31d363086eef07b9fa8a7fdd7765b.js
nexus.ensighten.com/fidelity/prod/code/ |
168 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
dest5.html
fidelity.demdex.net/ Frame BABF |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
sitecatalyst.fidelity.com/ |
89 B 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YGtJWwAAAFjHHgLs
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
4 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=477&dpuuid=86726121ed5482194431f28c26507b3b3df8b2e3a8a9c2d039afedab93348d00b0da87c991749652
dpm.demdex.net/ Frame BABF Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=358&dpuuid=4613550101463487195
dpm.demdex.net/ Frame BABF Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
365868.gif
idsync.rlcdn.com/ Frame BABF |
42 B 317 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
846 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
518 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
212 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FidelitySans-Regular.woff
assets.fidelity.com/fonts/ |
49 KB 50 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
json
fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/ |
142 B 444 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
52 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
print.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/css/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/css/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
share_blue.gif
www.aboutchet.com/bin-public/060_www_fidelity_com/images/css/ |
60 B 399 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
529-CT_ov_L.jpg
www.fidelity.com/bin-public/060_www_fidelity_com/images/college-529/ |
278 KB 279 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popup.gif
www.aboutchet.com/bin-public/060_www_fidelity_com/images/css/ |
122 B 460 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock-blue.jpg
www.aboutchet.com/bin-public/060_www_fidelity_com/images/css/ |
215 B 553 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FidelitySans-Light.woff
assets.fidelity.com/fonts/ |
52 KB 53 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FidelitySans-Bold.woff
assets.fidelity.com/fonts/ |
46 KB 47 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEFmJI7osd5mTJijiaiaeMuQ&google_cver=1
dpm.demdex.net/ Frame BABF Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Footer_BG.png
www.aboutchet.com/bin-public/060_www_fidelity_com/images/css/ |
91 B 430 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grey-pipe-sm.gif
www.aboutchet.com/bin-public/060_www_fidelity_com/images/css/ |
44 B 381 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embeddedquotes.css
scs.fidelity.com/products/embeddedquotes/css/ |
16 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsct
analytics.twitter.com/i/ Frame BABF |
43 B 576 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
119 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
60 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
s1894433908789
sitecatalyst.fidelity.com/b/ss/fidelitycom/10/JS-2.9.0/ |
4 KB 3 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
88 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
60 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=1957&dpuuid=26C889BD405065771ED499AD4182649F
dpm.demdex.net/ Frame BABF Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
97 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
88 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
js
www.googletagmanager.com/gtag/ |
88 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
35 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
clix
clixqa4.fmr.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
2 B 67 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=782&dpuuid=YGtJWwAAAFjHHgLs
dpm.demdex.net/ Frame BABF Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1053708818/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 89 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/1053708818/ |
42 B 138 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/1053708818/ |
42 B 154 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
rtd-tm.everesttech.net/migrate_et3/ Frame BABF Redirect Chain
|
0 319 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
pixel
cm.g.doubleclick.net/ Frame BABF Redirect Chain
|
170 B 224 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame BABF Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rum
dsum-sec.casalemedia.com/ Frame BABF Redirect Chain
|
43 B 1003 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
setuid
ib.adnxs.com/ Frame BABF Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame BABF Redirect Chain
|
43 B 180 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Pug
image2.pubmatic.com/AdServer/ Frame BABF Redirect Chain
|
1 B 809 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame BABF Redirect Chain
|
43 B 548 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b.php
www.facebook.com/fr/ Frame BABF Redirect Chain
|
43 B 504 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- clixqa4.fmr.com
- URL
- https://clixqa4.fmr.com/clix
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fidelity (Banking)245 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| fmrProductid string| SCS_DOMAIN string| CTCB_Host string| PROACTIVE_CHAT_DOMAIN string| measurementDomain string| WWW_HOST string| DPCS_HOST string| pgCorePageTitle string| pgCorePageDescription object| Modernizr object| html5 function| yepnope function| $ function| jQuery object| ensBootstraps object| Bootstrapper function| dmtParseCookie undefined| dmtPropertiesAudiences object| dmtWLPendo object| dmtPropertiesWhitelist object| dmtConfig object| dmtData function| dmtStatus function| vendorStatus object| dmtVariables function| _pageLoadApp function| variableListCallback function| $defineData object| regeneratorRuntime function| callTarget object| _dmt function| startMeasurement function| paintContent object| FidMsmt boolean| _adobeProfileUpdate function| _log object| _console number| perfTestInitTime object| _enslog function| $data function| $globals function| $getData boolean| disableLegacyTags object| tmsConfig function| tmsGetCookieValue function| tmsSetCookieValue function| resetCVI function| tmsStripNBSuites function| tmsStripCustomerOnlySuite function| asyncLibsTest object| msConfig function| onContentMeasurementLoaded function| _trackAnalytics function| tmsTrackAnalyticsSendData function| trackAnalyticsEvent object| targetResponses object| targetCardMsmt object| targetCardCatMsmt object| targetCardState object| targetCardOrder function| targetPageParamsAll object| allowed_list string| val object| adobe object| _AT function| mboxCreate function| mboxDefine function| mboxUpdate object| mboxFactories function| fidMboxCreate function| tntWriteTridionCampaign function| tntWriteTridionCampaignWhenReady string| csExpCall object| obfDPExpMetaData undefined| getExperienceData object| targetResponsesClone function| tntMiddlewareTryAgain function| tntMiddlewareMNO function| tntMiddleWareMNODisplay function| trackClickEvent function| tntMiddleware function| tntMiddlewareWhenReady function| tntMiddlewareGlobalMbox function| tntMiddlewareWhenGlobalMboxReady function| changeTitleTCMID function| getCreativeMiddleware function| creativeMiddlewareWhenReady function| tntValidateCreativeURI function| tntMiddlewareCreativeURL function| Visitor object| s_c_il number| s_c_in object| visitor function| AppMeasurement_Module_AudienceManagement function| AppMeasurement number| s_objectID number| s_giq function| tmsSendIEventTag function| tmsSendIPageTag function| tmsSendCustomIEventTag function| tmsSendCustomIEventTagNew object| ivs string| PIGlobalNav_WWWHOST string| PIGlobalNav_ACTIVEQUOTE_HOST string| PIGlobalNav_ERESEARCH_HOST string| PIGlobalNav_RESEARCHTOOLS_HOST object| PGNBProperties object| NavBar function| $nav number| msie object| dojo object| dijit object| dojox object| fmr object| embeddedQuotesConfigVars function| initDefaultEventingImpl object| quoteEventing function| QuoteEventingImpl function| render function| getQuotes function| publishComponents object| fmrParamsCompactValues function| fmrAttachObj object| mgetResponder function| fmrAttach object| GLOBAL_CONFIG function| predisplay function| rePositionSnap function| windowYscroll function| getEQViewWindowSize function| triggerMeasurement object| secAbbreviations function| seedDtt function| advancedlink function| stopEventPopup function| getEventPopup function| loadPrintPreview function| DisplayPopIn function| checkProactiveInvitation function| checkUserProactiveAction function| sourceCheck function| initCarousel function| onDemand function| play function| next function| previous function| rotateText function| showText function| addEllipses function| hideLinkIfNoTruncation function| triggerCarousel function| initializeCarouselOnTabClick function| onFinish function| onError function| shareArticleEmailValidateEmail function| shareArticleEmail function| closePopIn function| populateLessonParameters function| callbackInitialize object| rotatingTextElement object| rotatingText object| ctr object| ondemand object| runningIndex object| rotateId object| delay object| carouselOverlayHeightOnLoad object| articleControl function| trackSocialShare object| FID object| jQuery19005525705513254024 function| getRelativeUrl function| stripTcmString function| showMacPopin object| formValidationRules object| _cf object| jQuery110004124744269626053 object| dl_names object| var_names object| o string| s_account object| s function| s_gi function| tmsReadCVI function| tmsTrackInitialPageView function| tmsResetSelectContextData function| tmsRebuildSCPageName function| tmsNavBarInteraction function| tmsTrackCustomLinks function| tmsTrackCustomLinksWithEvents function| trackPageView function| tmsTrackPageView function| tmsTrackGenericContentChangeAsPV function| tmsTrackGenericContentChangeAsExitPV function| tmsTrackContentChangeAsPV function| tmsTrackGenericInteraction function| tmsTrackInteraction function| tmsTrackSocialShare function| tmsTrackContacts function| tmsTrackContentInteraction function| tmsTrackCustomGenericContentChangeAsPV function| tmsTrackCustomContentChangeAsPV function| tmsTrackCustomPermGenericContentChangeAsPV function| tmsTrackCustomPermContentChangeAsPV function| tmsTrackSearchResultInteraction function| tmsTrackSearchModuleInteraction function| tmsTrackInvestorCenter function| tmsTrackInvestorCenterCTC function| DIL string| key string| a string| qp object| targetMeasurementNames string| s_tnt function| _buildTransaction function| addTransactionsToProduct object| s_i_fidelitycom function| tmsTrackCustomQuotePV function| tmsSetupLegacyTracking number| perfTestLoadedTime function| old_write object| google_tag_manager object| dataLayer function| gtag object| google_tag_data string| GoogleAnalyticsObject function| ga object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.47.0 object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.demdex.net/ | Name: demdex Value: 62111633234118120304467770110946450066 |
|
.aboutchet.com/ | Name: s_sess Value: %20s_cc%3Dtrue%3B |
|
.aboutchet.com/ | Name: s_pers Value: %20visitStart%3D1617643868652%7C1649179868652%3B%20gpv_c11%3DFid.com%2520web%257C529-plans%257CConnecticut%2520College%2520Savings%2520Plan%7C1617645668664%3B |
|
www.aboutchet.com/ | Name: akaalb_www_binpublic_alb Value: ~op=EAST_AWS_WWW:WWW-EAST|~rv=61~m=WWW-EAST:0|~os=45c9bcc5fd425e50984cc9659e26881d~id=5163ae7765b430ad997be0987a5b034c |
|
.aboutchet.com/ | Name: AMCVS_EDCF01AC512D2B770A490D4C%40AdobeOrg Value: 1 |
|
.aboutchet.com/ | Name: mbox Value: session#1b8f48f88def4b079d600b1abf62da22#1617645729|PC#1b8f48f88def4b079d600b1abf62da22.37_0#1680888669 |
|
.aboutchet.com/ | Name: AMCV_EDCF01AC512D2B770A490D4C%40AdobeOrg Value: -330454231%7CMCIDTS%7C18723%7CMCMID%7C68049324149288854753917341019520615119%7CMCAAMLH-1618248668%7C6%7CMCAAMB-1618248668%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1617651067s%7CNONE%7CMCAID%7C3035A4ADD49ACAA3-400003EA84E9D6D0%7CMCSYNCSOP%7C411-18730%7CvVersion%7C3.1.2 |
|
.demdex.net/ | Name: dextp Value: 60-1-1617643868054|358-1-1617643868155|477-1-1617643868256|771-1-1617643868434|1123-1-1617643868535|1957-1-1617643868692 |
|
.aboutchet.com/ | Name: check Value: true |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.twitter.com
assets.fidelity.com
blog.ctchet.com
c.bing.com
clixqa4.fmr.com
cm.everesttech.net
cm.g.doubleclick.net
dmt.fidelity.com
dpm.demdex.net
dsum-sec.casalemedia.com
fidelity.demdex.net
fmrcorp.tt.omtrdc.net
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
nexus.ensighten.com
pixel.rubiconproject.com
rtd-tm.everesttech.net
rtd.tubemogul.com
scs.fidelity.com
sitecatalyst.fidelity.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
us-u.openx.net
www.aboutchet.com
www.facebook.com
www.fidelity.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
zncvgjh8lmjxbkyln-fmrpi.siteintercept.qualtrics.com
clixqa4.fmr.com
104.17.208.240
104.244.42.195
142.250.185.226
151.101.14.49
151.101.2.49
165.160.15.20
172.217.16.130
18.195.42.228
184.30.20.241
185.33.221.52
185.64.189.110
185.94.180.125
2.16.186.202
23.79.144.182
23.79.148.199
23.79.155.142
2620:1ec:c11::200
2a00:1450:4001:800::2008
2a00:1450:4001:801::2002
2a00:1450:4001:803::2004
2a00:1450:4001:808::2003
2a00:1450:4001:809::2008
2a00:1450:4001:811::200e
2a00:1450:400c:c1b::9a
2a03:2880:f11c:8183:face:b00c:0:25de
3.250.252.43
34.98.64.218
35.244.174.68
52.19.133.54
63.32.152.233
69.173.144.165
84.53.140.104
84.53.140.34
99.81.11.244
00e110f0cdec5852ff08cc9ff0608acf1bb98f7e25589cde44165f8bd54cb482
021ecc4b40ba6752d0770862fecd74029b1e4ebfa770d21b568c73fbe2cffe7f
02dd9a5052bc38176eca1f1d0a867bea15768d347c3c8cc4c0d83e5f87e4c1c9
07391d29cb258d64de07654b5555ffbad3b3a909d8e0cbb795b516956826a718
0a49d9816965b1923e2185ca64e06ac2630ea7bff08af262741649284a9a3467
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eb4ab2015f0149581119377cf8e231c5c13b581fb2438508977f9b41cc34191
1120f40c2d90fd98dfcece561495f382b3c39881d2ee0d0c65352e2986a068aa
125f717de6216901745e8df6f3c77de292e98caa8b6d1aa46de3f2170565d698
12e39b66d79249e067ca649b04f7a6955023d0230a75f65d15a3f45990e4204c
169e4a55700a018da73704e5273e511aa994e68f9b7a0f4e725c0d0563bdc54f
174315c691cb59983a37ad08c38238205bf1cc30c9886d237043d00ab29c4a9c
1aa2b7e9cc84e23bd4ed3b554378b09783b71a24000bef09fa92b2c3e0a397ca
1c63d18eb7183a56bdb7bd2178e6e6fdd54b1bcf4b0e7737273be170b3eb99fe
1d899eac83f19255af37c438b8ef8b5256c2b3536e74af14ca457a632b3da541
254f5f64681f2bb5613205f012a4451f3ca92f24aaae2e3fb82c78324d75c757
25aac3c0244fdf4d9f9ddae3db3049ca21dffef72043f769fcde8fb4fda14245
288eb4b09b1775f014ececaab46f0bcd0176d7d3ddff85abef80b3ee8987d351
28cecbfca60ce5d5e167becfd276f95dd44ba620356122dcc8b42503835e96e4
294b54bb84b38d8aeb12a83a48c8c045f133db7129b4e3966f2bfa9d8e81697b
2a59ef5a091700f87859f1af73616562219bf54a9dd4eb3ce5db3515f837d713
3280a25a3c82cd2a29b6c5e18aee0c341e10b5cc381b59eef1bd4ea01219e54c
377dffcb29ed01327a552c58cc827a9ce6293653e87fd6a5b1d252386f2c7f22
3ad6a9c43cbb8bfed02b057385d8cb844cd430b7a97218a8862c79d98bba5fd9
3cea86cea5d2cfa201401b02f5657c2dcbf2be12a5890cee8710f4b0fba1be9d
3da19c376550e72969c3d52db249ffe1b4ad7105c3c0bc9144881d93229e8983
3dd5dff45677301bd28b271e0140b3f81bf00a013a460c19ed95adaf10d20614
3e90a5cd41a9ce632c1737f77e9f7cedfd62f56ffaea47d68acf6f775b8dc4e1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
571f4545fe7fb950eddc51ce68e54b85e377bfe8766673f5ee9dd89b55f34beb
614c1ce513f167ab64960919121ea46a07b1b4f8a33f2d2df82ddab118973358
645e1f1f95aa512d9cb9e774f0f35698bc2a1b349cbfecf79ba893377b3979fe
68da2c466b371ccda332c3fabd2fac73a916fd981c0743474c0b4ea7a0f971b3
6cf57df7286461902bb3b1a3b1f8ba518940d700f04405c00392f3b033ee0666
758d1a984ad90fdea05ac558bef5627e750426b36077a249c49f058e643172d4
762369ef027905c4460c77732863f355750d6f3772c5fa25b9c22e962a350656
76d4c31ca0e69755da0819d7b61687e3599e2718566cc44f89a82a5a564b1c29
78ca9ec9cdab5568fc051293de1d5166019fbdbedc4287498000c4da734755f3
7a124204a5b915cde4e7a57f306db248b599ad0f6c3af510a953cb2fc9c7994f
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
80289660f1fc52bbd34d5768403599c657c8609a598bb442dbb3142b32f36296
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85d4811cdb9e8d5d426c9e31882e124640e0286dbe88aa60e1c6fa8328b3b686
87764cf2de53fe063f413bbbe2f22f217198367a5512f851270796d17e7b5b56
8df2cdbde1437a02b7bcbb3e143abf670528a2bc83415d4d27e001f3d8503e14
92ea6d26d5ee6c1cf58a25d4c6d743d46b08b96c1b037750c1b29ac3ae51a3ac
937306b60f7205812ee20da41d70a373aae8f65fb801436269ecc80a258923d4
9964895c51cb27748da7b3015244b2bcee93647ba77e30bc4660d28a1a25522f
a4d48912945f77a560483b4fd0d4fdcd39f77ab6ade8eb191213fc33eb3646b1
ab7b3d54e6e4b445a45acd1403282b365c71f0d4836a3b6d3ff1d4343d6ce7e4
ac0e77e0d43d46887b0987531b69291f3ec6249b4fcd2beae7dc8637c979587d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af88726f4a3b08660caa98fdb16582c62dee1e54864d04951543c8bf8eab70e0
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55aa83db4b671b33e1a7a0031a4ffa653b22dca37d74f07a27638e680534abb
b6aac815b099552ae14e5c38023bed02ef1b55497ddf87720d5f2ca84e869f69
b7c86eb66d604fc2917d841a82bac633cee497e5bc9b8bf6460827d2f1dd3cdf
bbec0d181e678e2067444f16e3adf9f0f1ab76b56d1214a3b10d4c9a2624d6a1
c1ac3e2910f8945d47a2e10ba549d41248a418c3b91c3de2f4e914af2123694f
c39737a4d1ac207ef7fe347d3b8eaa301dcc18bb0a6aa2160545d80b82c1f5ea
c79b53a4c184b6aa42a77baa110706393290f7ae82ea209ce6f11407ace48b24
c8102af374c1d8043f833ddef2ed1a1a021c988bf6cf19b0249c5fa50824246e
c916720035d5bdedece493122a831bae91dc2bf3ee3a9729125bb1a4815a91fe
c9b805f83dbe1054e87d981e257bf25db736a7290df51b139f71fc24953a92f4
cd3601b2f79f3cccc6333afba636cc8e645f7703257326df7df02497dc09d2df
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dee0231a10703d83caca51875f267f8bcf88c17cc2ae54247224d2066ce02abe
e04ef823c9cfdf23f9a2c424dfd3f98a8157502215596fdec621335eaacc3df3
e248a74399e766b2d1dfa070807e34bdbd49a2abc17156eb4cb5e1d40c651a09
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f198f60160106647954fa9da852ac973cbef6f73e4cd15daf98bfd119e040219
f6c48af75d564858ccaf0b49d14f96a404c0e22e4be3f4fb525c6f8cd988afc5
f6e8031d69a693c763482d26b2c93520a4302215d9365597830ddf3ce8e235f2
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7c79c22b5345e47843b9f1ad2882ab50ed55325f9fcadc1a4bfa309acf70001
fefa4799fdfd73583d50a62cbd6d8f3bb64cb5e41a5a7a68e866e5d4ef7f94e8