www.wku-gniezno.pl
Open in
urlscan Pro
85.128.183.66
Malicious Activity!
Public Scan
Submission: On November 08 via automatic, source openphish
Summary
This is the only time www.wku-gniezno.pl was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fidelity (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 85.128.183.66 85.128.183.66 | 15967 (NAZWA) (NAZWA) | |
16 | 95.100.165.181 95.100.165.181 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 | 54.165.55.129 54.165.55.129 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
2 | 34.197.223.89 34.197.223.89 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 23.8.10.180 23.8.10.180 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 66.117.29.3 66.117.29.3 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
2 | 52.45.133.53 52.45.133.53 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 1 | 52.7.51.121 52.7.51.121 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 52.216.160.85 52.216.160.85 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 3 | 54.154.86.92 54.154.86.92 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 2 | 63.140.41.128 63.140.41.128 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
40 | 11 |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a95-100-165-181.deploy.akamaitechnologies.com
login.fidelity.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-55-129.compute-1.amazonaws.com
nexus.ensighten.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-223-89.compute-1.amazonaws.com
activate1.fidelity.com |
ASN20940 (AKAMAI-ASN1, US)
PTR: a23-8-10-180.deploy.static.akamaitechnologies.com
cdn.tt.omtrdc.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
fmrcorp.tt.omtrdc.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-45-133-53.compute-1.amazonaws.com
nexus.ensighten.com |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-7-51-121.compute-1.amazonaws.com
www.glancecdn.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-154-86-92.eu-west-1.compute.amazonaws.com
fidelity.demdex.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: fidelity.com.ssl.d1.sc.omtrdc.net
sitecatalyst.fidelity.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
20 |
fidelity.com
1 redirects
login.fidelity.com activate1.fidelity.com sitecatalyst.fidelity.com |
307 KB |
3 |
demdex.net
fast.fidelity.demdex.net Failed fidelity.demdex.net |
3 KB |
3 |
ensighten.com
nexus.ensighten.com |
177 KB |
2 |
omtrdc.net
cdn.tt.omtrdc.net fmrcorp.tt.omtrdc.net |
15 KB |
2 |
wku-gniezno.pl
www.wku-gniezno.pl |
12 KB |
1 |
amazonaws.com
s3.amazonaws.com |
9 KB |
1 |
glancecdn.net
1 redirects
www.glancecdn.net |
389 B |
0 |
fmr.com
Failed
metricsqa4.fmr.com Failed |
|
40 | 8 |
Domain | Requested by | |
---|---|---|
16 | login.fidelity.com |
www.wku-gniezno.pl
login.fidelity.com |
3 | fidelity.demdex.net |
1 redirects
nexus.ensighten.com
|
3 | nexus.ensighten.com |
www.wku-gniezno.pl
nexus.ensighten.com |
2 | sitecatalyst.fidelity.com | 1 redirects |
2 | activate1.fidelity.com |
nexus.ensighten.com
|
2 | www.wku-gniezno.pl |
www.wku-gniezno.pl
|
1 | s3.amazonaws.com | |
1 | www.glancecdn.net | 1 redirects |
1 | fmrcorp.tt.omtrdc.net |
nexus.ensighten.com
|
1 | cdn.tt.omtrdc.net |
nexus.ensighten.com
|
0 | metricsqa4.fmr.com Failed | |
0 | fast.fidelity.demdex.net Failed |
nexus.ensighten.com
|
40 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.fidelity.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.fidelity.com Entrust Certification Authority - L1K |
2017-09-19 - 2020-09-19 |
3 years | crt.sh |
nexus.ensighten.com Symantec Class 3 Secure Server SHA256 SSL CA |
2014-10-27 - 2018-01-13 |
3 years | crt.sh |
s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2017-09-26 - 2018-09-20 |
a year | crt.sh |
sitecatalyst.fidelity.com Entrust Certification Authority - L1K |
2016-07-13 - 2018-07-13 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
http://www.wku-gniezno.pl/wp-content/upgrade/Fidauth/IdentifyUser/verify.php?cmd=login_submit&id=ba3c21fa37bad7cfdaca5b1ca8760aaeba3c21fa37bad7cfdaca5b1ca8760aae&session=ba3c21fa37bad7cfdaca5b1ca8760aaeba3c21fa37bad7cfdaca5b1ca8760aae
Frame ID: 7158.1
Requests: 39 HTTP requests in this frame
Frame:
http://fast.fidelity.demdex.net/dest4.html?d_nsid=0
Frame ID: 7158.3
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
Twitter Bootstrap () Expand
Detected patterns
- html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i
- script /(?:twitter\.github\.com\/bootstrap|bootstrap(?:\.js|\.min\.js))/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Cancel
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 33- https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19772&site=production HTTP 302
- https://s3.amazonaws.com/glancecdn/cobrowse/js/GlanceCobrowseLoader_3.7.1aM.js
- http://fidelity.demdex.net/event?d_nsid=0&d_ld=_ts%3D1510145174691&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1510145174691 HTTP 302
- http://fidelity.demdex.net/firstevent?d_nsid=0&d_ld=_ts%3D1510145174691&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1510145174691
- https://sitecatalyst.fidelity.com/b/ss/fidelitycom/1/H.24.2/s84417493534283?AQB=1&ndh=1&t=8%2F10%2F2017%2012%3A46%3A15%203%200&ns=fidelity&pageName=www.wku-gniezno.pl%2Fwp-content%2Fupgrade%2FFidauth%2FIdentifyUser%2Fverify.php&g=http%3A%2F%2Fwww.wku-gniezno.pl%2Fwp-content%2Fupgrade%2FFidauth%2FIdentifyUser%2Fverify.php%3Fcmd%3Dlogin_submit%26id%3Dba3c21fa37bad7cfdaca5b1ca8760aaeba3c21fa37bad7cfdaca5b1ca8760aae%26session%3Dba3c21fa37bad7cfdaca5b1ca8760aaeba3c21fa37bad7cfdaca5b1ca8760aae&c.&actData1=No%20Activate%20Data&ens_loc=head&browserCompatibility=ie%3Dedge%2Cchrome%3D1&d80=0&d83=0&dateDetail=45%7C3%7C12%3A30%7C46&lilo=Lo&mboxVersion=59&new_piDData2=No%20Activate%20Data&p99=p99%20unavailable&p9=No%20NavBar%20Interaction&piDData1=No%20Activate%20Data&piDData2=No%20Activate%20Data&piDData3=No%20Activate%20Data&piDData5=No%20Activate%20Data&piDData6=No%20Activate%20Data&piDData7=No%20Activate%20Data&piDData8=No%20Activate%20Data&piDData9=No%20Activate%20Data&rmdata=rNA%7Cg00%7Cei0%7CciNA&wiDData1=No%20Activate%20Data&SEC=NotConfigured&VSCHANNEL=Fid.com%20web&channelManager=Typed%2FBookmarked&channelManagerDetail=tb%7Cwww.wku-gniezno.pl%2Fwp-content%2Fupgrade%2FFidauth%2FIdentifyUser%2Fverify.php&channelManagerKeyword=n%2Fa&channelManagerStacking=Typed%2FBookmarked&VSFORMAT=1600%7CLarge%7CNo%20App%20Format&.c&v16=D%3Dc11&v18=D%3Dc16&v21=First%20Visit&v75=2017-11-01%7CH.25.4%7CTMS&tnt=86130%3A0%3A0%2C&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&ts=1510145174&AQE=1 HTTP 302
- https://sitecatalyst.fidelity.com/b/ss/fidelitycom/1/H.24.2/s84417493534283?AQB=1&pccr=true&vidn=2D017E4B85316718-6000010EA0006E0C&&ndh=1&t=8%2F10%2F2017%2012%3A46%3A15%203%200&ns=fidelity&pageName=www.wku-gniezno.pl%2Fwp-content%2Fupgrade%2FFidauth%2FIdentifyUser%2Fverify.php&g=http%3A%2F%2Fwww.wku-gniezno.pl%2Fwp-content%2Fupgrade%2FFidauth%2FIdentifyUser%2Fverify.php%3Fcmd%3Dlogin_submit%26id%3Dba3c21fa37bad7cfdaca5b1ca8760aaeba3c21fa37bad7cfdaca5b1ca8760aae%26session%3Dba3c21fa37bad7cfdaca5b1ca8760aaeba3c21fa37bad7cfdaca5b1ca8760aae&c.&actData1=No%20Activate%20Data&ens_loc=head&browserCompatibility=ie%3Dedge%2Cchrome%3D1&d80=0&d83=0&dateDetail=45%7C3%7C12%3A30%7C46&lilo=Lo&mboxVersion=59&new_piDData2=No%20Activate%20Data&p99=p99%20unavailable&p9=No%20NavBar%20Interaction&piDData1=No%20Activate%20Data&piDData2=No%20Activate%20Data&piDData3=No%20Activate%20Data&piDData5=No%20Activate%20Data&piDData6=No%20Activate%20Data&piDData7=No%20Activate%20Data&piDData8=No%20Activate%20Data&piDData9=No%20Activate%20Data&rmdata=rNA%7Cg00%7Cei0%7CciNA&wiDData1=No%20Activate%20Data&SEC=NotConfigured&VSCHANNEL=Fid.com%20web&channelManager=Typed%2FBookmarked&channelManagerDetail=tb%7Cwww.wku-gniezno.pl%2Fwp-content%2Fupgrade%2FFidauth%2FIdentifyUser%2Fverify.php&channelManagerKeyword=n%2Fa&channelManagerStacking=Typed%2FBookmarked&VSFORMAT=1600%7CLarge%7CNo%20App%20Format&.c&v16=D%3Dc11&v18=D%3Dc16&v21=First%20Visit&v75=2017-11-01%7CH.25.4%7CTMS&tnt=86130%3A0%3A0%2C&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&ts=1510145174&AQE=1
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
verify.php
www.wku-gniezno.pl/wp-content/upgrade/Fidauth/IdentifyUser/ |
22 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
bootstrap.css
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/bootstrap/ |
120 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
bootstrap-theme.css
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/bootstrap/ |
14 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
capability-base.css
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
fidelity-sans.css
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/ |
7 KB 661 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
rtlcust-base.css
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/business/rtlcust/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
identifyuser.css
login.fidelity.com/ftgw/pages/capability/identifyuser/defaultWeb/common/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
jquery-1.10.2.min.js
login.fidelity.com/ftgw/pages/widget/js/jquery/ |
91 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
jquery.validate.min.js
login.fidelity.com/ftgw/pages/widget/js/jquery/validate/ |
21 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
bootstrap.js
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/js/bootstrap/ |
57 KB 57 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
modernizr.min.js
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/js/modernizr/ |
11 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
fs-steps-1.5.jquery.js
login.fidelity.com/ftgw/pages/widget/js/fs-steps/ |
33 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
device_print.min.js
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/js/rsa/ |
39 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Bootstrap.js
nexus.ensighten.com/fidelity/prod/ |
399 KB 116 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
defaultheaderlogo.png
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
defaultfooterlogo.gif
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/images/ |
14 KB 14 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
methodToBuMap.js
login.fidelity.com/ftgw/pages/capability/identifyuser/defaultWeb/common/js/ |
141 B 141 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
identifyuser-fs-steps.js
login.fidelity.com/ftgw/pages/capability/identifyuser/defaultWeb/common/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
async.js
www.wku-gniezno.pl/_bm/ |
27 KB 6 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fidelity-sans-regular.woff2
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
activate1.fidelity.com/ |
0 0 |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
target.js
cdn.tt.omtrdc.net/cdn/ |
43 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax
fmrcorp.tt.omtrdc.net/m2/fmrcorp/mbox/ |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serverComponent.php
nexus.ensighten.com/fidelity/prod/ |
358 B 263 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fidelity-sans-regular.woff
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
fidelity-sans-light.woff2
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
fidelity-sans-bold.woff2
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
fidelity-sans-regular.ttf
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
fidelity-sans-light.woff
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
fidelity-sans-bold.woff
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET |
fidelity-sans-light.ttf
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cca1ebffd5b994f45daaa04d5c824fba.js
nexus.ensighten.com/fidelity/prod/code/ |
204 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fidelity-sans-bold.ttf
login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
activate1.fidelity.com/ |
0 0 |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
GlanceCobrowseLoader_3.7.1aM.js
s3.amazonaws.com/glancecdn/cobrowse/js/ Redirect Chain
|
9 KB 9 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
dest4.html
fast.fidelity.demdex.net/ Frame 7158 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
firstevent
fidelity.demdex.net/ Redirect Chain
|
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
event
fidelity.demdex.net/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
s84417493534283
sitecatalyst.fidelity.com/b/ss/fidelitycom/1/H.24.2/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
VSTAG
metricsqa4.fmr.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- login.fidelity.com
- URL
- https://login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/fidelity-sans-regular.woff2
- Domain
- login.fidelity.com
- URL
- https://login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/fidelity-sans-regular.woff
- Domain
- login.fidelity.com
- URL
- https://login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/fidelity-sans-light.woff2
- Domain
- login.fidelity.com
- URL
- https://login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/fidelity-sans-bold.woff2
- Domain
- login.fidelity.com
- URL
- https://login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/fidelity-sans-regular.ttf
- Domain
- login.fidelity.com
- URL
- https://login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/fidelity-sans-light.woff
- Domain
- login.fidelity.com
- URL
- https://login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/fidelity-sans-bold.woff
- Domain
- login.fidelity.com
- URL
- https://login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/fidelity-sans-light.ttf
- Domain
- login.fidelity.com
- URL
- https://login.fidelity.com/ftgw/pages/capability/common/defaultWeb/css/fonts/fidelity/fidelity-sans-bold.ttf
- Domain
- fast.fidelity.demdex.net
- URL
- http://fast.fidelity.demdex.net/dest4.html?d_nsid=0
- Domain
- metricsqa4.fmr.com
- URL
- https://metricsqa4.fmr.com/VSTAG?LOG=1&url_length=1089&actData1=No%20Activate%20Data&ens_loc=head&browserCompatibility=ie%3Dedge%2Cchrome%3D1&d80=0&d83=0&dateDetail=45%7C3%7C12%3A30%7C46&lilo=Lo&mboxVersion=59&new_piDData2=No%20Activate%20Data&p99=p99%20unavailable&p9=No%20NavBar%20Interaction&piDData1=No%20Activate%20Data&piDData2=No%20Activate%20Data&piDData3=No%20Activate%20Data&piDData5=No%20Activate%20Data&piDData6=No%20Activate%20Data&piDData7=No%20Activate%20Data&piDData8=No%20Activate%20Data&piDData9=No%20Activate%20Data&rmdata=rNA%7Cg00%7Cei0%7CciNA&wiDData1=No%20Activate%20Data&SEC=NotConfigured&VSCHANNEL=Fid.com%20web&channelManager=Typed%2FBookmarked&channelManagerDetail=tb%7Cwww.wku-gniezno.pl%2Fwp-content%2Fupgrade%2FFidauth%2FIdentifyUser%2Fverify.php&channelManagerKeyword=n%2Fa&channelManagerStacking=Typed%2FBookmarked&VSFORMAT=1600%7CLarge%7CNo%20App%20Format&pageName=www.wku-gniezno.pl%2Fwp-content%2Fupgrade%2FFidauth%2FIdentifyUser%2Fverify.php&VSVERSION=2017-11-01%7CH.25.4%7CTMS&tnt=86130%3A0%3A0%2C&VSPAGETAG=1&RSID=fidelitycom&VSVID=0.15978509435075905
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fidelity (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.wku-gniezno.pl/ | Name: s_pers Value: %20visitStart%3D1510145174152%7C1541681174152%3B |
|
.wku-gniezno.pl/ | Name: mbox Value: check#true#1510145234|session#1510145173044-945578#1510147034|PC#1510145173044-945578.26_28#1517921174 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
activate1.fidelity.com
cdn.tt.omtrdc.net
fast.fidelity.demdex.net
fidelity.demdex.net
fmrcorp.tt.omtrdc.net
login.fidelity.com
metricsqa4.fmr.com
nexus.ensighten.com
s3.amazonaws.com
sitecatalyst.fidelity.com
www.glancecdn.net
www.wku-gniezno.pl
fast.fidelity.demdex.net
login.fidelity.com
metricsqa4.fmr.com
23.8.10.180
34.197.223.89
52.216.160.85
52.45.133.53
52.7.51.121
54.154.86.92
54.165.55.129
63.140.41.128
66.117.29.3
85.128.183.66
95.100.165.181
0169ae37a480d80fc982df92f5a21f7b89eb7e0a27d1b123e3d8b7ab2109cfab
04d04062f24be9fe9056ef6db71e7840a93459da1488629fa74bfb501b73f92e
142c6bf45553aa17544e6bcc7cfff26b8d2e2f2598d8f8b62e6052e33ce93d94
22e37f8859e34fed4973b41d883984b1462722cb0ae213518d6f3571a0d0d011
4218167c0f61ae94f31379951b0d12e7f9151f580af075e7ac39e5833dcdac76
4cfbe433c422647be7ef9bf651b1aa275ddcaf6998eae90c1b21de84821bcdaf
4d83d1ae3cbc212a2df745bc4ce666e96f394685d1f16c880945b3170eb385d4
55e3a8524117d88b49c5bf917d6fc195a1724c9d97fffb2f26ea153fe6977873
583a108c7259c75dd0404b9393bf559211fe8f45c126475bd38c3e46d0ba57e3
5c7a02edbc59c68c56e02500a297217c241db4dd165f447a23573ab0face3d5f
5cf1033d8991b15efd23f7122f62a0491d30a7c77ed63f0c006d377f2dd4bb99
75d8131a095973184b884f5e93358bad4ff3afc7f8603b709e7f11588fd42da1
85cb3fc8c03bec558783043376e89525f7334bfe38ffb91848effb8912872672
88792afbf1440ba2a55e99f5f78cabbbcd48b344254b08466ea1eeba0195e28a
8e94cbcc7c9f142c81138d5fd04dcf061408e4cd793f440ccf02c70904bfa861
a1849baa65ba047de397d0585470a081b472ec2a41fdb1c2f0d6d78af2b02f73
a1e67ab0dc3360a474144e9ccb223ccb7577bf74a6a06546640f0cbb99202864
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b1005ee3959d9f1e975a91ed1e4f628c1781d88dbe4d202ed62695c8adc78fda
b174364be4b16e98e639b644c2f8545893a2a07ed6ba149f33ea5ed165597001
c36f7648af2a5be2503b3c9564a037e22147f97005ad8b1dfa3ce2136f18060a
c9ed9e2b066143c00b7afd8fe058fc0ab81a5f2cbfbc1d68c590fe84d3e273ff
cc68a4d4bbfcf53639ef6fdb666794eb7f48a8458592bf25bf9dc01d16ddd7d5
d0fe5ab4e3ae208b512893326fb90e5f48655c99fbd8e53b6fab5fbcb0e4c3b5
d88949ad637b040b893c651e938b80f8a1aabc350c94c01c28e8a38fadab2df3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48e4903bbcd50d34d7be654859eff0c3e96055410433f08e2fce9f80a5266be
f79acb317ba853e89601f433416107d456765b18ad14d7fe5a85e13a1e9560c9