urlscan.io logo urlscan.io
SecurityTrails logo

fidelityaap.com Open in urlscan Pro
2.19.96.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.fidelityaap.com/
Effective URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Submission: On January 20 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 12 HTTP transactions. The main IP is 2.19.96.96, located in Düsseldorf, Germany and belongs to AKAMAI-ASN1, NL. The main domain is fidelityaap.com.
TLS certificate: Issued by Entrust Certification Authority - L1M on June 13th 2023. Valid for: a year.
This is the only time fidelityaap.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.86.251.14 20940 (AKAMAI-ASN1)
1 7 2.19.96.96 20940 (AKAMAI-ASN1)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 92.123.104.11 20940 (AKAMAI-ASN1)
12 3
1    184.86.251.14 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-14.deploy.static.akamaitechnologies.com
www.fidelityaap.com
7    2.19.96.96 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-96-96.deploy.static.akamaitechnologies.com
fidelityaap.com
5    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    92.123.104.11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-104-11.deploy.static.akamaitechnologies.com
fiws.fidelity.com
clearingcustody.fidelity.com
Apex Domain
Subdomains		 Transfer
8 fidelityaap.com
www.fidelityaap.com
fidelityaap.com
136 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
59 KB
2 fidelity.com
fiws.fidelity.com
clearingcustody.fidelity.com — Cisco Umbrella Rank: 733817
4 KB
12 3
Domain Requested by
7 fidelityaap.com 1 redirects fidelityaap.com
5 cdnjs.cloudflare.com fidelityaap.com
1 clearingcustody.fidelity.com fidelityaap.com
1 fiws.fidelity.com 1 redirects
1 www.fidelityaap.com 1 redirects
12 5

This site contains links to these domains. Also see Links.

Domain
www.sipc.org
personal.fidelity.com
www.fidelity.com
Subject Issuer Validity Valid
www.fidelitywas.com
Entrust Certification Authority - L1M		 2023-06-13 -
2024-07-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Frame ID: 912D1A4A3F491B029BFC39456B2C0CEB
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Attorney Access - Log in

Page URL History Show full URLs

  1. https://www.fidelityaap.com/ HTTP 301
    https://fidelityaap.com/ HTTP 302
    https://fidelityaap.com/Account/Login?ReturnUrl=%2F Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • lodash.*\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

12
Requests

92 %
HTTPS

25 %
IPv6

3
Domains

5
Subdomains

3
IPs

2
Countries

197 kB
Transfer

680 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.fidelityaap.com/ HTTP 301
    https://fidelityaap.com/ HTTP 302
    https://fidelityaap.com/Account/Login?ReturnUrl=%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://fiws.fidelity.com/fi/images/fidelity-color-blocks.gif HTTP 301
  • https://clearingcustody.fidelity.com/fi/images/fidelity-color-blocks.gif

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Login
fidelityaap.com/Account/
Redirect Chain
  • https://www.fidelityaap.com/
  • https://fidelityaap.com/
  • https://fidelityaap.com/Account/Login?ReturnUrl=%2F
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.96 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-96.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
c2336cfc217552c357f8e53d154cfc3db492611dc21cfc02b5c68cb182aa131f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache,no-cache
content-encoding
gzip
content-length
2900
content-type
text/html; charset=utf-8
date
Sat, 20 Jan 2024 08:53:18 GMT
expires
-1,-1
feature-policy
geolocation 'self'; vibrate 'none'
pragma
no-cache
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
private,no-cache
content-length
0
date
Sat, 20 Jan 2024 08:53:18 GMT
expires
-1
feature-policy
geolocation 'self'; vibrate 'none'
location
https://fidelityaap.com/Account/Login?ReturnUrl=%2F
server
Microsoft-IIS/10.0
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css
fidelityaap.com/Content/ 		165 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fidelityaap.com/Content/css?v=KzTEje6qmAVBuqBjNWxl2gBkFVKGLe8-w-ZdiXA-HVo1
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.96 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-96.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
a9adbad5f4f5c41f3e63548bc602c94b175d237c148029835e3ea6db60f497ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fidelityaap.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Jan 2024 08:53:18 GMT
last-modified
Sat, 20 Jan 2024 08:53:18 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public,no-cache
feature-policy
geolocation 'self'; vibrate 'none'
content-length
29629
x-xss-protection
1; mode=block
expires
Sun, 19 Jan 2025 08:53:18 GMT,-1
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://fidelityaap.com/
Origin
https://fidelityaap.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 08:53:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3251742
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyCJAJ4LMaL6xO6KWj4OoZdX97rzUSRYV%2Bgp3YwEuKjugaBz3%2F41RSvYGHgyz1BMFHtMMGDpk%2FX0sMLpTUeUhK5qRcXGKxxxsoWeJIfHBfe0OjtQl6V%2BarUUecOGbuikOjz8Nm5EAab2gvXP9kHykHww"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84861617ae716937-FRA
expires
Thu, 09 Jan 2025 08:53:18 GMT
Fidelity_Email_Logo.gif
fidelityaap.com/Images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fidelityaap.com/Images/Fidelity_Email_Logo.gif
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.96 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-96.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
3a9ac3554582155bce27aedf47e35dae8a7779134d6fe15480755136a9968427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fidelityaap.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 20 Jan 2024 08:53:18 GMT
x-content-type-options
nosniff
last-modified
Sat, 12 Mar 2022 15:27:44 GMT
server
Microsoft-IIS/10.0
etag
"1c576eb82536d81:0"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache
feature-policy
geolocation 'self'; vibrate 'none'
accept-ranges
bytes
content-length
4839
x-xss-protection
1; mode=block
expires
-1
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fidelityaap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 08:53:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
829092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3980
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-2b4c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHi1NoelADF7VsYak%2FgyAVIKhRRp66Sp%2BnIQkqsQpjYUgGHXLSOmELJHTxGXT1rkakSmaC1ANYmyTbbAtFBas5%2BpyZNOydpXfH2QblQ1IwMO1sJVMsnsjE1NeRUUzLhZKs0N3SBNZjTFxMDVet8ANMF8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84861617a80d91f5-FRA
expires
Thu, 09 Jan 2025 08:53:18 GMT
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://fidelityaap.com/
Origin
https://fidelityaap.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 08:53:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1254075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6970
last-modified
Fri, 29 May 2020 16:54:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5ed13e63-5f7b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2M8cwq%2FH5cLbVrOXz40XPn1Ku45quYX3aOUGxsolPd9YxGyCovcm39pG3mCEv9jOVmQ615Z%2FYGgXSouzVLQymVoTVGYOZuOKwBxOglaKVOp7ySVWQqXG%2BgQ6x7JR4tOm2fRCANw3b%2Fl4t%2BTOOdXhqOh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84861617fea66937-FRA
expires
Thu, 09 Jan 2025 08:53:18 GMT
jqueryValFoolProofBundle
fidelityaap.com/bundles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fidelityaap.com/bundles/jqueryValFoolProofBundle?v=Eh3OlHJ-NJnHMr2iVDY_Pu4TnCNjk_LfeCbNU_ECPjY1
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.96 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-96.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
e41a41c8289a78bca1fadbf4bf148b1a38cc1bd78dda4d1abca8d009a8f3836b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fidelityaap.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Jan 2024 08:53:18 GMT
last-modified
Sat, 20 Jan 2024 08:53:18 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public,no-cache
feature-policy
geolocation 'self'; vibrate 'none'
content-length
1269
x-xss-protection
1; mode=block
expires
Sun, 19 Jan 2025 08:53:18 GMT,-1
lodash.compat.min.js
cdnjs.cloudflare.com/ajax/libs/lodash.js/2.4.1/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/lodash.js/2.4.1/lodash.compat.min.js
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8f75f4c03903f582cec6d67dbac2b69480aadc39046889adaed377b3f25de4f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fidelityaap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 08:53:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5976744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10520
last-modified
Mon, 04 May 2020 16:12:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed2-7a6d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E56sFj8vwpoCFiBpOOY2gyLzHf%2BdCvVjr9CfivWyS%2FKcGQFl0CTWTW3LGxfIEPjqBp1OgkOCy0KNQVMXBoKe3W7Bj3kcEpVTJ1zQxwP2%2BJis86PNnczz05lluKj%2BpgiK%2FiZYbbfDyKMBGGF2t5a987fB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84861618487891f5-FRA
expires
Thu, 09 Jan 2025 08:53:18 GMT
localVendorBundle
fidelityaap.com/bundles/ 		310 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fidelityaap.com/bundles/localVendorBundle?v=aKG7ThD_qD9tmaloO62og8ru46kXnXVORee96lVao-U1
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.96 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-96.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
12e08c9a6e8da2b2f34cdafa70fe709494ace6fe19a8328f0958a8aa68ac8bf4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fidelityaap.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Jan 2024 08:53:19 GMT
last-modified
Sat, 20 Jan 2024 08:53:18 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public,no-cache
feature-policy
geolocation 'self'; vibrate 'none'
x-xss-protection
1; mode=block
expires
Sun, 19 Jan 2025 08:53:18 GMT,-1
dropzone.min.js
cdnjs.cloudflare.com/ajax/libs/dropzone/4.2.0/min/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/dropzone/4.2.0/min/dropzone.min.js
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8acb17337389e4a7936cf7ef6c2d0932fbff16b385f785437cc0229667b6c48f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fidelityaap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 20 Jan 2024 08:53:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4506045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8639
last-modified
Mon, 04 May 2020 16:09:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e3e-823b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdncFfWOWu0u6CvaCCnC1DCn733EiBv5OlqPXMkAKr6xdxST1HZ7Bl8TpmhYc7IYPuXZJ50BzNHZOAWNPcjSGAJIWT9Ny7psFhOsz3w5MkHbNdiIIZbCL9AjY5%2BlO9URLCUn2KlYTenpgI1nkik0TCmg"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8486161978e51e6c-FRA
expires
Thu, 09 Jan 2025 08:53:18 GMT
app
fidelityaap.com/bundles/ 		1017 B
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fidelityaap.com/bundles/app?v=ZRDVdz1eGpkNKqQ8OJEGi5B6FabuDuTIhQ9tPI5IXnk1
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Account/Login?ReturnUrl=%2F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.96.96 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-96-96.deploy.static.akamaitechnologies.com
Software
Microsoft-IIS/10.0 /
Resource Hash
0717c9f4a9bc155a1f5b8620e10fc31847cbca40e8ffaec9bd631df40cafc5d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fidelityaap.com/Account/Login?ReturnUrl=%2F
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 20 Jan 2024 08:53:19 GMT
last-modified
Sat, 20 Jan 2024 08:53:19 GMT
server
Microsoft-IIS/10.0
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public,no-cache
feature-policy
geolocation 'self'; vibrate 'none'
content-length
527
x-xss-protection
1; mode=block
expires
Sun, 19 Jan 2025 08:53:19 GMT,-1
fidelity-color-blocks.gif
clearingcustody.fidelity.com/fi/images/
Redirect Chain
  • https://fiws.fidelity.com/fi/images/fidelity-color-blocks.gif
  • https://clearingcustody.fidelity.com/fi/images/fidelity-color-blocks.gif
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clearingcustody.fidelity.com/fi/images/fidelity-color-blocks.gif
Requested by
Host: fidelityaap.com
URL: https://fidelityaap.com/Content/css?v=KzTEje6qmAVBuqBjNWxl2gBkFVKGLe8-w-ZdiXA-HVo1
Protocol
HTTP/1.1
Server
92.123.104.11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-104-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
03359336a3d70ad54edba621359887789431bcef1a8286aa437326720956392b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fidelityaap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
Date
Sat, 20 Jan 2024 08:53:23 GMT
X-Content-Type-Options
nosniff
P3P
CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
fscalleeid
https-institutional.fidelity.com-8443
Connection
keep-alive
Content-Length
1466
X-XSS-Protection
1; mode=block
fsreqid
REQ65ab8a0309d8fbc49fe815a96834aa33
Referrer-Policy
same-origin
Last-Modified
Thu, 18 Jan 2024 20:24:08 GMT
Server
Apache
ETag
"5ba-60f3e25460a00"
Vary
User-Agent
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif; charset=iso-8859-1
fselapsedtime
562
Feature-Policy
microphone 'none'; camera 'self'; geolocation 'self'; sync-xhr 'self'
Cache-Control
max-age=86400
Accept-Ranges
bytes

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubdomains;
fsreqid
REQ65ab8a0278ce90dd90f55d40a846aa33
Date
Sat, 20 Jan 2024 08:53:23 GMT
Server
Apache
Content-Type
text/html; charset=iso-8859-1
Location
https://clearingcustody.fidelity.com/fi/images/fidelity-color-blocks.gif
fselapsedtime
401
fscalleeid
https-institutional.fidelity.com-8443
Connection
keep-alive
Content-Length
0
fserror
Apache error; src=https-institutional.fidelity.com-8443; hs=301+Moved+Permanent

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| html5 object| Modernizr function| foolproof function| _ object| respond function| moment function| PNotify object| Handlebars object| bootbox function| Dropzone object| app object| helpers

3 Cookies

Domain/Path Name / Value
.fidelityaap.com/ Name: ak_bmsc
Value: D6B8DC2FD798290F4CB39AC68C9D1A02~000000000000000000000000000000~YAAQDthUuPfiZe+MAQAAIggTJhao3Z7zcDTLjhyze007JQbia5GESA2yXwNH5H7pmD/P1AJLcg/TblI+HShtHRh5pEbogzxv/4WK6L+OCt+FGyzhKkd1nESJD9IwCh7GP1xtfQ8XMT6RFKGMmz77sX9RpVj+6eNNPo+2r/JsD9kfnWEWXg42xQqIGR7uGRBHQBbHQcntjQsiz4WGoDNXte6/UIE/raUCkBrtOU2QvIbwXF8Iivsdb601opS4oRZXhV6TCEhV9vN2mCnjkAFjlYSu6d3Md006o8AQZJAC9BgAugi8uVxMkaDSjFGz+7uuXFLDSkN4QFnsxkpKXKpgnZ3yh+m/4ECAr1U9rybWz4xWDPNc9EZN5T/j2ikpFTI36rCboNGEemEGR/68N3g=
fidelityaap.com/ Name: __RequestVerificationToken
Value: nwoH9GbK_7pt1GLBIn8SQoNnD5a2MbSdXkaOR5dF1oI3MPkHp366o8nEwSJ29BiafH05PlR7VY-48UXhF1YjPXMbRFYZrz79IhZ-O8s9qdY1
.fidelityaap.com/ Name: bm_sv
Value: DDBEE6D3F098ED869C61C39E459B19FB~YAAQXGATAmjf9O6MAQAAQwoTJhZyLKkErpxbGbC4XmvmIgttn5kSqB0EHETV804/WV/4hyQZhjcXytMbxMWoyQx2X9gKEyDUfuwxQPXGsVpDe2HtiQMKEThR43xlSsvjH+zDW+XZNLzmCeJ+5nmJZWDZrx8aOp/GDQP2vNXdARA+pmKr3tJ+Gj8ootEQTAMO8KR+VF/6gY5KfI32rw6jMJRR/En/tx2yTd56Sz93ryTM+G/9c7BkZCf+evnwAOLWBFUTNSo=~1

1 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'vibrate'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block