cappadociaballoonflight.com Open in urlscan Pro
89.163.146.53 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cappadociaballoonflight.com/images/anasayfa/log/CoxCommunications
Effective URL:
https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330...
Submission: On August 28 via automatic, source openphish (August 28th 2019, 12:11:52 pm UTC)

Summary HTTP 127 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 48 IPs in 7 countries across 36 domains to perform 127 HTTP transactions. The main IP is 89.163.146.53, located in Langenargen, Germany and belongs to MYLOC-AS, DE. The main domain is cappadociaballoonflight.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 3rd 2019. Valid for: 3 months.

This is the only time cappadociaballoonflight.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Cox (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
2 4	89.163.146.53 89.163.146.53	24961 (MYLOC-AS) (MYLOC-AS)
14	13.35.253.56 13.35.253.56	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.35.253.72 13.35.253.72	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	13.35.253.52 13.35.253.52	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	65.98.66.50 65.98.66.50	25653 (FORTRESSITX) (FORTRESSITX - FortressITX)
11	152.199.23.241 152.199.23.241	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 3	3.248.26.129 3.248.26.129	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	63.35.240.22 63.35.240.22	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	185.34.188.196 185.34.188.196	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	66.117.23.121 66.117.23.121	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
4	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	65.98.66.39 65.98.66.39	25653 (FORTRESSITX) (FORTRESSITX - FortressITX)
7	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
9	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2610:1c8:c::1 2610:1c8:c::1	23393 (NUCDN) (NUCDN - NuCDN LLC)
3	13.35.253.7 13.35.253.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	18.221.42.182 18.221.42.182	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
12	13.35.253.75 13.35.253.75	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.35.253.51 13.35.253.51	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	74.201.240.229 74.201.240.229	6640 (CENTURYLI...) (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	178.249.101.23 178.249.101.23	11054 (LIVEPERSON) (LIVEPERSON - LivePerson)
2	162.247.242.19 162.247.242.19	23467 (NEWRELIC-...) (NEWRELIC-AS-1 - New Relic)
1	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY - Fastly)
1 2	52.72.26.83 52.72.26.83	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1 1	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	3.120.86.4 3.120.86.4	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	52.24.184.162 52.24.184.162	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	185.60.92.32 185.60.92.32	39605 (IGUANESOL...) (IGUANESOLUTIONS)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET - Internap Corporation)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1 4	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE - Google LLC)
2 3	152.199.22.24 152.199.22.24	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	185.33.223.216 185.33.223.216	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1 1	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE - Google LLC)
1	3.85.58.247 3.85.58.247	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	69.173.144.136 69.173.144.136	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	52.202.9.160 52.202.9.160	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
1	52.29.20.136 52.29.20.136	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
127	48

4 89.163.146.53 (Langenargen, Germany) 2 redirects

ASN24961 (MYLOC-AS, DE)
PTR: lokman.kebirhost.com

cappadociaballoonflight.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.35.253.56 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-56.fra6.r.cloudfront.net

webcdn2.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.72 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-72.fra6.r.cloudfront.net

webcdn3.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.35.253.52 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-52.fra6.r.cloudfront.net

webcdn.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.98.66.50 (Secaucus, United States)

ASN25653 (FORTRESSITX - FortressITX, US)

static-segments.beringmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 152.199.23.241 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.248.26.129 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-248-26-129.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.240.22 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-35-240-22.eu-west-1.compute.amazonaws.com

cox.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.34.188.196 (Netherlands)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: cox.com.ssl.sc.omtrdc.net

smetrics.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE - Adobe Systems Inc., US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.23.121 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

target.cox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.98.66.39 (Secaucus, United States)

ASN25653 (FORTRESSITX - FortressITX, US)

pub-segments.beringmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.194 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2610:1c8:c::1 (United States)

ASN23393 (NUCDN - NuCDN LLC, US)

cdn.includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn3.includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.253.7 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-7.fra6.r.cloudfront.net

yummy.consumable.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.221.42.182 (Columbus, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-221-42-182.us-east-2.compute.amazonaws.com

includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 13.35.253.75 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-75.fra6.r.cloudfront.net

dds6m601du5ji.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gateway.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.253.51 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-51.fra6.r.cloudfront.net

vt.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.201.240.229 (Bellevue, United States)

ASN6640 (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications, LLC, US)
PTR: hosting2.srcnet.net

cox.creativevirtual15.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.249.101.23 (Netherlands)

ASN11054 (LIVEPERSON - LivePerson, Inc., US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.19 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-7.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

clarium.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.72.26.83 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-72-26-83.compute-1.amazonaws.com

s-vop.sundaysky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.248.159 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 159.248.227.35.bc.googleusercontent.com

tapestry.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.86.4 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-120-86-4.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.24.184.162 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-24-184-162.us-west-2.compute.amazonaws.com

brain.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.60.92.32 (Paris, France)

ASN39605 (IGUANESOLUTIONS, FR)
PTR: ig1-vipwfilter-01.ig-1.net

api.deezer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET - Internap Corporation, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.120.147 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 147.120.95.34.bc.googleusercontent.com

gift-connect-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 152.199.22.24 (United States) 2 redirects

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.216 (Netherlands)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.130 (United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.85.58.247 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-85-58-247.compute-1.amazonaws.com

vop.sundaysky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.136 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.202.9.160 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-202-9-160.compute-1.amazonaws.com

analytics.foresee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.20.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-20-136.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	cox.com webcdn2.cox.com webcdn3.cox.com webcdn.cox.com smetrics.cox.com target.cox.com	561 KB
17	foresee.com gateway.foresee.com brain.foresee.com analytics.foresee.com	111 KB
11	tiqcdn.com tags.tiqcdn.com	111 KB
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	175 KB
6	creativevirtual15.com cox.creativevirtual15.com	264 KB
4	ampproject.org cdn.ampproject.org	124 KB
4	advertising.com 2 redirects adserver-us.adtech.advertising.com pixel.advertising.com	1 KB
4	openx.net 1 redirects gift-connect-d.openx.net us-u.openx.net eu-u.openx.net	728 B
4	myvisualiq.net 2 redirects vt.myvisualiq.net t.myvisualiq.net	5 KB
4	google.com adservice.google.com www.google.com	464 B
4	googletagservices.com www.googletagservices.com	81 KB
4	demdex.net 1 redirects dpm.demdex.net cox.demdex.net	4 KB
4	cappadociaballoonflight.com 2 redirects cappadociaballoonflight.com	16 KB
3	adnxs.com ib.adnxs.com acdn.adnxs.com	2 KB
3	sundaysky.com 1 redirects s-vop.sundaysky.com vop.sundaysky.com	4 KB
3	consumable.com yummy.consumable.com	94 KB
3	includemodal.com cdn.includemodal.com cdn3.includemodal.com includemodal.com	60 KB
3	googlesyndication.com tpc.googlesyndication.com Failed pagead2.googlesyndication.com	35 KB
3	google.de adservice.google.de www.google.de	452 B
3	beringmedia.com static-segments.beringmedia.com pub-segments.beringmedia.com	2 KB
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	124 B
2	nr-data.net bam.nr-data.net	455 B
2	google-analytics.com www.google-analytics.com	18 KB
1	rubiconproject.com pixel.rubiconproject.com	371 B
1	lijit.com ap.lijit.com	488 B
1	deezer.com api.deezer.com	20 KB
1	facebook.com www.facebook.com	250 B
1	tapad.com 1 redirects tapestry.tapad.com	464 B
1	fastly.net clarium.global.ssl.fastly.net	21 KB
1	liveperson.net lptag.liveperson.net
1	googleapis.com fonts.googleapis.com	700 B
1	cloudfront.net dds6m601du5ji.cloudfront.net	2 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	googletagmanager.com www.googletagmanager.com	26 KB
1	everesttech.net 1 redirects cm.everesttech.net	527 B
127	36

	Domain	Requested by
14	webcdn2.cox.com	cappadociaballoonflight.com webcdn2.cox.com
11	gateway.foresee.com	tags.tiqcdn.com gateway.foresee.com
11	tags.tiqcdn.com	cappadociaballoonflight.com tags.tiqcdn.com
8	securepubads.g.doubleclick.net	www.googletagservices.com cappadociaballoonflight.com securepubads.g.doubleclick.net
6	cox.creativevirtual15.com	tags.tiqcdn.com cappadociaballoonflight.com cox.creativevirtual15.com
4	cdn.ampproject.org	securepubads.g.doubleclick.net clarium.global.ssl.fastly.net
4	brain.foresee.com	cappadociaballoonflight.com
4	www.googletagservices.com	cappadociaballoonflight.com securepubads.g.doubleclick.net yummy.consumable.com
4	cappadociaballoonflight.com	2 redirects cappadociaballoonflight.com
3	adserver-us.adtech.advertising.com	2 redirects
3	t.myvisualiq.net	2 redirects
3	yummy.consumable.com	cappadociaballoonflight.com yummy.consumable.com
3	dpm.demdex.net	1 redirects cappadociaballoonflight.com
2	eu-u.openx.net	1 redirects yummy.consumable.com
2	analytics.foresee.com	cappadociaballoonflight.com
2	ib.adnxs.com	yummy.consumable.com
2	pagead2.googlesyndication.com
2	www.google.com	cappadociaballoonflight.com
2	s-vop.sundaysky.com	1 redirects
2	bam.nr-data.net	js-agent.newrelic.com cappadociaballoonflight.com
2	www.google-analytics.com	www.googletagmanager.com cappadociaballoonflight.com
2	adservice.google.com	www.googletagservices.com
2	adservice.google.de	www.googletagservices.com
2	pub-segments.beringmedia.com	static-segments.beringmedia.com
2	smetrics.cox.com	cappadociaballoonflight.com tags.tiqcdn.com
2	webcdn.cox.com	cappadociaballoonflight.com
1	pixel.advertising.com
1	ads.pubmatic.com	yummy.consumable.com
1	acdn.adnxs.com	yummy.consumable.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	vop.sundaysky.com
1	cm.g.doubleclick.net	1 redirects
1	gift-connect-d.openx.net	yummy.consumable.com
1	hbopenbid.pubmatic.com	yummy.consumable.com
1	ap.lijit.com	yummy.consumable.com
1	api.deezer.com	yummy.consumable.com
1	www.google.de
1	www.facebook.com
1	tapestry.tapad.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	clarium.global.ssl.fastly.net	cappadociaballoonflight.com
1	lptag.liveperson.net	tags.tiqcdn.com
1	fonts.googleapis.com	yummy.consumable.com
1	vt.myvisualiq.net	tags.tiqcdn.com
1	dds6m601du5ji.cloudfront.net	tags.tiqcdn.com
1	www.googleadservices.com	tags.tiqcdn.com
1	js-agent.newrelic.com	cappadociaballoonflight.com
1	includemodal.com	cappadociaballoonflight.com
1	cdn3.includemodal.com	cdn.includemodal.com
1	cdn.includemodal.com	securepubads.g.doubleclick.net
1	tpc.googlesyndication.com	securepubads.g.doubleclick.net cappadociaballoonflight.com
1	www.googletagmanager.com	tags.tiqcdn.com
1	target.cox.com	cappadociaballoonflight.com
1	cm.everesttech.net	1 redirects
1	cox.demdex.net	webcdn.cox.com
1	static-segments.beringmedia.com	cappadociaballoonflight.com
1	webcdn3.cox.com	cappadociaballoonflight.com
127	58

This site contains links to these domains. Also see Links.

Domain
www.cox.com
webmail.cox.net
idm.east.cox.net

Subject Issuer	Validity	Valid
cappadociaballoonflight.com Let's Encrypt Authority X3	`2019-07-03` - `2019-10-01`	3 months	crt.sh
webcdn.cox.com Entrust Certification Authority - L1K	`2019-01-10` - `2021-04-09`	2 years	crt.sh
*.beringmedia.com RapidSSL RSA CA 2018	`2018-08-07` - `2019-10-06`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2017-10-25` - `2020-05-13`	3 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
smetrics.cox.com Entrust Certification Authority - L1K	`2018-03-13` - `2020-03-13`	2 years	crt.sh
target.cox.com Entrust Certification Authority - L1K	`2018-07-27` - `2020-10-26`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-07-29` - `2019-10-27`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-07-29` - `2019-10-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-07-29` - `2019-10-27`	3 months	crt.sh
cdn.includemodal.com Let's Encrypt Authority X3	`2019-07-31` - `2019-10-29`	3 months	crt.sh
*.consumable.com Amazon	`2018-11-04` - `2019-12-04`	a year	crt.sh
*.includemodal.com Let's Encrypt Authority X3	`2019-06-03` - `2019-09-01`	3 months	crt.sh
includemodal.com Amazon	`2019-01-10` - `2020-02-10`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.myvisualiq.net Amazon	`2018-12-12` - `2020-01-12`	a year	crt.sh
*.creativevirtual15.com COMODO RSA Domain Validation Secure Server CA	`2017-01-18` - `2020-03-16`	3 years	crt.sh
foresee.com Amazon	`2019-08-22` - `2020-09-22`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.liveperson.net COMODO RSA Organization Validation Secure Server CA	`2017-12-17` - `2020-12-16`	3 years	crt.sh
*.nr-data.net GeoTrust RSA CA 2018	`2018-01-11` - `2020-03-17`	2 years	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-01-02` - `2020-01-03`	a year	crt.sh
*.sundaysky.com DigiCert SHA2 Secure Server CA	`2019-06-23` - `2020-05-27`	a year	crt.sh
t.myvisualiq.net COMODO RSA Domain Validation Secure Server CA	`2017-07-05` - `2020-07-28`	3 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
www.google.com GTS CA 1O1	`2019-07-29` - `2019-10-27`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-07-29` - `2019-10-27`	3 months	crt.sh
*.deezer.com Gandi Pro SSL CA 2	`2019-07-31` - `2021-08-05`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2019-03-11` - `2020-05-10`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.adtech.advertising.com DigiCert SHA2 High Assurance Server CA	`2018-05-22` - `2020-05-26`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.foresee.com Go Daddy Secure Certificate Authority - G2	`2018-09-21` - `2020-09-21`	2 years	crt.sh
misc-sni.google.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2019-04-23` - `2020-02-19`	10 months	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2017-06-14` - `2020-06-18`	3 years	crt.sh

This page contains 10 frames:

Primary Page: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Frame ID: FF123C38C9A774790638F6AF90871F03
Requests: 85 HTTP requests in this frame

Frame: https://cox.demdex.net/dest5.html?d_nsid=0
Frame ID: D0B7D2A042F7C727FDED5819AFCD74B1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.includemodal.com/pw.js
Frame ID: 4E1ED20319CFDF538716A71A65ACFF63
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open+Sans:400,800
Frame ID: BDE4C3A0158B6826502EB131E55852CD
Requests: 19 HTTP requests in this frame

Frame: https://s-vop.sundaysky.com/t/v1/j?a=cox&ap=1&m=uui&pb=f&sp=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&cb=1209443917&udt=~segment/visitor;~pn/cox:res:myaccount:sign-in;~bu/res:myaccount&_cvt=t&timestamp=1566994297573&nonce=tud6ehtlgk6d8erec5ms5fijbt&signature=b552c3c9459176bfd672013ff1f04c62eb9c8d58
Frame ID: 5D392EED564257734618D7CF8F7CF270
Requests: 5 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011908222134250/amp4ads-v0.js
Frame ID: 15C119D950845BFC9465DDAD8C791F65
Requests: 7 HTTP requests in this frame

Frame: https://cox.creativevirtual15.com/storage-hub.html
Frame ID: CD3D273CE807B9EAB74C325E2B9D59D4
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fd531c74-f5ed-4e60-8874-939fb2acafa1&gdpr=1
Frame ID: 490812B5AB6DC2809BD464C581E239C7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 93803A0722314EE4830017058258C41D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 4E67D4F2F4CD138F75F4B67558985B55
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cappadociaballoonflight.com/images/anasayfa/log/CoxCommunications HTTP 301
https://cappadociaballoonflight.com/images/anasayfa/log/CoxCommunications/ HTTP 302
https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communica... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /require.*\.js/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

127
Requests

98 %
HTTPS

22 %
IPv6

36
Domains

58
Subdomains

48
IPs

7
Countries

1757 kB
Transfer

5280 kB
Size

16
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cox.com/residential/contactus.html
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.cox.com/residential/home.html
Title: Residential Homepage

Search URL Search Domain Scan URL

URL: https://www.cox.com/residential-shop/order-cox-services.cox
Title: Shop

Search URL Search Domain Scan URL

URL: https://www.cox.com/resaccount/home.cox
Title: My Account

Search URL Search Domain Scan URL

URL: https://webmail.cox.net/
Title: Cox Email

Search URL Search Domain Scan URL

URL: https://www.cox.com/residential/support.html
Title: Support

Search URL Search Domain Scan URL

URL: https://www.cox.com/myprofile/forgot-userid.cox?finalview=https%3A%2F%2Fwww.cox.com%2Fresaccount%2Fhome.cox
Title: Forgot User ID?

Search URL Search Domain Scan URL

URL: https://www.cox.com/myprofile/forgot-password.cox?finalview=https%3A%2F%2Fwww.cox.com%2Fresaccount%2Fhome.cox
Title: Forgot Password?

Search URL Search Domain Scan URL

URL: https://idm.east.cox.net/selfservice2/registration.jsp?finalview=https%3A%2F%2Fwww.cox.com%2Fresaccount%2Fhome.cox
Title: No Account? Register Now!

Search URL Search Domain Scan URL

URL: https://www.cox.com/residential/support/trouble-signing-in-on-the-cox-website.html
Title: Need Help Signing In?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cappadociaballoonflight.com/images/anasayfa/log/CoxCommunications HTTP 301
https://cappadociaballoonflight.com/images/anasayfa/log/CoxCommunications/ HTTP 302
https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1566994295766 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1566994295766

Request Chain 20

https://cm.everesttech.net/cm/dd?d_uuid=67861194783764170123551213388813710760 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XWZvdwAAE0HFITx0

Request Chain 70

https://s-vop.sundaysky.com/t/v1/j?a=cox&ap=1&m=uui&pb=f&sp=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&cb=1209443917&udt=~segment/visitor;~pn/cox:res:myaccount:sign-in;~bu/res:myaccount HTTP 302
https://s-vop.sundaysky.com/t/v1/j?a=cox&ap=1&m=uui&pb=f&sp=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&cb=1209443917&udt=~segment/visitor;~pn/cox:res:myaccount:sign-in;~bu/res:myaccount&_cvt=t&timestamp=1566994297573&nonce=tud6ehtlgk6d8erec5ms5fijbt&signature=b552c3c9459176bfd672013ff1f04c62eb9c8d58

Request Chain 76

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D HTTP 302
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_fc0c4de1-c98c-11e9-a4e0-6e6670d703d6

Request Chain 77

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D472848526381719%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D472848526381719%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D HTTP 302
https://www.facebook.com/tr?id=472848526381719&ev=PageView&cd[order_id]=4d4b778a-d06b-4c73-b1b6-16999346f516

Request Chain 90

https://adserver-us.adtech.advertising.com/pubapi/3.0/10947.1/5010049/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=12334025697a6d6;misc=1566994297990; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10947.1/5010049/0/0/ADTECH;cfp=1;rndc=1566994297;v=2;cmd=bid;cors=yes;alias=12334025697a6d6;misc=1566994297990 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10947.1/5010049/0/0/ADTECH;apid=1Afc9331fc-c98c-11e9-878a-122675b00be4;cfp=1;rndc=1566994297;v=2;cmd=bid;cors=yes;alias=12334025697a6d6;misc=1566994297990

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=sundaysky&cb=1019291082&v=1.0.0&google_cm&google_sc&google_hm=WkRYeDhjZCt1cjFEWkxoeU13VkZjbUh5 HTTP 302
https://vop.sundaysky.com/sync/google-adx?cb=1019291082&v=1.0.0&google_gid=CAESEHCSYZGLWsDDDaGf_XUaa50&google_cver=1

Request Chain 124

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fd531c74-f5ed-4e60-8874-939fb2acafa1&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fd531c74-f5ed-4e60-8874-939fb2acafa1&gdpr=1

127 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html Show response
cappadociaballoonflight.com/images/bayraklar/
Redirect Chain

https://cappadociaballoonflight.com/images/anasayfa/log/CoxCommunications
https://cappadociaballoonflight.com/images/anasayfa/log/CoxCommunications/
https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b...

43 KB
16 KB

29ms
29ms

Document
text/html

89.163.146.53
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.163.146.53 Langenargen, Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: lokman.kebirhost.com
Software: nginx /
Resource Hash: e4b47bb9125fd8930713bd6157b6a2ea09b804aa4aa4a5e2e4e4cb5558cf05ba

Request headers

:method: GET
:authority: cappadociaballoonflight.com
:scheme: https
:path: /images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
date: Wed, 28 Aug 2019 12:11:35 GMT
content-type: text/html
last-modified: Sat, 24 Aug 2019 16:08:35 GMT
vary: Accept-Encoding
etag: W/"5d616103-aa08"
content-encoding: gzip

Redirect headers

status: 302
server: nginx
date: Wed, 28 Aug 2019 12:11:35 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/5.6.40
location: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
vary: User-Agent

GET
H2 200 presentation.css.jgz
webcdn2.cox.com/ui/presentation/tsw/css/ 83 KB
19 KB 49ms
9ms Stylesheet
text/css 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn2.cox.com/ui/presentation/tsw/css/presentation.css.jgz

Requested by

Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

9f0b30d6b17a030340876dea373213d646cb1aea79ad6d20a28f072248dc35df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:00:17 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22278
x-cache: Hit from cloudfront
status: 200
x-iinfo: 5-19466254-19466255 NNNN CT(0 0 0) RT(1566972017113 6) q(0 0 0 0) r(1 1) U5
content-length: 18607
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Wed, 14 Aug 2019 19:41:11 GMT
server: Apache
content-type: text/css
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: 1RsX9NBP8CNuX7A5oa06LBQSXNTXULRvbboz0_1iIlYzdRRlaLL3Bg==

GET
H2 200 all.css.jgz
webcdn2.cox.com/ui/5_0/tsw/css/ 152 KB
34 KB 54ms
15ms Stylesheet
text/css 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn2.cox.com/ui/5_0/tsw/css/all.css.jgz

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

e2b11cf7484d9d2eb9beeae5c2cae436b9cb0d8818385dd37a7c2455cd5915dd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:00:18 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22277
x-cache: Hit from cloudfront
status: 200
x-iinfo: 10-8686053-8686054 NNNN CT(0 0 0) RT(1566972017491 2) q(0 0 0 0) r(1 1) U5
content-length: 34619
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Thu, 15 Aug 2019 18:20:54 GMT
server: Apache
content-type: text/css
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: NzrV2bH5rIrmoJx1KPARsA3pmGMUDLWc_6LrU2z0JjP_TAuArxNP3g==

GET
H2 200 residential.css.jgz
webcdn2.cox.com/ui/5_0/tsw/css/ 20 KB
5 KB 64ms
25ms Stylesheet
text/css 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn2.cox.com/ui/5_0/tsw/css/residential.css.jgz

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

0bcff9c79b38becab79117a976e563986fa4f7cdeefb12b9e38b70c0cf8250be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:00:18 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22277
x-cache: Hit from cloudfront
status: 200
x-iinfo: 14-41095234-41095235 NNNN CT(0 0 0) RT(1566972017471 2) q(0 0 0 0) r(1 1) U5
content-length: 4812
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Thu, 15 Aug 2019 18:20:54 GMT
server: Apache
content-type: text/css
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: DcqHA9HnepHjX0WTGq5Xt23djvkTNF65vt_EjHcA6ydqp6q-3EWIHg==

GET
H2 200 rebrand.css.jgz
webcdn3.cox.com/ui/presentation/tsw/css/ 0
601 B 50ms
8ms Stylesheet
text/css 13.35.253.72
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn3.cox.com/ui/presentation/tsw/css/rebrand.css.jgz

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.72 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-72.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:00:16 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22279
x-cache: Hit from cloudfront
status: 200
x-iinfo: 5-18024788-18024791 NNNN CT(0 0 0) RT(1566972015665 1) q(0 0 0 0) r(1 1) U5
content-length: 20
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Wed, 14 Aug 2019 19:41:11 GMT
server: Apache
content-type: text/css
via: 1.1 d3039ad83798b26ecb9f9f1e666afe27.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: uB3GkZSRDTpn0eQGyK-sMOI3m0LhUJzG7ECkxcaTxQAaiaiCzZMM6w==

GET
H2 200 jquery.js.jgz Show response
webcdn2.cox.com/ui/5_0/tsw/js/ 235 KB
85 KB 71ms
32ms Script
text/javascript 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn2.cox.com/ui/5_0/tsw/js/jquery.js.jgz

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

d1d05e599f94582eb6c8d853fc2e93118ae92f919a0df5c88b320e16e7b6ec9f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:00:17 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22278
x-cache: Hit from cloudfront
status: 200
x-iinfo: 13-24667989-24667990 NNNN CT(0 0 0) RT(1566972017141 6) q(0 0 0 0) r(1 1) U5
content-length: 86401
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Thu, 15 Aug 2019 18:20:54 GMT
server: Apache
content-type: text/javascript
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: 4zP7QZ3-r3eG-LUIulpLZhQgRvdR6_teMWr51gvBDQ3M9fKPnz8KhA==

GET
H2 200 lib.js.jgz Show response
webcdn2.cox.com/ui/5_0/tsw/js/ 369 KB
124 KB 65ms
26ms Script
text/javascript 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn2.cox.com/ui/5_0/tsw/js/lib.js.jgz

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

2fe8c2b4fed251b1c1a7043632725d317e2a465363d1ecb09d1d68a9987b7f41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:00:18 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22277
x-cache: Hit from cloudfront
status: 200
x-iinfo: 6-6776629-6776630 NNNN CT(0 0 0) RT(1566972018350 6) q(0 0 0 0) r(1 1) U5
content-length: 126605
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Thu, 15 Aug 2019 18:20:54 GMT
server: Apache
content-type: text/javascript
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: INN-6-KUU1glp21WlY16IJBIt-8idAeVfVkadtvxkbptA_rnH98f2g==

GET
H2 200 cox.js.jgz Show response
webcdn2.cox.com/ui/5_0/tsw/js/ 214 KB
61 KB 60ms
21ms Script
text/javascript 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

6f482f655ad977ac289c3b4ef584935eb345cddae3f1db33da9f978ef751b021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:00:18 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22277
x-cache: Hit from cloudfront
status: 200
x-iinfo: 13-30771754-30771755 NNNN CT(0 0 0) RT(1566972017481 2) q(0 0 0 0) r(1 1) U5
content-length: 62075
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Thu, 15 Aug 2019 18:20:54 GMT
server: Apache
content-type: text/javascript
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: v35WmoOTM3eN56mLehSksYzB1ZVBXU8nmexNjJMD8sa4cFV4glzCEQ==

GET
H2 200 adobestack.js Show response
webcdn.cox.com/content/dam/cox/apps/common/scripts/prod/ 125 KB
43 KB 51ms
12ms Script
text/javascript 13.35.253.52
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn.cox.com/content/dam/cox/apps/common/scripts/prod/adobestack.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.52 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-52.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

92cd3665cbfbcce8f46826e22831c8ab5f01bef83055807ca68cb8578f4ccfd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 05:55:26 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22569
x-cache: Hit from cloudfront
status: 200
x-iinfo: 5-19424551-19424552 NNNN CT(113 215 0) RT(1566971726402 6) q(0 0 3 0) r(4 4) U5
content-length: 43247
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Wed, 28 Aug 2019 05:55:02 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cache-control: max-age=172800, public
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: 8puGaUlC7y-b1_wz8YvCDYMj3g5us-LQL7RO3s1vhNJvYTjPSkgFpw==
expires: Thu, 29 Aug 2019 05:55:26 GMT

GET
H/1.1 200
OK bmi.segments.js Show response
static-segments.beringmedia.com/dfp/1/ 2 KB
1 KB 420ms
92ms Script
application/javascript 65.98.66.50
FortressITX

General

Check archive.org

Show headers Download Go to

Full URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.98.66.50 Secaucus, United States, ASN25653 (FORTRESSITX - FortressITX, US),
Reverse DNS
Software: Apache/2.2.22 (Ubuntu) /
Resource Hash: 5f632169d9c8fe955fca916748d4f9206815a0196a0c4f954eaa9fa8c4f0e726

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:35 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Oct 2014 19:19:01 GMT
Server: Apache/2.2.22 (Ubuntu)
ETag: "3211ba-870-504757d36e911"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 923

GET
H2 200 OpenSans-Regular-webfont.woff
webcdn2.cox.com/ui/presentation/tsw/css/fonts/ 22 KB
23 KB 30ms
13ms Font
application/octet-stream 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn2.cox.com/ui/presentation/tsw/css/fonts/OpenSans-Regular-webfont.woff

Requested by

Host: webcdn2.cox.com
URL: https://webcdn2.cox.com/ui/5_0/tsw/js/jquery.js.jgz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: cors
Referer: https://webcdn2.cox.com/ui/presentation/tsw/css/presentation.css.jgz
Origin: https://cappadociaballoonflight.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 05:55:36 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22559
x-cache: Hit from cloudfront
status: 200
x-iinfo: 13-24607416-24607421 NNNN CT(0 0 0) RT(1566971736186 5) q(0 0 0 0) r(2 2) U5
content-length: 22558
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
access-control-allow-origin: *
last-modified: Wed, 14 Aug 2019 19:40:31 GMT
server: Apache
vary: Accept-Encoding
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: DZfQlS-qXFlEeaPWPuqsO8KEa-WaY7Z3HSLTqL3MH-oVpzELroR5Bg==

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 171 KB
39 KB 176ms
154ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (lab/4F84) /
Resource Hash: 4778c0f2bb962bf245b08b3a42c0d56b4fcf47759d13321e75cf0c5509407537

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:35 GMT
content-encoding: gzip
last-modified: Wed, 28 Aug 2019 00:30:08 GMT
server: ECAcc (lab/4F84)
etag: "163748225"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=300
accept-ranges: bytes
content-length: 40111
expires: Wed, 28 Aug 2019 12:16:35 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1566994295766
https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1566994295766

6 KB
3 KB

37ms
36ms

XHR
application/json

3.248.26.129
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1566994295766
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.26.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-248-26-129.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 7b749bfa9df4f18757625053ca003bfe82d036a0b320e97a5661cbdde8ce4379

Request headers

Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v041-0138a41e7.edge-irl1.demdex.com 5.58.1.20190812093348 5ms (+1ms)
Pragma: no-cache
Content-Encoding: gzip
X-TID: wggd9gIEQT8=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://cappadociaballoonflight.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1821
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Access-Control-Allow-Origin: https://cappadociaballoonflight.com
X-TID: TZoPN667T/8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&d_nsid=0&ts=1566994295766
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cox_logo.png
webcdn2.cox.com/ui/presentation/tsw/img/ 2 KB
2 KB 7ms
7ms Image
image/png 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webcdn2.cox.com/ui/presentation/tsw/img/cox_logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

d60826499153bf6fcb4e8a8809d3b10d737cf4990ee4a0c8d796af7d5c0a9175

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://webcdn2.cox.com/ui/presentation/tsw/css/presentation.css.jgz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 05:57:00 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-cdn: Incapsula
age: 22475
x-cache: Hit from cloudfront
status: 200
x-iinfo: 11-13947875-13947877 NNNN CT(0 0 0) RT(1566971819117 4) q(0 0 0 0) r(1 1) U5
content-length: 1865
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Wed, 14 Aug 2019 19:40:31 GMT
server: Apache
content-type: image/png
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: jtUWeS6NX22LeeTt72iZmFCmprMp7beUE1KULkwgQOO91q4wSrdGLA==

GET
H2 200 general_login_hero.jpg
webcdn.cox.com/content/dam/cox/residential/images/general/ 41 KB
42 KB 9ms
9ms Image
image/jpeg 13.35.253.52
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webcdn.cox.com/content/dam/cox/residential/images/general/general_login_hero.jpg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.52 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-52.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

8b154bc50d5bac034e7d805645580b9531ba916f9f0fbdeb21962fb810798aab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:02:22 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
x-cdn: Incapsula
age: 22153
x-cache: Hit from cloudfront
status: 200
x-iinfo: 14-41138628-41138629 NNNN CT(0 0 0) RT(1566972141796 4) q(0 0 0 0) r(1 1) U5
content-length: 41964
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Wed, 21 Aug 2019 12:39:58 GMT
server: Apache
content-type: image/jpeg
cache-control: max-age=172800, public
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: PuWbVM1qnSDLhFBHUMlVb2fMa3cpzUz7lVgV3Uc6ECD-jjfz5ojLiQ==
expires: Thu, 29 Aug 2019 06:02:22 GMT

GET
H2 200 form-fields.png
webcdn2.cox.com/ui/5_0/tsw/img/global/ 36 KB
37 KB 8ms
7ms Image
image/png 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webcdn2.cox.com/ui/5_0/tsw/img/global/form-fields.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

d088ca48a987af6cf468f6a183b39babdeb1282cc84784c08bb8514d836127ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://webcdn2.cox.com/ui/5_0/tsw/css/residential.css.jgz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:00:17 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-cdn: Incapsula
age: 22278
x-cache: Hit from cloudfront
status: 200
x-iinfo: 14-41094794-41094796 NNNN CT(105 218 0) RT(1566972016250 2) q(0 0 3 0) r(4 4) U5
content-length: 37284
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Thu, 15 Aug 2019 18:19:22 GMT
server: Apache
content-type: image/png
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: FYbVzvcm1FE34gaJWeGzlBIrgYmoz7BLHGsCoA9I72VwyXWvw3l30w==

GET
H2 200 loading-bluebg.gif
webcdn2.cox.com/ui/5_0/tsw/img/global/ 3 KB
4 KB 8ms
8ms Image
image/gif 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webcdn2.cox.com/ui/5_0/tsw/img/global/loading-bluebg.gif

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

62d2d7724aac0d9d97492320c5ea8707f9532f78c17acfb7d690fd76ce119704

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://webcdn2.cox.com/ui/5_0/tsw/css/residential.css.jgz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:02:23 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-cdn: Incapsula
age: 22152
x-cache: Hit from cloudfront
status: 200
x-iinfo: 12-15468526-15468529 NNNN CT(0 0 0) RT(1566972143206 5) q(0 0 0 0) r(1 1) U5
content-length: 3555
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Thu, 15 Aug 2019 18:19:22 GMT
server: Apache
content-type: image/gif
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: A5oyAE0Ucz00DReU52E4RpVBqX4W7oCEn2gZkIxSROCwH-mX74rfUA==

GET
H2 200 lock.png
webcdn2.cox.com/ui/5_0/tsw/img/global/icons/ 1 KB
2 KB 9ms
8ms Image
image/png 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webcdn2.cox.com/ui/5_0/tsw/img/global/icons/lock.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

cb3cd619e56a7b12cba0f5e98ae57ce8ce87f4c9fbe30fe190bd59520209331f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 06:00:17 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
x-cdn: Incapsula
age: 22278
x-cache: Hit from cloudfront
status: 200
x-iinfo: 13-24667983-24667984 NNNN CT(0 0 0) RT(1566972017114 6) q(0 0 0 0) r(1 1) U5
content-length: 1530
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Thu, 15 Aug 2019 18:19:22 GMT
server: Apache
content-type: image/png
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: V1SBTYM5qrsfueKqSqzdYwJvv36IAuvpwKsQeuTpNhm4ztSLKwWYMw==

GET
H2 200 OpenSans-Semibold-webfont.woff
webcdn2.cox.com/ui/presentation/tsw/css/fonts/ 24 KB
25 KB 9ms
8ms Font
application/octet-stream 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn2.cox.com/ui/presentation/tsw/css/fonts/OpenSans-Semibold-webfont.woff

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

cca13a043d768c596be1f3e6410e2fc05872542c9cdca6485d19584b2a0aae1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: cors
Referer: https://webcdn2.cox.com/ui/presentation/tsw/css/presentation.css.jgz
Origin: https://cappadociaballoonflight.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 05:57:00 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22475
x-cache: Hit from cloudfront
status: 200
x-iinfo: 13-30718546-30718547 NNNN CT(0 0 0) RT(1566971818997 1) q(0 0 0 0) r(2 2) U5
content-length: 24814
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
access-control-allow-origin: *
last-modified: Wed, 14 Aug 2019 19:40:31 GMT
server: Apache
vary: Accept-Encoding
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: 7DwCFSDAKEze6u1ZEK0Lig3ngK8BWSVXniqKdEcudqnGkj8vhsiOrg==

GET
H/1.1 200
OK Cookie set dest5.html
cox.demdex.net/ Frame D0B7 0
0 155ms
32ms Document
text/html 63.35.240.22
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://cox.demdex.net/dest5.html?d_nsid=0
Requested by: Host: webcdn.cox.com
URL: https://webcdn.cox.com/content/dam/cox/apps/common/scripts/prod/adobestack.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-35-240-22.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: cox.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Accept-Encoding: gzip, deflate, br
Cookie: demdex=67861194783764170123551213388813710760
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Tue, 13 Aug 2019 08:59:26 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=67861194783764170123551213388813710760;Path=/;Domain=.demdex.net;Expires=Mon, 24-Feb-2020 12:11:35 GMT;Max-Age=15552000
Vary: Accept-Encoding, User-Agent
X-TID: Vb1lqtYQSNc=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1 200
OK id Show response
smetrics.cox.com/ 49 B
702 B 119ms
23ms XHR
application/x-javascript 185.34.188.196
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.cox.com/id?d_visid_ver=3.3.0&d_fieldgroup=A&mcorgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&mid=67996764814141322103546619679674073774&ts=1566994295844

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.34.188.196 , Netherlands, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

cox.com.ssl.sc.omtrdc.net

Software

Omniture DC /

Resource Hash

70db23c2bb789490708851c69500b49d91ce4580d48ae5913295746d08a90418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Wed, 28 Aug 2019 12:11:35 GMT
X-Content-Type-Options: nosniff
Server: Omniture DC
xserver: www298
Vary: Origin
X-C: ms-6.9.1
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: https://cappadociaballoonflight.com
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15
Content-Length: 49
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XWZvdwAAE0HFITx0
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=67861194783764170123551213388813710760
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XWZvdwAAE0HFITx0

42 B
776 B

37ms
36ms

Image
image/gif

3.248.26.129
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XWZvdwAAE0HFITx0
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.248.26.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-248-26-129.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v041-08553435d.edge-irl1.demdex.com 5.58.1.20190812093348 3ms (+1ms)
Pragma: no-cache
X-TID: TkwQSN1ZRMU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 28 Aug 2019 12:11:35 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XWZvdwAAE0HFITx0
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 json Show response
target.cox.com/m2/coxcommunications/mbox/ 537 B
804 B 323ms
173ms XHR
application/json 66.117.23.121
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://target.cox.com/m2/coxcommunications/mbox/json?mbox=target-global-mbox&mboxSession=21fd32f7f91b4116a438b4b22ae92928&mboxPC=&mboxPage=8926e2027da549fba968878e745bad35&mboxRid=cd060d32ac4143cd9c422cccb004ffed&mboxVersion=1.6.4&mboxCount=1&mboxTime=1567001495775&mboxHost=cappadociaballoonflight.com&mboxURL=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&mboxReferrer=&browserHeight=1200&browserWidth=1600&browserTimeOffset=120&screenHeight=1200&screenWidth=1600&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&signedIn=loggedout&profile.zipCode=&profile.businessUnit=res%3Amyaccount&profile.displaytype=desktop&mboxMCSDID=77A9CC8FEB7B75E3-33EBCCCCB27EB036&vst.trk=metrics.cox.com&vst.trks=smetrics.cox.com&mboxMCGVID=67996764814141322103546619679674073774&mboxAAMB=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&mboxMCGLH=6
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 66.117.23.121 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
Software: /
Resource Hash: 754fe491cf9ab11e1467cbd01be84ff7cafc0c1d9707ae387a331bdc2eef954a

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:35 GMT
status: 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://cappadociaballoonflight.com
cache-control: no-cache
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 537
x-request-id: cd060d32ac4143cd9c422cccb004ffed

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 40 KB
13 KB 36ms
14ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

485bf250acef233a906a3026cae439fe87191d6a25c84bfcd4e767b99b442fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "262 / 801 of 1000 / last-modified: 1566934938"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12678
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:36 GMT

GET
H/1.1 200
OK 1 Show response
pub-segments.beringmedia.com/js/ 42 B
220 B 377ms
89ms Script
application/x-javascript 65.98.66.39
FortressITX

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-segments.beringmedia.com/js/1?pool=52ac4a92-fb84-4f60-a518-13cd6da99f3d&requestId=43078637342&callback=bmi.segments.setSegments
Requested by: Host: static-segments.beringmedia.com
URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.98.66.39 Secaucus, United States, ASN25653 (FORTRESSITX - FortressITX, US),
Reverse DNS
Software: Apache/2.4.4 (Unix) OpenSSL/1.0.1 /
Resource Hash: 9f3d12412ca79a35eae10ffb8ec50cf5f6081d9f8439224a540507ba16a3c90f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:36 GMT
Server: Apache/2.4.4 (Unix) OpenSSL/1.0.1
Connection: close
Content-Length: 42
Content-Type: application/x-javascript

GET
H2 200 presentation-core.js.jgz Show response
webcdn2.cox.com/ui/presentation/tsw/js/ 71 KB
21 KB 11ms
8ms Script
text/javascript 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn2.cox.com/ui/presentation/tsw/js/presentation-core.js.jgz

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

d944950244b6702d41cb72634014bba316e509056d12acc2fa3793b94692022f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 05:55:28 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22568
x-cache: Hit from cloudfront
status: 200
x-iinfo: 11-13939520-13939522 NNNN CT(0 0 0) RT(1566971727292 1) q(0 0 0 0) r(2 2) U5
content-length: 20550
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
last-modified: Wed, 14 Aug 2019 19:41:11 GMT
server: Apache
content-type: text/javascript
via: 1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: vqgXHFXpulQAVT63ouw1PQH8jr5GpCPJWjAe92U086rcxFZ_F700Ow==

GET
H2 404 _Incapsula_Resource
cappadociaballoonflight.com/ 0
0 24ms
21ms Script
text/html 89.163.146.53
MYLOC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cappadociaballoonflight.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=153552307
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.163.146.53 Langenargen, Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS: lokman.kebirhost.com
Software: nginx /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=iso-8859-1

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
139 B 7ms
7ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=cox/main/201908280029&cb=1566994296122
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
last-modified: Thu, 14 Apr 2016 16:59:33 GMT
server: ECAcc (frc/8FA5)
etag: "2243872957"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 28 Aug 2019 12:21:36 GMT

GET
H2 200 utag.422.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 142 KB
42 KB 17ms
16ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.422.js?utv=ut4.39.201908280029
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F9D) /
Resource Hash: 2624268c4d03ae99b20440586e7f758e0a81b8d3a57e302976383554bae89e9b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
last-modified: Wed, 28 Aug 2019 00:30:08 GMT
server: ECAcc (frc/8F9D)
etag: "2107758263+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43409
expires: Thu, 12 Sep 2019 12:11:36 GMT

GET
H2 200 utag.357.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 21 KB
6 KB 12ms
11ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.357.js?utv=ut4.39.201908231917
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F6F) /
Resource Hash: 92a39d836ca4264d78d50cfe12f4250545014d2c634751a5612d3da14afbefb4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 12:35:47 GMT
server: ECAcc (frc/8F6F)
etag: "4177424442+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 5995
expires: Thu, 12 Sep 2019 12:11:36 GMT

GET
H2 200 utag.374.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 3 KB
1 KB 16ms
15ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.374.js?utv=ut4.39.201908231917
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F52) /
Resource Hash: 8cb65c65bd1643ea6a8b6b7c33bc8344204fd383d7dedc25ea7c2b3c3e8ce51f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 12:35:40 GMT
server: ECAcc (frc/8F52)
etag: "1650617846+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1202
expires: Thu, 12 Sep 2019 12:11:36 GMT

GET
H2 200 utag.58.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 4 KB
2 KB 12ms
11ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.58.js?utv=ut4.39.201908231917
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8F3D) /
Resource Hash: 4b3aefed91fd42657c4a7ed614748afceaf421c366e2239309e92e3e337d5016

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 12:35:40 GMT
server: ECAcc (frc/8F3D)
etag: "2667734499+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1517
expires: Thu, 12 Sep 2019 12:11:36 GMT

GET
H2 200 utag.21.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 5 KB
2 KB 13ms
12ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.21.js?utv=ut4.39.201908071740
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FB4) /
Resource Hash: 04f63df24ca9d33291f516edcd879cebdff7761f5f39aea400f6609d6ef3f30b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 12:35:43 GMT
server: ECAcc (frc/8FB4)
etag: "193090692"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1957
expires: Thu, 12 Sep 2019 12:11:36 GMT

GET
H2 200 utag.437.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 3 KB
1 KB 19ms
18ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.437.js?utv=ut4.39.201908221242
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FAB) /
Resource Hash: 3dbd82b454ef90b9dfe250bb2cd00c611291f082815aae834e5f219644b98b8e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 12:35:48 GMT
server: ECAcc (frc/8FAB)
etag: "1002597540"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1327
expires: Thu, 12 Sep 2019 12:11:36 GMT

GET
H2 200 utag.461.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 4 KB
2 KB 13ms
12ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.461.js?utv=ut4.39.201908231917
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8E90) /
Resource Hash: c9aa5cb06f800fc2440e958420bd4eb8a8ddb0700c1078464dbdf6e063283874

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
last-modified: Fri, 02 Aug 2019 12:35:40 GMT
server: ECAcc (frc/8E90)
etag: "790781156+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 1796
expires: Thu, 12 Sep 2019 12:11:36 GMT

GET
H2 200 utag.741.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 25 KB
6 KB 13ms
12ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.741.js?utv=ut4.39.201908280029
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FCB) /
Resource Hash: a85ad2391acdea2c61fb3240ea08fb64f386ff15753cf6c5941990f495c323d1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
last-modified: Mon, 26 Aug 2019 16:14:42 GMT
server: ECAcc (frc/8FCB)
etag: "3238934336+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 6477
expires: Thu, 12 Sep 2019 12:11:36 GMT

GET
H2 200 utag.353.js Show response
tags.tiqcdn.com/utag/cox/main/prod/ 39 KB
9 KB 13ms
13ms Script
text/javascript 152.199.23.241
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.353.js?utv=ut4.39.201908261614
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FCE) /
Resource Hash: 430e25fb5f2d131216a1a4746dfc97feec7be10537a8351655549c94f09d4fdd

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
last-modified: Mon, 26 Aug 2019 16:14:42 GMT
server: ECAcc (frc/8FCE)
etag: "235522443+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 8872
expires: Thu, 12 Sep 2019 12:11:36 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 18ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cappadociaballoonflight.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 19ms
17ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cappadociaballoonflight.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019082201.js Show response
securepubads.g.doubleclick.net/gpt/ 158 KB
58 KB 17ms
15ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

f8e8baebac4f64ee22208b08a36fa7bb4996b541e95b03f978e7318bf2c8b362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 13:08:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59542
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 68 KB
26 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-139134705-4

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.741.js?utv=ut4.39.201908280029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d650e22295f4983fc603d547b5a46a849c0590367253ec90727f94056be7056e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26577
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:36 GMT

GET
H/1.1 200
OK s28723197387713 Show response
smetrics.cox.com/b/ss/cox-avalanche-prod/10/JS-2.10.0/ 6 KB
7 KB 60ms
60ms Script
application/x-javascript 185.34.188.196
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.cox.com/b/ss/cox-avalanche-prod/10/JS-2.10.0/s28723197387713?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=28%2F7%2F2019%2014%3A11%3A36%203%20-120&d.&nsid=0&jsonv=1&.d&sdid=77A9CC8FEB7B75E3-33EBCCCCB27EB036&mid=67996764814141322103546619679674073774&aamlh=6&ce=UTF-8&pageName=cox%3Ares%3Amyaccount%3Asign-in&g=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d8&c.&visitorAPI=3.3.0&.c&ch=cox%3Ares%3Amyaccount&server=cappadociaballoonflight.com&events=event47&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v1=signin%3Apage&h1=cox%3Ares%3Amyaccount&l1=&c2=regular&h2=f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e&c3=res%3Amyaccount&c4=signin%3Apage&c5=unknown%3Aunknown%3Aloggedout%3Aunknown&v6=unknown%3Aunknown%3Aloggedout%3Aunknown&c7=cox%3Ares%3Amyaccount&c8=myaccount&v11=8%3A11%20AM%7CWednesday&c12=en&c16=%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html&c21=587&c23=myaccount&c25=web&v25=08%2F28%2F2019&c28=cox%3Ares&c38=cox%3Ares%3Amyaccount%3Asign-in&c40=unknown%3Aunknown&v40=desktop&v41=cox%3Ares%3Amyaccount&v42=unknown%3Aunknown&v46=cox%3Ares%3Amyaccount%3Asign-in&c75=v04112019%7C2.10.0%7C3.3.0&v75=67996764814141322103546619679674073774&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=42330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&mcorgid=8C6767C25245AD1A0A490D4C%40AdobeOrg&AQE=1

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.422.js?utv=ut4.39.201908280029

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.34.188.196 , Netherlands, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

cox.com.ssl.sc.omtrdc.net

Software

Omniture DC /

Resource Hash

ee783891d878c38f9a9bec5cbf0eea6f8b05df8c9f066b1b851f9c8eb241c6df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-AAM-TID: Yp5sD9gjTmc=
Date: Wed, 28 Aug 2019 12:11:36 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.9.1
P3P: CP="This is not a P3P policy"
Connection: Keep-Alive
Content-Length: 6193
X-XSS-Protection: 1; mode=block
DCS: dcs-prod-irl1-v041-02b1a1641.edge-irl1.demdex.com 5.58.1.20190812093348 9ms (+0ms)
Pragma: no-cache
Last-Modified: Thu, 29 Aug 2019 12:11:36 GMT
Server: Omniture DC
xserver: www285
ETag: "3365094627256369152-5607686506102667385"
Vary: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Keep-Alive: timeout=15
Expires: Tue, 27 Aug 2019 12:11:36 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 4 KB
2 KB 201ms
201ms XHR
text/plain 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3520114693062613&correlator=307445864274629&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21064477&vrg=2019082201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190828&iu=%2F131%2Fnational.cox.com&sz=300x250&cust_params=pg%3Dcox%253Ares%253Amyaccount%253Asign-in%26rg%3Dnational%26brg%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1566662915&dt=1566994296197&dlt=1566994295615&idt=570&frm=20&biw=1600&bih=1200&oid=2&adx=-12245933&ady=-12245933&adk=3506349148&uci=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&dssz=33&icsg=222101348810920&std=17&vis=1&dmc=8&scr_x=0&scr_y=0&psz=319x0&msz=300x250&blev=1&bisch=1&ga_vid=1102974345.1566994296&ga_sid=1566994296&ga_hid=1415170603&fws=128&ohw=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

08f8ac40f8ed43271e7312bf60e42e084889fbd2fa9b3109c15203bea36f3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2136
x-xss-protection: 0
google-lineitem-id: 4896642387
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138257815311
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cappadociaballoonflight.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082201.js Show response
securepubads.g.doubleclick.net/gpt/ 66 KB
25 KB 16ms
16ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

ccbea8a338b25c0159e3a49102ab661a444cb412c152da0744c52584b2e43a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 13:08:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25400
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:36 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-139134705-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 5282
date: Wed, 28 Aug 2019 10:43:34 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Wed, 28 Aug 2019 12:43:34 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1415170603&t=pageview&_s=1&dl=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&ul=en-us&de=UTF-8&dt=Sign%20In%20to%20Your%20Cox%20Account%20%7C%20Cox%20Communications&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=oChACUABB~&jid=1382864815&gjid=378154865&cid=1102974345.1566994296&tid=UA-139134705-4&_gid=2093548408.1566994296&_r=1&cd1=cox%3Ares%3Amyaccount%3Asign-in&cd2=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&cd3=myaccount&cd4=res%3Amyaccount&cd5=desktop&cd9=myaccount&cd10=unknown&cd12=loggedout&cg1=myaccount&cg2=res%3Amyaccount&gtm=2ou8e1&z=1326887123

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pw.js Show response
cdn.includemodal.com/ Frame 4E1E 86 KB
32 KB 71ms
11ms Script
application/javascript 2610:1c8:c::1
NuCDN LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.includemodal.com/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082201.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2610:1c8:c::1 , United States, ASN23393 (NUCDN - NuCDN LLC, US),
Reverse DNS
Software: BelugaCDN/v2.44.11 /
Resource Hash: 23f5157322dc3efc70d6dc4ee69f31a0d086f1f379f56afb41f7b4fb01631221

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-amz-request-id: F71CF12B1E044233
status: 200
x-beluga-response-time: 0 ms
x-beluga-status: 003
x-amz-id-2: 0xF8jhs2MtMH6FhOEgwIHGo08GcPCW+27pz87bU7qng5voPm/Qm8B1aMYZLg8pA5qncVxoyHqIQ=
x-beluga-record: f23cbb3b8aaf3294e1348ebe519b0f5b0e441346
last-modified: Wed, 14 Aug 2019 16:31:51 GMT
server: BelugaCDN/v2.44.11
etag: W/"301271d26c80c849205e6ffc078767bc"
content-type: application/javascript
x-beluga-node: 31
x-beluga-trace: 62725ba2-e3ba-4f50-a1c7-ed2d4b9d477b
x-beluga-response-time-x: 0.002 sec

GET
H2 200 view Show response
securepubads.g.doubleclick.net/pcs/ Frame 4E1E 0
251 B 20ms
18ms Fetch
image/gif 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6CX5P9HfS0NQUcCgqkAW6SkOFr2RrBRhGvFGReJUfqjPrdZF9j1BzcA9aK9-mhCFz7UV_PXmnc78jIZvJdlVLO-kKahbJh62Sjt3gWaaH5I4MIgTFbz_dUstgeKAtHtvfbSAO6OCZfJVrCOPsYecxRVeUXsJxUBhPUQpdJfe8xBUHsDCFQ6cQLm-a-Lp-v24VUU0L2hux_IrbtzcQBR2YxIhw7hWfjyIHXif7OuaxNswIVg7cNXwFBd2rL2GWYSjZQOuJNTcpko0IalLtYkfXYWL2_YeJbvvxzYjld4d9YcA&sai=AMfl-YTSwwRc9zArcnTbFmTKoFInujGkR5E79Tk11bkKc9wSOq94GmhnBN9Xvgrl2h5qj6bXfAvr4HaUk7Xy7sYP5576Ty2wS61-_Tav5H42EA&sig=Cg0ArKJSzHc3CyI_8-iwEAE&urlfix=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Aug 2019 12:11:36 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:36 GMT

GET
H2 200 unit.js Show response
yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/ Frame 4E1E 16 KB
5 KB 497ms
379ms Script
application/javascript 13.35.253.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/unit.js?cb=1566994296425
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-7.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38f29f630543bc211cc755e1ba34ffe9941325aeae93984ea6f34f6b39f070ab

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 27 Aug 2019 03:21:59 GMT
content-encoding: gzip
last-modified: Wed, 16 Jan 2019 21:15:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: 98-TqQZoIynDHXdkuiHQC1AdAXMM6zMwBUnGdbATvx7_jYECx6Lb6g==
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E1E 75 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d726fe9c929df177ce82c1bb81e6f4483f60dec0d68226bc3d5662a10570eef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1566818030648843"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28571
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:36 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
28 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

eb815c0a9dc0c022eebbaab88f1413f0ab1a49013a63b901ac6483fdd1dc3fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1566818030648843"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28402
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:36 GMT

GET
DATA 200
OK truncated
/ Frame 4E1E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b11a85a0d10327a9988404ae691733ca379c92ab203f02e628b153fb18689d1d

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8d27278a-bc6a-4df8-b8e5-6eb10ebf7221.js Show response
cdn3.includemodal.com/service/js/ Frame 4E1E 70 KB
28 KB 49ms
11ms XHR
application/javascript 2610:1c8:c::1
NuCDN LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.includemodal.com/service/js/8d27278a-bc6a-4df8-b8e5-6eb10ebf7221.js
Requested by: Host: cdn.includemodal.com
URL: https://cdn.includemodal.com/pw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2610:1c8:c::1 , United States, ASN23393 (NUCDN - NuCDN LLC, US),
Reverse DNS
Software: BelugaCDN/v2.44.11 /
Resource Hash: d773f3b84b76b086da1f7ef57c917769a1e02cffe83cae48a0e1283e828c2531

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-beluga-cache-status: Hit (1)
date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
server: BelugaCDN/v2.44.11
status: 200
access-control-max-age: 0
content-type: application/javascript
access-control-allow-origin: *
x-beluga-node: 31
x-beluga-response-time: 0 ms
x-beluga-status: 003
x-beluga-response-time-x: 0.003 sec
access-control-allow-headers: *
x-beluga-record: c8c8839d763111e65e177aa232e9be72beb1681b
x-beluga-trace: 6decba24-d0ab-4a4e-9f11-625d44a862fb

GET
H2 200 /
includemodal.com/service/imp/8d27278a-bc6a-4df8-b8e5-6eb10ebf7221/ Frame 4E1E 42 B
132 B 375ms
116ms Image
image/gif 18.221.42.182
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/8d27278a-bc6a-4df8-b8e5-6eb10ebf7221/?rand=5917180&referer=https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.221.42.182 Columbus, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-221-42-182.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 28 Aug 2019 12:11:36 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 200 nr-spa-1016.min.js Show response
js-agent.newrelic.com/ 30 KB
12 KB 24ms
7ms Script
application/javascript 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1016.min.js
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cfc2b3daab7b6021e5fabaeca15bfdae084cd750f56858a80fa2f030895df132

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-amz-request-id: 79736B6A9F0CC7C5
x-cache: HIT
status: 200
content-length: 11876
x-amz-id-2: +Y9GWLUnRUfK6OEvlhvn6rUdARe9QDpW+IqdSOte/qf1vrhkabCr6H9HazJbjQ1pXfV5vUcnTyo=
x-served-by: cache-hhn4037-HHN
last-modified: Wed, 28 Feb 2018 23:35:16 GMT
server: AmazonS3
x-timer: S1566994297.946081,VS0,VE0
etag: "41979e534922c31c7c78a95e672899b3"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 12

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 19ms
19ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.58.js?utv=ut4.39.201908231917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e186a0fd201610cf7cac9d2e6bf654ced94d1be3e546defc167a4cd480315c4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9166
x-xss-protection: 0
server: cafe
etag: 9427867564825067918
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 28 Aug 2019 12:11:36 GMT

GET
H/1.1 200
OK t.js Show response
dds6m601du5ji.cloudfront.net/vop/ 3 KB
2 KB 31ms
9ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://dds6m601du5ji.cloudfront.net/vop/t.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-75.fra6.r.cloudfront.net

Software

Resource Hash

d178c93d481320881c3751eb060baa1dfdf3410b39b16f76d7f9606691900878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sun, 25 Aug 2019 07:51:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 274818
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Jul 2019 17:39:14 GMT
X-Frame-Options: DENY
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
Cache-Control: public, max-age=604800
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: fVoBhNthCmpNk0hDJHcRa4rT3a1KIuMmx11Fj7J4a-usVQr-jcWNkw==

GET
H/1.1 200
OK vt-185.js Show response
vt.myvisualiq.net/2/imaZYXEYinwYRgWjIDIl3A%3D%3D/ 12 KB
4 KB 67ms
19ms Script
application/x-javascript 13.35.253.51
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://vt.myvisualiq.net/2/imaZYXEYinwYRgWjIDIl3A%3D%3D/vt-185.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.51 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-51.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 119a98044f6b7b179feb3ff32950ba7a93f16dbd81fc2b8ceaf908710a511402

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: ydsUDIqdDNVFAgMFzxy4ssZKM0OUZieD
Content-Encoding: gzip
Last-Modified: Fri, 16 Aug 2019 10:00:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Date: Wed, 28 Aug 2019 12:11:36 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: cbv7_EYkKH3ct5_pIEH5smHMYVqhxIXLKK8-V8qCn8oRu2agfZNy2w==

GET
H/1.1 200
OK cv-va.js Show response
cox.creativevirtual15.com/ 19 KB
6 KB 400ms
92ms Script
application/javascript 74.201.240.229
CenturyLink Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cox.creativevirtual15.com/cv-va.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.201.240.229 Bellevue, United States, ASN6640 (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications, LLC, US),
Reverse DNS: hosting2.srcnet.net
Software: / Express
Resource Hash: 862e67bae5f3fdf6213493f4269fef2e32f9c7fec7da4a20bc3f198f691b073b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:37 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 16:12:34 GMT
X-Powered-By: Express
ETag: W/"4a16-16b8a42ad50"
Vary: Origin
Content-Type: application/javascript
Access-Control-Expose-Headers: x-cv-tserverid
Cache-Control: public, max-age=0, private
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Transfer-Encoding: chunked

GET
H2 200 gateway.min.js Show response
gateway.foresee.com/sites/cox_communications/production/ 47 KB
13 KB 30ms
8ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/sites/cox_communications/production/gateway.min.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 2a5008b3654f3039bc94f37977d0902cc452fd3a1db9d6f62d536749d8e3015c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 08:57:02 GMT
content-encoding: gzip
age: 12534
x-cache: Hit from cloudfront
status: 200, 200
content-length: 12533
access-control-allow-origin: *
last-modified: Mon, 26 Aug 2019 12:28:52 GMT
server: nginx/1.12.1
etag: W/"4a9206d9bca3916e0941f215b3f0b78f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: cpufHSznwZwtT8ZJqBmuz2tKeKT5PSoKLe0wRfl1m68j9enhra3MhQ==
expires: Tue, 27 Aug 2019 08:30:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BDE4 5 KB
700 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,800

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/unit.js?cb=1566994296425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

ed5d6532e8419ae52b1994d1f177a554af7dd2507bd58193df8cb6e35186c129

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Wed, 28 Aug 2019 12:11:36 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Wed, 28 Aug 2019 12:11:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:36 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame BDE4 40 KB
12 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/unit.js?cb=1566994296425

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

485bf250acef233a906a3026cae439fe87191d6a25c84bfcd4e767b99b442fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "262 / 62 of 1000 / last-modified: 1566934938"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 12678
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:36 GMT

GET
H2 403 tag.js
lptag.liveperson.net/tag/ 0
0 143ms
63ms Script
text/plain 178.249.101.23
LivePerson

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=31922287
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/cox/main/prod/utag.357.js?utv=ut4.39.201908231917
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.101.23 , Netherlands, ASN11054 (LIVEPERSON - LivePerson, Inc., US),
Reverse DNS
Software: ws /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:37 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: text/plain
status: 403
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H/1.1 200
OK 55a0768cf0 Show response
bam.nr-data.net/1/ 57 B
261 B 470ms
118ms Script
text/javascript 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/55a0768cf0?a=34236891&sa=1&v=1016.8b58850&t=Unnamed%20Transaction&rst=1471&ref=https://cappadociaballoonflight.com/images/bayraklar/Sign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html&be=237&fe=1167&dc=349&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1566994295519,%22n%22:0,%22r%22:0,%22re%22:64,%22f%22:64,%22dn%22:64,%22dne%22:64,%22c%22:64,%22ce%22:64,%22rq%22:65,%22rp%22:94,%22rpe%22:94,%22dl%22:96,%22di%22:535,%22ds%22:535,%22de%22:587,%22dc%22:1404,%22l%22:1404,%22le%22:1438%7D,%22navigation%22:%7B%22rc%22:2%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-spa-1016.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H/1.1 200
OK wrap.js Show response
clarium.global.ssl.fastly.net/gpt/a/ Frame BDE4 60 KB
21 KB 29ms
9ms Script
application/x-javascript 151.101.113.194
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx /
Resource Hash: 8b7e9f5baa76fd0f683506e5008013ff32264c7ae97d72528bcd6a2650af57d5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:37 GMT
Content-Encoding: gzip
Age: 3337
X-Cache: HIT
Connection: keep-alive
Content-Length: 20884
X-Served-By: cache-hhn4050-HHN
Last-Modified: Fri, 23 Aug 2019 16:31:22 GMT
Server: nginx
X-Timer: S1566994297.171747,VS0,VE0
ETag: "5d6014da-f08b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
X-Cache-Hits: 114

GET
H2 200 iframe.js Show response
yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/ Frame BDE4 279 KB
88 KB 369ms
369ms Script
application/javascript 13.35.253.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/unit.js?cb=1566994296425
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-7.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90e82edc440a34c17a9945194ee98e7bd3de23d29fe0e1e50802fdfc9f57ae68

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 27 Aug 2019 13:55:28 GMT
content-encoding: gzip
last-modified: Wed, 16 Jan 2019 21:15:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: wj4jLzFseLVlzTf7QDN1hvyyVQz5f5bLUdgzd8NEa9Vw68bA3W4m8w==
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1034109468/ 3 KB
1 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1034109468/?random=1566994297190&cv=9&fst=1566994297190&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=ecomm_pagetype%3Dother%3Becomm_value%3D0&frm=0&url=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&tiba=Sign%20In%20to%20Your%20Cox%20Account%20%7C%20Cox%20Communications&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a7334b0ebaa124a0db7b3c84fd262bce90f97d77736d370da39ae0437c9a4375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 1070
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame BDE4 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cappadociaballoonflight.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Aug 2019 12:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BDE4 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cappadociaballoonflight.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Aug 2019 12:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019082201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BDE4 158 KB
58 KB 15ms
14ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

f8e8baebac4f64ee22208b08a36fa7bb4996b541e95b03f978e7318bf2c8b362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 13:08:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 59542
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:37 GMT

GET
H/1.1

200

j Show response
s-vop.sundaysky.com/t/v1/ Frame 5D39
Redirect Chain

https://s-vop.sundaysky.com/t/v1/j?a=cox&ap=1&m=uui&pb=f&sp=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Commun...
https://s-vop.sundaysky.com/t/v1/j?a=cox&ap=1&m=uui&pb=f&sp=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Commun...

622 B
2 KB

98ms
98ms

Script
application/javascript

52.72.26.83
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://s-vop.sundaysky.com/t/v1/j?a=cox&ap=1&m=uui&pb=f&sp=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&cb=1209443917&udt=~segment/visitor;~pn/cox:res:myaccount:sign-in;~bu/res:myaccount&_cvt=t&timestamp=1566994297573&nonce=tud6ehtlgk6d8erec5ms5fijbt&signature=b552c3c9459176bfd672013ff1f04c62eb9c8d58

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.72.26.83 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-72-26-83.compute-1.amazonaws.com

Software

Resource Hash

0ba181c810c29fa7b81b3b011859dabb62152bf8f5559ab4717e55476f1d7a4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Aug 2019 12:11:37 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
Cache-control: private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Type: application/javascript;charset=UTF-8
Content-Length: 622
X-XSS-Protection: 1; mode=block
Expires: Sat, 1 Apr 2000 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Aug 2019 12:11:37 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
Location: https://s-vop.sundaysky.com/t/v1/j?a=cox&ap=1&m=uui&pb=f&sp=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&cb=1209443917&udt=~segment/visitor;~pn/cox:res:myaccount:sign-in;~bu/res:myaccount&_cvt=t&timestamp=1566994297573&nonce=tud6ehtlgk6d8erec5ms5fijbt&signature=b552c3c9459176bfd672013ff1f04c62eb9c8d58
Cache-control: private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Sat, 1 Apr 2000 00:00:00 GMT

GET
H2 200 fs.feedback.js Show response
gateway.foresee.com/code/19.9.3/ 36 KB
11 KB 8ms
8ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.9.3/fs.feedback.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/cox_communications/production/gateway.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: de98d824e8a4a7b0344d5082e1fbafa724b65a9d713703d48dee602da8226d78

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 13 Aug 2019 13:28:58 GMT
content-encoding: gzip
age: 1291370
x-cache: Hit from cloudfront
status: 200, 200
content-length: 10944
access-control-allow-origin: *
last-modified: Sat, 15 Jun 2019 00:08:19 GMT
server: nginx/1.12.1
etag: W/"c57114ec9818e610008938b0a45be5a3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 2PjkNgrWtYmDrH67JsyO8v064L0e6pTUzppbujYcH42VO-TLTqN1ew==
expires: Tue, 13 Aug 2019 13:28:47 GMT

GET
H2 200 fs.survey.js Show response
gateway.foresee.com/code/19.9.3/ 21 KB
7 KB 13ms
13ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.9.3/fs.survey.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/cox_communications/production/gateway.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 9c9977af1dd952c0471a17afcc44bf1e6856231a2918212cff75dcd9d4b6e38c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 14 Aug 2019 18:53:03 GMT
content-encoding: gzip
age: 1185522
x-cache: Hit from cloudfront
status: 200, 200
content-length: 6734
access-control-allow-origin: *
last-modified: Sat, 15 Jun 2019 00:08:19 GMT
server: nginx/1.12.1
etag: W/"2c78d3ea50efc2adcf2057330a3eca2a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: 2_wmVtnT_xnI9PIRn6HGfdR3wHE-SX3iAS0rl1IjsAV8twO2PpAmEg==
expires: Wed, 14 Aug 2019 18:52:55 GMT

GET
H2 200 fs.record.js Show response
gateway.foresee.com/code/19.9.3/ 56 KB
18 KB 15ms
14ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.9.3/fs.record.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/cox_communications/production/gateway.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b77838344d2f8869945d319eb759f863d94d5096772bab69cec6433c18b0fbd4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 25 Aug 2019 22:10:53 GMT
content-encoding: gzip
age: 302477
x-cache: Hit from cloudfront
status: 200, 200
content-length: 18235
access-control-allow-origin: *
last-modified: Sat, 15 Jun 2019 00:08:20 GMT
server: nginx/1.12.1
etag: W/"4b56d7193456666b9fc076b5889d7fd9"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: tYnv1SULLol_9oHmJiyj4BxE8347ACQjswxqX9npU9O_9cDFap-KxQ==
expires: Sun, 22 Sep 2019 00:10:20 GMT

GET
H2 200 fs.trigger.js Show response
gateway.foresee.com/code/19.9.3/ 32 KB
11 KB 16ms
16ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.9.3/fs.trigger.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/cox_communications/production/gateway.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 97f23fc6d315897b43063900b0b73a28619652b6982e4e1982a5c7bb9b7bbf73

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 12 Aug 2019 05:55:23 GMT
content-encoding: gzip
age: 1404975
x-cache: Hit from cloudfront
status: 200, 200
content-length: 10885
access-control-allow-origin: *
last-modified: Sat, 15 Jun 2019 00:08:19 GMT
server: nginx/1.12.1
etag: W/"0a4cfe578dca6aabfd682a098e8deb93"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: Gg8OlHsMQp_bSy42bqaRFb6EIpaYk9ghB06cZuk_SZOAw7oKkMuKDA==
expires: Mon, 15 Jul 2019 05:55:22 GMT

GET
H2 200 fs.utils.js Show response
gateway.foresee.com/code/19.9.3/ 75 KB
27 KB 19ms
19ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.9.3/fs.utils.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/sites/cox_communications/production/gateway.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: f99f709f553830c3487a2bc417f76c3e4a3a4160b39d1bff3711f8df7f4fbb50

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 12 Aug 2019 05:55:23 GMT
content-encoding: gzip
age: 1404975
x-cache: Hit from cloudfront
status: 200, 200
content-length: 26782
access-control-allow-origin: *
last-modified: Sat, 15 Jun 2019 00:08:20 GMT
server: nginx/1.12.1
etag: W/"8c9c9b590ca17726ff80a2f6b4f4750c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: NL0VfaJgnvWBzMQ_xUOcUk0xLVq2cPyMR-hrZAVFTc_P9ADu-aMnFw==
expires: Mon, 15 Jul 2019 05:55:22 GMT

GET
H/1.1

200
OK

sync
t.myvisualiq.net/
Redirect Chain

https://tapestry.tapad.com/tapestry/1?ta_partner_id=950&ta_redirect=https%3A%2F%2Ft.myvisualiq.net%2Fsync%3Fprid%3D1001%26ao%3D0%26pruuid%3DTAPAD_%24%7BIDS%3Akey%7D
https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_fc0c4de1-c98c-11e9-a4e0-6e6670d703d6

43 B
300 B

8ms
8ms

Image
image/gif

3.120.86.4
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_fc0c4de1-c98c-11e9-a4e0-6e6670d703d6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.86.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-120-86-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Wed, 28 Aug 2019 12:11:37 GMT
via: 1.1 google
server: Jetty(8.1.13.v20130916)
status: 302
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://t.myvisualiq.net/sync?prid=1001&ao=0&pruuid=TAPAD_fc0c4de1-c98c-11e9-a4e0-6e6670d703d6
alt-svc: clear
content-length: 0

GET
H2

200

tr
www.facebook.com/
Redirect Chain

https://t.myvisualiq.net/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D472848526381719%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=123&ao=0&red=https%3A%2F%2Fwww.facebook.com%2Ftr%3Fid%3D472848526381719%26ev%3DPageView%26cd%5Border_id%5D%3D%24%7BUUID%7D
https://www.facebook.com/tr?id=472848526381719&ev=PageView&cd[order_id]=4d4b778a-d06b-4c73-b1b6-16999346f516

44 B
250 B

6ms
6ms

Image
image/gif

2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=472848526381719&ev=PageView&cd[order_id]=4d4b778a-d06b-4c73-b1b6-16999346f516

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 28 Aug 2019 12:11:37 GMT

Redirect headers

Location: https://www.facebook.com/tr?id=472848526381719&ev=PageView&cd[order_id]=4d4b778a-d06b-4c73-b1b6-16999346f516
Date: Wed, 28 Aug 2019 12:11:37 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
www.google.com/pagead/1p-user-list/1034109468/ 42 B
122 B 20ms
20ms Image
image/gif 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1034109468/?random=1566994297190&cv=9&fst=1566993600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_pagetype%3Dother%3Becomm_value%3D0&frm=0&url=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&tiba=Sign%20In%20to%20Your%20Cox%20Account%20%7C%20Cox%20Communications&async=1&fmt=3&is_vtc=1&random=2052454758&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/1034109468/ 42 B
110 B 23ms
23ms Image
image/gif 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1034109468/?random=1566994297190&cv=9&fst=1566993600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=ecomm_pagetype%3Dother%3Becomm_value%3D0&frm=0&url=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&tiba=Sign%20In%20to%20Your%20Cox%20Account%20%7C%20Cox%20Communications&async=1&fmt=3&is_vtc=1&random=2052454758&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK b28230de-73b4-45f6-966c-231277c09fb0 Show response
brain.foresee.com/state/cox_communications/ 20 B
439 B 727ms
183ms XHR
application/json 52.24.184.162
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://brain.foresee.com/state/cox_communications/b28230de-73b4-45f6-966c-231277c09fb0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.184.162 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-24-184-162.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

8923de470b0e49b233e56242f3388768dc538928ac3e171a5e6d34ff5b6a822b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 28 Aug 2019 12:11:37 GMT
Server: nginx/1.12.1
User-Hash: f5152e07b53d9a94fd14dd8fe0cf84a451b73c9c
Brain-Server-Version: 1.9.0
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
App-Info: brain 1.9.0
Content-Type: application/json; charset=UTF-8
Content-Length: 20
X-XSS-Protection: 0
Expires: -1

GET
H/1.1 200
OK settings=cox Show response
cox.creativevirtual15.com/ 15 KB
5 KB 94ms
93ms XHR
application/json 74.201.240.229
CenturyLink Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cox.creativevirtual15.com/settings=cox?siteID=undefined
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.201.240.229 Bellevue, United States, ASN6640 (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications, LLC, US),
Reverse DNS: hosting2.srcnet.net
Software: / Express
Resource Hash: 453503a14e152a83e85c3111b4b2d6f269e72d09cd9ebb85d18916ac86758fd9

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:37 GMT
Content-Encoding: gzip
ETag: W/"3d05-KWTWKjgb3BZ6+ekb9l+2/g"
X-Powered-By: Express
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://cappadociaballoonflight.com
Access-Control-Expose-Headers: x-cv-tserverid
Access-Control-Allow-Credentials: true
Transfer-Encoding: chunked

POST
H/1.1 200
OK 55a0768cf0 Show response
bam.nr-data.net/events/1/ 24 B
194 B 117ms
116ms XHR
image/gif 162.247.242.19
New Relic

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/55a0768cf0?a=34236891&sa=1&v=1016.8b58850&t=Unnamed%20Transaction&rst=1958&ref=https://cappadociaballoonflight.com/images/bayraklar/Sign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.19 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS: bam-7.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://cappadociaballoonflight.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H/1.1 200
OK require.js Show response
cox.creativevirtual15.com/js/ 14 KB
7 KB 98ms
97ms Script
application/javascript 74.201.240.229
CenturyLink Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cox.creativevirtual15.com/js/require.js
Requested by: Host: cox.creativevirtual15.com
URL: https://cox.creativevirtual15.com/cv-va.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.201.240.229 Bellevue, United States, ASN6640 (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications, LLC, US),
Reverse DNS: hosting2.srcnet.net
Software: / Express
Resource Hash: 5983039c149960c5aaf52d585b61f3a312c5c9c409ec0f9269c395b49c2fb6bf

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:37 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 May 2019 09:31:06 GMT
X-Powered-By: Express
ETag: W/"3924-16a91a1df90"
Vary: Origin
Content-Type: application/javascript
Access-Control-Expose-Headers: x-cv-tserverid
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Transfer-Encoding: chunked

GET
H2 200 action.json Show response
yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/js/ Frame BDE4 2 B
450 B 393ms
378ms XHR
application/json 13.35.253.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/js/action.json?ac=IMPRESSION&fp=714c7dd6bf2260d2cd19fd3b744726b8&a=%7B%7D&ts=1566994297622&tba=0&et=0&furl=https%3A%2F%2Fapi.deezer.com%2Fplaylist%2F1313621735%2Ftracks%3Flimit%3D100%26output%3Djsonp&dd=0&vi=true&vd=0&sid=01e145b4-b340-4ca4-494c-d051c8106c6d&cb=1566994297622&hr=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&hn=cappadociaballoonflight.com&pl=
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-7.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 28 Aug 2019 12:11:38 GMT
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
status: 200
content-length: 2
last-modified: Wed, 16 Jan 2019 21:15:35 GMT
server: AmazonS3
etag: "d751713988987e9331980363e24189ce"
access-control-max-age: 60
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: FFnIskyXlUESVjl364Qg1oxEzifjZfxsD08XOF3PXQjvx8knw_mJkA==

GET
H/1.1 200
OK tracks Show response
api.deezer.com/playlist/1313621735/ Frame BDE4 179 KB
20 KB 223ms
156ms Script
text/javascript 185.60.92.32
IGUANESOLUTIONS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.deezer.com/playlist/1313621735/tracks?limit=100&output=jsonp&callback=jQuery21401112483381898739_1566994297540&_=1566994297541
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.60.92.32 Paris, France, ASN39605 (IGUANESOLUTIONS, FR),
Reverse DNS: ig1-vipwfilter-01.ig-1.net
Software: Apache /
Resource Hash: 18013f93c2f185993879df23f996ed5d76c9f8151dcdc1d28f4c3f14f32bd52b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml" CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
X-Host: blm-web-17
Content-Type: text/javascript; charset=utf-8
Content-Length: 20188

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4E1E 42 B
112 B 27ms
26ms Image
image/gif 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssP89p2hwlUFs90O6B7fZCMgBhfBAOJghCgldG1msws_0nzZu8lUaaOpqkbs2iDwS4ONkeNBU_R3kslahUIffm8wYAPzPrmGu6fIQ5bu_g&sig=Cg0ArKJSzNC1acuGdAbZEAE&adk=3506349148&tt=780&bs=1600%2C1200&mtos=1356,1356,1356,1356,1356&tos=1356,0,0,0,0&p=450,889.984375,700,1189.984375&mcvt=1356&rs=3&ht=0&tfs=162&tls=1518&mc=1&lte=1&bas=0&bac=0&met=0&avms=nio&niot_obs=7&niot_cbk=13&md=2&rst=1566994296425&rpt=130&isd=0&msd=0&lm=2&oseid=2&xdi=0&ps=1600%2C945&ss=1600%2C1200&pt=738&bin=1&deb=1-1-1-4-10-12-11-9-0-0-0&tvt=1510&r=v&id=osdim&vs=4&uc=10&upc=1&tgt=DIV&cl=1&cec=1&clc=1&cac=1&cd=0x0&itpl=19&v=20190826

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame BDE4 24 B
488 B 60ms
17ms XHR
application/json 72.251.249.13
Internap Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_1.27.0
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET - Internap Corporation, US),
Reverse DNS
Software: nginx /
Resource Hash: 67a77ce3aa9682bf9e569e63fa12ef12d17d91af11412cfdb8976452d6f764f5

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 28 Aug 2019 12:11:38 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://cappadociaballoonflight.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame BDE4 0
124 B 350ms
322ms XHR
text/plain 185.64.189.112
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Wed, 28 Aug 2019 12:11:38 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://cappadociaballoonflight.com

GET
H2 200 arj Show response
gift-connect-d.openx.net/w/1.0/ Frame BDE4 173 B
383 B 57ms
40ms XHR
application/json 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://gift-connect-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fcappadociaballoonflight.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_2.1.4&dddid=161efe76-a36b-4f37-9c06-f835470019c0&nocache=1566994297989&aus=300x250&divIds=div-gpt-ad-3717743883622-0&auid=540457910&
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.160.0 /
Resource Hash: 4088d728973a02015c90643832d6f9fc89072011137883b0888b37561df2cf69

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:38 GMT
via: 1.1 google
server: OXGW/16.160.0
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://cappadociaballoonflight.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 173
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

ADTECH;apid=1Afc9331fc-c98c-11e9-878a-122675b00be4;cfp=1;rndc=1566994297;v=2;cmd=bid;cors=yes;alias=12334025697a6d6;misc=1566994297990 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10947.1/5010049/0/0/ Frame BDE4
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10947.1/5010049/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=12334025697a6d6;misc=1566994297990;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10947.1/5010049/0/0/ADTECH;cfp=1;rndc=1566994297;v=2;cmd=bid;cors=yes;alias=12334025697a6d6;misc=1566994297990
https://adserver-us.adtech.advertising.com/pubapi/3.0/10947.1/5010049/0/0/ADTECH;apid=1Afc9331fc-c98c-11e9-878a-122675b00be4;cfp=1;rndc=1566994297;v=2;cmd=bid;cors=yes;alias=12334025697a6d6;misc=15...

276 B
416 B

111ms
110ms

XHR
application/json

152.199.22.24
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10947.1/5010049/0/0/ADTECH;apid=1Afc9331fc-c98c-11e9-878a-122675b00be4;cfp=1;rndc=1566994297;v=2;cmd=bid;cors=yes;alias=12334025697a6d6;misc=1566994297990
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 905ac6d7e8e2b72ca4576179a822dc9eea49eac70548f705ba80c4130fe0ccd9

Request headers

Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:38 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://cappadociaballoonflight.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 276
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:38 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10947.1/5010049/0/0/ADTECH;apid=1Afc9331fc-c98c-11e9-878a-122675b00be4;cfp=1;rndc=1566994297;v=2;cmd=bid;cors=yes;alias=12334025697a6d6;misc=1566994297990
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://cappadociaballoonflight.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BDE4 145 B
1 KB 57ms
28ms XHR
application/json 185.33.223.216
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.216 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

601d70807d207ccaf2cff4548406b1a453a40d0c7f2ec8b8b3aa112ed4a505c0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 28 Aug 2019 12:11:40 GMT
X-Proxy-Origin: 185.151.58.114; 185.151.58.114; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.73:80
AN-X-Request-Uuid: 0a202b9b-62a4-4043-bfcd-712f686b8086
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://cappadociaballoonflight.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK app.js Show response
cox.creativevirtual15.com/js/ 618 KB
196 KB 96ms
96ms Script
application/javascript 74.201.240.229
CenturyLink Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cox.creativevirtual15.com/js/app.js
Requested by: Host: cox.creativevirtual15.com
URL: https://cox.creativevirtual15.com/js/require.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.201.240.229 Bellevue, United States, ASN6640 (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications, LLC, US),
Reverse DNS: hosting2.srcnet.net
Software: / Express
Resource Hash: 8cd25846974f0a1f4f2c619f9971c22fa7c96234baf302ae3c0b0a0d8b7ffeee

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 24 Jun 2019 16:12:34 GMT
X-Powered-By: Express
ETag: W/"9a783-16b8a42ad50"
Vary: Origin
Content-Type: application/javascript
Access-Control-Expose-Headers: x-cv-tserverid
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Transfer-Encoding: chunked

GET
H2 200 main.css
gateway.foresee.com/code/19.9.3/templates/feedback/default/ 60 KB
8 KB 8ms
8ms Stylesheet
text/css 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.9.3/templates/feedback/default/main.css
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/code/19.9.3/fs.utils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: b6d3ae6548de0a38decadd9abe0f25c1f9bf407639d82998fd309ed22e00f93e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 21 Aug 2019 18:38:04 GMT
content-encoding: gzip
age: 581615
x-cache: Hit from cloudfront
status: 200, 200
content-length: 7567
access-control-allow-origin: *
last-modified: Sat, 15 Jun 2019 00:08:20 GMT
server: nginx/1.12.1
etag: "d1ca12c7f8ad59898d2417d27f98b428"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: PZxDtv8J091i7DiyyerwNhTXeYm4NVM1PDsAYOx9jtdk-jcJIM6HkA==
expires: Wed, 18 Sep 2019 18:38:04 GMT

GET
H2 200 badge___html.js Show response
gateway.foresee.com/code/19.9.3/templates/feedback/default/ 4 KB
2 KB 13ms
12ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.9.3/templates/feedback/default/badge___html.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/code/19.9.3/fs.utils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 0335a388804cf45db37240dc505a63dddc63d04e8038e810c0d8ca7c121d5d5b

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 15 Aug 2019 00:35:22 GMT
content-encoding: gzip
age: 1165040
x-cache: Hit from cloudfront
status: 200, 200
content-length: 1756
access-control-allow-origin: *
last-modified: Sat, 15 Jun 2019 00:08:19 GMT
server: nginx/1.12.1
etag: W/"e31e0b76098526d4dd092afe6c4d7f0c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: xtOAFyyJjFSvJTskw6iX_wOqXyxMYRcM6tKW1RhuPb93-eJyHLH1nA==
expires: Thu, 15 Aug 2019 00:34:17 GMT

GET
H2 200 serviceunavailable___html.js Show response
gateway.foresee.com/code/19.9.3/templates/feedback/default/ 797 B
991 B 13ms
13ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.9.3/templates/feedback/default/serviceunavailable___html.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/code/19.9.3/fs.utils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 4fb96c2d81a511582bdd94b32bb125bcfc2da606812a7b85a60937faa89de094

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 21 Aug 2019 18:38:03 GMT
content-encoding: gzip
age: 581616
x-cache: Hit from cloudfront
status: 200, 200
content-length: 471
access-control-allow-origin: *
last-modified: Sat, 15 Jun 2019 00:08:19 GMT
server: nginx/1.12.1
etag: W/"cd2054c131cf85e98076a4361514e77c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: B2sAdjAkAnKhOhwGZcQ77JxpYaXMWDSyeUk6tp5fJI_pXONk83iyXQ==
expires: Wed, 24 Jul 2019 18:38:01 GMT

GET
H2 200 epilogue___html.js Show response
gateway.foresee.com/code/19.9.3/templates/feedback/default/ 2 KB
2 KB 13ms
12ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.9.3/templates/feedback/default/epilogue___html.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/code/19.9.3/fs.utils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: ca8ebecaab799226d366aa5605a1dc71c9579376cbd82642ca09c2d11e3827ca

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 12 Aug 2019 16:12:22 GMT
content-encoding: gzip
age: 1367956
x-cache: Hit from cloudfront
status: 200, 200
content-length: 1017
access-control-allow-origin: *
last-modified: Sat, 15 Jun 2019 00:08:19 GMT
server: nginx/1.12.1
etag: "8b6b35c255e69d6b04ab6ba40bf2054e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: ncO9tK6zS3bE643_AMclL826IcwmDwK2v4IhlvOH0sR3r5KO5fNpJA==
expires: Mon, 09 Sep 2019 16:12:22 GMT

GET
H2 200 surveycontents___html.js Show response
gateway.foresee.com/code/19.9.3/templates/feedback/default/ 12 KB
4 KB 13ms
13ms Script
application/javascript 13.35.253.75
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://gateway.foresee.com/code/19.9.3/templates/feedback/default/surveycontents___html.js
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/code/19.9.3/fs.utils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.35.253.75 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-35-253-75.fra6.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: e05e3eac9e3072cc2d9cc030c1eeed9da2b959c5bcacbde8d453d91d3151b6fe

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 21 Aug 2019 18:38:03 GMT
content-encoding: gzip
age: 581616
x-cache: Hit from cloudfront
status: 200, 200
content-length: 3488
access-control-allow-origin: *
last-modified: Sat, 15 Jun 2019 00:08:20 GMT
server: nginx/1.12.1
etag: W/"52b8549f384404a1a7986769f12a13a8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
cache-control: public, max-age=2419200
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: X-Requested-With
x-amz-cf-id: fuPrDiLgDQUGiBBlMVWBm2JLjK4yPamdvjGLWljizWmg90asP-mPfA==
expires: Wed, 24 Jul 2019 18:38:01 GMT

POST
H/1.1 200
OK b28230de-73b4-45f6-966c-231277c09fb0 Show response
brain.foresee.com/state/cox_communications/ 894 B
1 KB 176ms
176ms XHR
application/json 52.24.184.162
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://brain.foresee.com/state/cox_communications/b28230de-73b4-45f6-966c-231277c09fb0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.184.162 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-24-184-162.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

4beb3473d3f364d67a53ebefe22bfeece19d16d4d1c3bbd38c716b6c6ea24c71

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 28 Aug 2019 12:11:38 GMT
Server: nginx/1.12.1
User-Hash: f5152e07b53d9a94fd14dd8fe0cf84a451b73c9c
Brain-Server-Version: 1.9.0
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
App-Info: brain 1.9.0
Content-Type: application/json; charset=UTF-8
Content-Length: 894
X-XSS-Protection: 0
Expires: -1

GET
BLOB 200
OK b4b20439-8faf-4090-a33f-7c04d3539493
https://cappadociaballoonflight.com/ 40 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cappadociaballoonflight.com/b4b20439-8faf-4090-a33f-7c04d3539493
Requested by: Host: gateway.foresee.com
URL: https://gateway.foresee.com/code/19.9.3/fs.record.js
Protocol: BLOB
Security: , ,
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20d20ffa19c989097da7ed60c8faac9cd822a22f127b74c5ecbbaafc88e36443

Request headers

Sec-Fetch-Mode: same-origin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 41431
Content-Type: application/javascript

GET
H/1.1 200
OK 1 Show response
pub-segments.beringmedia.com/js/feedback/ 0
177 B 271ms
90ms Script
application/x-javascript 65.98.66.39
FortressITX

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-segments.beringmedia.com/js/feedback/1?pool=52ac4a92-fb84-4f60-a518-13cd6da99f3d&requestId=43078637342&requestTimeMs=383&success=1
Requested by: Host: static-segments.beringmedia.com
URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 65.98.66.39 Secaucus, United States, ASN25653 (FORTRESSITX - FortressITX, US),
Reverse DNS
Software: Apache/2.4.4 (Unix) OpenSSL/1.0.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:38 GMT
Server: Apache/2.4.4 (Unix) OpenSSL/1.0.1
Connection: close
Content-Length: 0
Content-Type: application/x-javascript

GET
H/1.1

200

google-adx
vop.sundaysky.com/sync/ Frame 5D39
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=sundaysky&cb=1019291082&v=1.0.0&google_cm&google_sc&google_hm=WkRYeDhjZCt1cjFEWkxoeU13VkZjbUh5
https://vop.sundaysky.com/sync/google-adx?cb=1019291082&v=1.0.0&google_gid=CAESEHCSYZGLWsDDDaGf_XUaa50&google_cver=1

43 B
1 KB

103ms
95ms

Image
image/gif

3.85.58.247
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vop.sundaysky.com/sync/google-adx?cb=1019291082&v=1.0.0&google_gid=CAESEHCSYZGLWsDDDaGf_XUaa50&google_cver=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.85.58.247 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-85-58-247.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Aug 2019 12:11:37 GMT
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
Cache-control: private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 1; mode=block
Expires: Sat, 1 Apr 2000 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:38 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://vop.sundaysky.com/sync/google-adx?cb=1019291082&v=1.0.0&google_gid=CAESEHCSYZGLWsDDDaGf_XUaa50&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame 5D39 43 B
1014 B 14ms
14ms Image
image/gif 185.33.223.216
AppNexus

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=437&code=d5.f1f1c77ebabd4364b8723305457261f2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.216 , Netherlands, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

312.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Aug 2019 12:11:40 GMT
X-Proxy-Origin: 185.151.58.114; 185.151.58.114; 312.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.246:80
AN-X-Request-Uuid: 83ffabf1-0d86-4a11-816b-cccd7b655fd3
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 5D39 42 B
371 B 22ms
12ms Image
image/gif 69.173.144.136
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=544732&nid=5464&put=d5.f1f1c77ebabd4364b8723305457261f2&expires=360
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.136 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Aug 2019 12:11:37 GMT
Server: Rubicon Project
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
X-RPHost: kXa8tVK3WWW75eUa31MZHQ
Expires: 0

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 5D39 43 B
109 B 18ms
18ms Image
image/gif 34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=540290843&val=d5.f1f1c77ebabd4364b8723305457261f2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.160.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:38 GMT
via: 1.1 google
server: OXGW/16.160.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BDE4 18 KB
5 KB 109ms
109ms XHR
text/plain 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1643908834766925&correlator=3907743988174704&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062415%2C21062452%2C21063967%2C21064476&vrg=2019082201&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20190828&iu_parts=133810016%2CCoxMedia%2Cmyconnectioncox-5538-cnsmbl-audio-300x250-slider-dr-d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=rfsh%3D1%26invw%3Dtrue%26rfshtime%3D8&eri=1&cookie=ID%3Dd7244685bfde090d%3AT%3D1566994296%3AS%3DALNI_MYqwMw2UBGSRweTI66sXmdqath-mQ&cdm=cappadociaballoonflight.com&bc=31&abxe=1&lmt=1566994298&dt=1566994298345&dlt=1566994296960&idt=279&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=890&adys=450&adks=2730098356&ucis=78aeop5910gn&ifi=1&ifk=2060785705&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&top=https%3A%2F%2Fcappadociaballoonflight.com%2Fimages%2Fbayraklar%2FSign%2520In%2520to%2520Your%2520Cox%2520Account%2520_%2520Cox%2520Communications.html%3Ff2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1&dssz=9&icsg=2690&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&blev=1&bisch=1&ga_vid=1102974345.1566994296&ga_sid=1566994298&ga_hid=875654096&fws=260&ohw=300

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ae9953529456b61b634b7279f426f305fd9d83921ef34475fc05a8f535846eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 5097
x-xss-protection: 0
google-lineitem-id: 4830327750
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138247483759
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cappadociaballoonflight.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019082201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BDE4 66 KB
25 KB 16ms
15ms Script
text/javascript 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019082201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

ccbea8a338b25c0159e3a49102ab661a444cb412c152da0744c52584b2e43a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 12:11:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 13:08:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 25400
x-xss-protection: 0
expires: Wed, 28 Aug 2019 12:11:38 GMT

GET container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ Frame BDE4 0
0

POST
H/1.1 200
OK events Show response
analytics.foresee.com/ingest/ 44 B
532 B 102ms
102ms XHR
application/json 52.202.9.160
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.foresee.com/ingest/events

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.202.9.160 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-202-9-160.compute-1.amazonaws.com

Software

nginx/1.15.2 /

Resource Hash

5b0bd6db5dc4714868a5e5a0c844bc9fb9222d9e43a0a843850f56f808950360

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Request-API-Version: 1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 28 Aug 2019 12:11:38 GMT
Via: 1.1 linkerd, 1.1 linkerd
Brain-Server-Version: 1.9.2
l5d-success-class: 1.0
Connection: keep-alive
App-Info: fsevents 1.9.2
content-encoding: gzip
Content-Length: 60
X-XSS-Protection: 0
Pragma: no-cache
Server: nginx/1.15.2
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate
Keep-Alive: timeout=65
Expires: -1

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011908222134250/ Frame BDE4 21 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011908222134250/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3da6481108ca51980924c55b71433d67b6ed254077ded6752364816607de135b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "b2794da42f0cb84c"
age: 407390
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 7431
x-xss-protection: 0
server: sffe
date: Fri, 23 Aug 2019 19:01:48 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 22 Aug 2020 19:01:48 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011908222134250/ Frame 15C1 254 KB
69 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011908222134250/amp4ads-v0.js

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b5c8b45c41367f8dec46fc71c343aac7b8b90f3e6a7f59325ee5d36d81c22c6b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "3471588e883c9c02"
age: 280673
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 71029
x-xss-protection: 0
server: sffe
date: Sun, 25 Aug 2019 06:13:45 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Mon, 24 Aug 2020 06:13:45 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011908222134250/v0/ Frame 15C1 150 KB
40 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011908222134250/v0/amp-analytics-0.1.js

Requested by

Host: clarium.global.ssl.fastly.net
URL: https://clarium.global.ssl.fastly.net/gpt/a/wrap.js?v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

882b4ce906e19c02a9d4f93fcab140e85d3907ea517609d62e9d350d25124282

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "bb4adbab03df1f0e"
age: 405638
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 40920
x-xss-protection: 0
server: sffe
date: Fri, 23 Aug 2019 19:31:00 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 22 Aug 2020 19:31:00 GMT

GET
DATA 200
OK truncated
/ Frame 15C1 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e4e7991f615fdf3d2bc249a58126cdda3713d693db14d20afa5f4a399678dc9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4897237252248376912
tpc.googlesyndication.com/simgad/ Frame 15C1 35 KB
35 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:815::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4897237252248376912

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

63981207c9dfa31a91486f8e6e0607184a0e350ea34c8451760177c1c95a67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 22 Aug 2019 23:31:43 GMT
x-content-type-options: nosniff
age: 477595
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35926
x-xss-protection: 0
last-modified: Thu, 18 Oct 2018 04:10:46 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Aug 2020 23:31:43 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 15C1 0
63 B 19ms
19ms Image
image/gif 172.217.16.194
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWJKBUGw919GbJ1AvxqlAY9MiyvSnWVEZ-uJjzOveSF3n7zymnlBGZd07epAHXLkh5XzI8MuaXbAoInuzM9LVsFYTRWooK9l3xWG8MGfImCTGyWbsaeFX5nUI7MVOEtrJulwjswnTm-g9FdJHIcIajdyFc7MiCnnVHXHXVGhxQ0IjKtu1RaraAKTcRcWFObRyji3vSsz4iuK3vuCz6vUoK0afzkzrRWe7HjJfo8srHTOuXpZdtg1yr1mK9BflcaT2heP9SjlhGmeRKgf8biUSlQqqXj62HKk5mBOvAjPoYqjajfPUyqlXhc-dHreCfqREJk3hxLlJ8I9-0eRQYMZafM-Mriw&sig=Cg0ArKJSzL111MkHp1AVEAE&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Aug 2019 12:11:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H2 204 l
www.google.com/ads/measurement/ Frame 15C1 0
0 14ms
13ms Image
text/html 2a00:1450:4001:81d::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRvoLxv45l2LKEeYMXFSTFKAyqM4DTV8Wbm0V62imOqWx1QTeT-1MaSaZsPQr3ALypz1usnEzEEuWp6JW8SokpbYES6Lw
Requested by: Host: cappadociaballoonflight.com
URL: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011908222134250/ 21 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011908222134250/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019082201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3da6481108ca51980924c55b71433d67b6ed254077ded6752364816607de135b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "b2794da42f0cb84c"
age: 407390
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 7431
x-xss-protection: 0
server: sffe
date: Fri, 23 Aug 2019 19:01:48 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 22 Aug 2020 19:01:48 GMT

POST
H/1.1 200
OK b28230de-73b4-45f6-966c-231277c09fb0 Show response
brain.foresee.com/state/cox_communications/ 2 KB
2 KB 175ms
175ms XHR
application/json 52.24.184.162
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://brain.foresee.com/state/cox_communications/b28230de-73b4-45f6-966c-231277c09fb0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.184.162 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-24-184-162.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

fd39d9cbff7eeab01fef8defdf96537f6bd629ef091d6777f3db913f18976946

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 28 Aug 2019 12:11:38 GMT
Server: nginx/1.12.1
User-Hash: f5152e07b53d9a94fd14dd8fe0cf84a451b73c9c
Brain-Server-Version: 1.9.0
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
App-Info: brain 1.9.0
Content-Type: application/json; charset=UTF-8
Content-Length: 1778
X-XSS-Protection: 0
Expires: -1

GET
H/1.1 200
OK storage-hub.html
cox.creativevirtual15.com/ Frame CD3D 0
0 93ms
92ms Document
text/html 74.201.240.229
CenturyLink Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cox.creativevirtual15.com/storage-hub.html
Requested by: Host: cox.creativevirtual15.com
URL: https://cox.creativevirtual15.com/js/app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.201.240.229 Bellevue, United States, ASN6640 (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications, LLC, US),
Reverse DNS: hosting2.srcnet.net
Software: / Express
Resource Hash

Request headers

Host: cox.creativevirtual15.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Accept-Encoding: gzip, deflate, br
Cookie: NSERVERID=ny2_node_cox
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1

Response headers

X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: x-cv-tserverid
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 07 May 2019 09:31:08 GMT
ETag: W/"15c-16a91a1e760"
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 Aug 2019 12:11:38 GMT
Transfer-Encoding: chunked
Content-Encoding: gzip

GET
H/1.1 200
OK styles.css
cox.creativevirtual15.com/css/ 267 KB
50 KB 97ms
92ms Stylesheet
text/css 74.201.240.229
CenturyLink Commu...

General

Check archive.org

Show headers Download Go to

Full URL: https://cox.creativevirtual15.com/css/styles.css
Requested by: Host: cox.creativevirtual15.com
URL: https://cox.creativevirtual15.com/js/app.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 74.201.240.229 Bellevue, United States, ASN6640 (CENTURYLINK-TIER3-CLOUD - CenturyLink Communications, LLC, US),
Reverse DNS: hosting2.srcnet.net
Software: / Express
Resource Hash: 3729fc8239891354199fec6d94cb0dab2ce3e76d79435a9ef0020add80e5f919

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 28 Aug 2019 12:11:39 GMT
Content-Encoding: gzip
Last-Modified: Fri, 21 Jun 2019 13:01:32 GMT
X-Powered-By: Express
ETag: W/"42c58-16b7a20b3e0"
Vary: Origin
Content-Type: text/css; charset=UTF-8
Access-Control-Expose-Headers: x-cv-tserverid
Cache-Control: public, max-age=0
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Transfer-Encoding: chunked

POST
H/1.1 200
OK events Show response
analytics.foresee.com/ingest/ 44 B
532 B 99ms
98ms XHR
application/json 52.202.9.160
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.foresee.com/ingest/events

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.202.9.160 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-52-202-9-160.compute-1.amazonaws.com

Software

nginx/1.15.2 /

Resource Hash

5b0bd6db5dc4714868a5e5a0c844bc9fb9222d9e43a0a843850f56f808950360

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Request-API-Version: 1.0.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 28 Aug 2019 12:11:39 GMT
Via: 1.1 linkerd, 1.1 linkerd
Brain-Server-Version: 1.9.2
l5d-success-class: 1.0
Connection: keep-alive
App-Info: fsevents 1.9.2
content-encoding: gzip
Content-Length: 60
X-XSS-Protection: 0
Pragma: no-cache
Server: nginx/1.15.2
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate
Keep-Alive: timeout=65
Expires: -1

POST
H/1.1 200
OK b28230de-73b4-45f6-966c-231277c09fb0 Show response
brain.foresee.com/state/cox_communications/ 2 KB
2 KB 175ms
175ms XHR
application/json 52.24.184.162
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://brain.foresee.com/state/cox_communications/b28230de-73b4-45f6-966c-231277c09fb0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.184.162 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

ec2-52-24-184-162.us-west-2.compute.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

524e7834ab4cd09479f40e2bb3948f40684a44ac36145d95ced781dd117c26af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Wed, 28 Aug 2019 12:11:39 GMT
Server: nginx/1.12.1
User-Hash: f5152e07b53d9a94fd14dd8fe0cf84a451b73c9c
Brain-Server-Version: 1.9.0
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-store, must-revalidate
Connection: keep-alive
App-Info: brain 1.9.0
Content-Type: application/json; charset=UTF-8
Content-Length: 1831
X-XSS-Protection: 0
Expires: -1

GET
H2 200 OpenSans-Semibold-webfont.woff
webcdn2.cox.com/ui/presentation/tsw/css/fonts/ 24 KB
25 KB 13ms
13ms Font
application/octet-stream 13.35.253.56
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://webcdn2.cox.com/ui/presentation/tsw/css/fonts/OpenSans-Semibold-webfont.woff

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.35.253.56 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-13-35-253-56.fra6.r.cloudfront.net

Software

Apache /

Resource Hash

cca13a043d768c596be1f3e6410e2fc05872542c9cdca6485d19584b2a0aae1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .cox.net .cox.com .coxbusiness.com coxcommunications.experiencecloud.adobe.com .discovercoxonline.com
X-Xss-Protection	1

Request headers

Sec-Fetch-Mode: cors
Referer: https://cox.creativevirtual15.com/css/styles.css
Origin: https://cappadociaballoonflight.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 28 Aug 2019 05:57:00 GMT
content-encoding: gzip
x-cdn: Incapsula
age: 22479
x-cache: Hit from cloudfront
status: 200
x-iinfo: 13-30718546-30718547 NNNN CT(0 0 0) RT(1566971818997 1) q(0 0 0 0) r(2 2) U5
content-length: 24814
x-xss-protection: 1
x-ua-compatible: IE=edge
x-content-type: nosniff
access-control-allow-origin: *
last-modified: Wed, 14 Aug 2019 19:40:31 GMT
server: Apache
vary: Accept-Encoding
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
content-security-policy: frame-ancestors *.cox.net *.cox.com *.coxbusiness.com coxcommunications.experiencecloud.adobe.com *.discovercoxonline.com
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
x-amz-cf-id: y2IzDYiKwRcqiimT5PVreUaHNZ0tvb6n6AebkMaQQXMkBpZFry7eBQ==

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 15C1 42 B
112 B 26ms
26ms Image
image/gif 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYDQ4Bj4q2gx8V1DBJ1GvgPcl-hxG2Pwr0jGMaqNWMhB4uNc4n50fCchxnEH8bDm6bTwZPqiioq7N0suArfxyr4VwWP5Ykwmgn48WmKwo&sig=Cg0ArKJSzHfcUjDBhQCMEAE&id=ampim&o=890,450&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=34&tls=1034&g=100&h=100&pt=95&tt=1035&rpt=95&rst=1566994298463&r=v&adk=2730098356&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Aug 2019 12:11:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 4908
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=fd531c74-f5ed-4e60-8874-939fb2acafa1&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fd531c74-f5ed-4e60-8874-939fb2acafa1&gdpr=1

0
0

17ms
17ms

Document
text/html

34.95.120.147
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fd531c74-f5ed-4e60-8874-939fb2acafa1&gdpr=1
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.160.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=fd531c74-f5ed-4e60-8874-939fb2acafa1&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
accept-encoding: gzip, deflate, br
cookie: i=fce0a742-1be4-0632-3e13-dfd3fd1a4765|1566994301
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1

Response headers

status: 200
vary: Accept
set-cookie: i=fce0a742-1be4-0632-3e13-dfd3fd1a4765|1566994301; Version=1; Expires=Thu, 27-Aug-2020 12:11:41 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1566994301|mOgikimWiygu; Version=1; Expires=Thu, 12-Sep-2019 12:11:41 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.160.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 28 Aug 2019 12:11:41 GMT
content-type: text/html
content-length: 592
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=fce0a742-1be4-0632-3e13-dfd3fd1a4765|1566994301; Version=1; Expires=Thu, 27-Aug-2020 12:11:41 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.160.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=fd531c74-f5ed-4e60-8874-939fb2acafa1&gdpr=1
date: Wed, 28 Aug 2019 12:11:41 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 9380 0
0 27ms
7ms Document
text/html 2.18.232.130
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Server: nginx/1.9.13
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Thu, 27 Aug 2020 12:11:41 GMT
Date: Wed, 28 Aug 2019 12:11:41 GMT
Connection: keep-alive

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame 4E67 0
0 27ms
13ms Document
text/html 2.18.233.180
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: yummy.consumable.com
URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1

Response headers

Last-Modified: Fri, 26 Jul 2019 09:39:45 GMT
ETag: "13006b6-9bf6-58e925294ef26"
Server: Apache/2.2.15 (CentOS)
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14898
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=111580
Expires: Thu, 29 Aug 2019 19:11:21 GMT
Date: Wed, 28 Aug 2019 12:11:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 sync
pixel.advertising.com/ups/56465/ Frame BDE4 0
92 B 9ms
9ms Image
text/plain 52.29.20.136
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.20.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-29-20-136.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://cappadociaballoonflight.com/images/bayraklar/Sign%20In%20to%20Your%20Cox%20Account%20_%20Cox%20Communications.html?f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1f2d842330b4744669c46613a2291d1e1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Wed, 28 Aug 2019 12:11:41 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html?n=2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Cox (Telecommunication)

245 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cappadociaballoonflight.com/	1970-01-19 12:02:10	Name: utag_main Value: v_id:016cd8236c9d00024b0d16cb278200079017b07100b08$_sn:1$_ss:1$_pn:1%3Bexp-session$_st:1566996096955$ses_id:1566994295965%3Bexp-session$coxVisitorType:unknown%3Aunknown%3Aloggedout%3Aunknown$offer_origin:myaccount%3Bexp-session$_prevpage:cox%3Ares%3Amyaccount%3Asign-in%3Bexp-1566997896953$vapi_domain:cappadociaballoonflight.com$visitorLoginStatus:loggedout$offer_origin_cart_add:unknown%3Bexp-session$scid_referrer:0%3Bexp-session$offerOriginPage:cox%3Ares%3Amyaccount%3Asign-in%3Bexp-session$offerOriginModal:unknown%3Bexp-session$offerOriginAction:page%3Bexp-session
.cappadociaballoonflight.com/	1970-01-19 03:16:36	Name: mboxEdgeCluster Value: 26
.cappadociaballoonflight.com/	1970-01-19 03:16:34	Name: _gat_gtag_UA_139134705_4 Value: 1
.cappadociaballoonflight.com/	1970-01-19 20:47:46	Name: __gads Value: ID=d7244685bfde090d:T=1566994296:S=ALNI_MYqwMw2UBGSRweTI66sXmdqath-mQ
.cappadociaballoonflight.com/	1970-01-19 03:18:00	Name: _gid Value: GA1.2.2093548408.1566994296
.demdex.net/	1970-01-19 07:35:46	Name: demdex Value: 67861194783764170123551213388813710760
.cappadociaballoonflight.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.cappadociaballoonflight.com/	1970-01-19 20:47:46	Name: _ga Value: GA1.2.1102974345.1566994296
cappadociaballoonflight.com/	1969-12-31 23:59:59	Name: AMCVS_8C6767C25245AD1A0A490D4C%40AdobeOrg Value: 1
.cappadociaballoonflight.com/	1970-01-19 03:16:36	Name: gpv_v14 Value: cox%3Ares%3Amyaccount%3Asign-in
.cappadociaballoonflight.com/	1970-01-19 03:59:46	Name: aam_uuid Value: 67861194783764170123551213388813710760
cappadociaballoonflight.com/	1970-01-19 20:49:12	Name: AMCV_8C6767C25245AD1A0A490D4C%40AdobeOrg Value: -1303530583%7CMCIDTS%7C18137%7CMCMID%7C67996764814141322103546619679674073774%7CMCAAMLH-1567599095%7C6%7CMCAAMB-1567599095%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1567001495s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18144%7CvVersion%7C3.3.0
.cappadociaballoonflight.com/	1970-01-19 20:50:39	Name: mbox Value: session#21fd32f7f91b4116a438b4b22ae92928#1566996157\|PC#21fd32f7f91b4116a438b4b22ae92928.26_7#1630239097
.cappadociaballoonflight.com/	1970-01-19 03:59:46	Name: aamSegId Value: SegId%3D13961004
.demdex.net/	1970-01-19 07:35:46	Name: dextp Value: 21-1-1566994296014\|60-1-1566994296115\|477-1-1566994296216\|843-1-1566994296317\|771-1-1566994296418\|992-1-1566994296520\|1121-1-1566994296621\|903-1-1566994296722\|1175-1-1566994296823\|20-1-1566994296924
.cappadociaballoonflight.com/	1969-12-31 23:59:59	Name: check Value: true

132 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js(Line 24) Message: BMI 0.1
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: INIT initialize all modules
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: INIT Accordion.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: INIT AccordionFormValidation.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: INIT AdaptiveImage.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: INIT AEMExternalAppTemplate.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: INIT AEMOfferTermsAjax.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: INIT AEMPricingAjax.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: INIT AEMRTEAjax.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: INIT Ajax.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: INIT AlignContainerItems.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: INIT AnchorLinks.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: INIT Base64.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: INIT CardEncryption.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: INIT CarouselRotator.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: INIT CCPACookie.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: INIT CheckBox.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: INIT Conditionl.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: INIT CustomValidation.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT DatePicker.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT demo.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT FeaturedLinks.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT FormValidation.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT GoogleMapAutoPopulateAddress.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT Hero.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT HideMaxListItems.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT InputMask.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT LoadingThrobber.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT MobileDatePickerModal.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: INIT Modal.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT ModalOpenClose.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT OfferComparison.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT Orientation.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT Pagination.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT print.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT ProductSpinner.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT ProgressiveScroll.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT RadioBox.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT RealRadioBox.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT SearchPromote.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: INIT SingleToggle.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT SlickSlider.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT Slider.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT SocialShareAdvance.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT SolutionList.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT SortTable.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT StickyHeader.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT StickyNav.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT Sub-Nav.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT SupportAlerts.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT SupportCategoryFilter.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT SVGSupport.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: INIT Tooltip.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 6) Message: INIT UDO.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 6) Message: INIT UrlCondition.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 6) Message: INIT VideoPlayer.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 6) Message: INIT CoxCenters.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 6) Message: INIT Map.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 6) Message: INIT MapAjax.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 7) Message: INIT Wifi.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: console.groupEnd
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: EXEC start all modules
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: EXEC Accordion.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: EXEC AdaptiveImage.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: EXEC AEMExternalAppTemplate.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: EXEC AEMOfferTermsAjax.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: EXEC AEMPricingAjax.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: EXEC AEMRTEAjax.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: EXEC Ajax.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: EXEC AlignContainerItems.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: EXEC AnchorLinks.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: EXEC Base64.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: EXEC CardEncryption.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: EXEC CarouselRotator.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: EXEC CCPACookie.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: EXEC CheckBox.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 2) Message: EXEC Conditionl.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC DatePicker.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC demo.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC FeaturedLinks.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC FocusManager.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC FormValidation.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC GoogleMapAutoPopulateAddress.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC Hero.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC HideMaxListItems.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC InputMask.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC LoadingThrobber.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC LoginCookie.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 3) Message: EXEC Modal.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC ModalOpenClose.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC OfferComparison.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC Orientation.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC OverlayOpenClose.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC Pagination.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC print.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC ProgressiveScroll.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC RadioBox.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC RealRadioBox.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC SearchPromote.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 4) Message: EXEC SingleToggle.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC SlickSlider.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC Slider.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC SocialShareAdvance.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC SolutionList.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC SortTable.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC Spinner.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC StickyHeader.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC StickyNav.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC Sub-Nav.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC SupportAlerts.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC SupportCategoryFilter.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC SVGSupport.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 5) Message: EXEC Tooltip.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 6) Message: EXEC UDO.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 6) Message: EXEC UrlCondition.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 6) Message: EXEC VideoPlayer.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 6) Message: EXEC Map.js
console-api	log	URL: https://webcdn2.cox.com/ui/5_0/tsw/js/cox.js.jgz(Line 1) Message: console.groupEnd
console-api	log	URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js(Line 24) Message: BMI 0.1
console-api	log	URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js(Line 24) Message: BMI 0.1
console-api	log	URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js(Line 24) Message: BMI 0.1
console-api	log	URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js(Line 24) Message: BMI 0.1
console-api	log	URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js(Line 24) Message: BMI 0.1
console-api	log	URL: https://cdn.includemodal.com/pw.js(Line 2) Message: Scanner Online
console-api	log	URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js(Line 24) Message: BMI 0.1
console-api	log	URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js(Line 24) Message: BMI 0.1
console-api	log	URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js(Line 24) Message: BMI 0.1
console-api	log	URL: https://static-segments.beringmedia.com/dfp/1/bmi.segments.js(Line 24) Message: BMI 0.1
console-api	log	URL: https://yummy.consumable.com/5538/cnsmbl-audio-300x250-slider/widget/iframe.js?cb=1566994297150(Line 1) Message: Skipping WebGL fingerprinting because it is not supported in this browser
console-api	info	URL: https://cdn.ampproject.org/rtv/011908222134250/amp4ads-v0.js(Line 523) Message: Powered by AMP ⚡ HTML – Version 1908222134250
console-api	log	URL: https://cox.creativevirtual15.com/js/app.js(Line 20) Message: Error: Closing client. Could not access localStorage in hub.
console-api	log	URL: https://cox.creativevirtual15.com/js/app.js(Line 20) Message: cross domain storage not available

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
analytics.foresee.com
ap.lijit.com
api.deezer.com
bam.nr-data.net
brain.foresee.com
cappadociaballoonflight.com
cdn.ampproject.org
cdn.includemodal.com
cdn3.includemodal.com
clarium.global.ssl.fastly.net
cm.everesttech.net
cm.g.doubleclick.net
cox.creativevirtual15.com
cox.demdex.net
dds6m601du5ji.cloudfront.net
dpm.demdex.net
eu-u.openx.net
fonts.googleapis.com
gateway.foresee.com
gift-connect-d.openx.net
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
includemodal.com
js-agent.newrelic.com
lptag.liveperson.net
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
pub-segments.beringmedia.com
s-vop.sundaysky.com
securepubads.g.doubleclick.net
smetrics.cox.com
static-segments.beringmedia.com
t.myvisualiq.net
tags.tiqcdn.com
tapestry.tapad.com
target.cox.com
tpc.googlesyndication.com
us-u.openx.net
vop.sundaysky.com
vt.myvisualiq.net
webcdn.cox.com
webcdn2.cox.com
webcdn3.cox.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
yummy.consumable.com
tpc.googlesyndication.com
13.35.253.51
13.35.253.52
13.35.253.56
13.35.253.7
13.35.253.72
13.35.253.75
151.101.113.194
151.101.114.110
152.199.22.24
152.199.23.241
162.247.242.19
172.217.16.194
172.217.23.130
178.249.101.23
18.221.42.182
185.33.223.216
185.34.188.196
185.60.92.32
185.64.189.112
2.18.232.130
2.18.233.180
2610:1c8:c::1
2a00:1450:4001:80b::200a
2a00:1450:4001:815::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81a::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:825::2001
2a03:2880:f11c:8083:face:b00c:0:25de
3.120.86.4
3.248.26.129
3.85.58.247
34.95.120.147
35.227.248.159
52.202.9.160
52.24.184.162
52.29.20.136
52.72.26.83
63.35.240.22
65.98.66.39
65.98.66.50
66.117.23.121
66.117.28.86
69.173.144.136
72.251.249.13
74.201.240.229
89.163.146.53
0335a388804cf45db37240dc505a63dddc63d04e8038e810c0d8ca7c121d5d5b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04f63df24ca9d33291f516edcd879cebdff7761f5f39aea400f6609d6ef3f30b
08f8ac40f8ed43271e7312bf60e42e084889fbd2fa9b3109c15203bea36f3fd3
0ba181c810c29fa7b81b3b011859dabb62152bf8f5559ab4717e55476f1d7a4f
0bcff9c79b38becab79117a976e563986fa4f7cdeefb12b9e38b70c0cf8250be
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119a98044f6b7b179feb3ff32950ba7a93f16dbd81fc2b8ceaf908710a511402
18013f93c2f185993879df23f996ed5d76c9f8151dcdc1d28f4c3f14f32bd52b
20d20ffa19c989097da7ed60c8faac9cd822a22f127b74c5ecbbaafc88e36443
22e7a1b10c110072f5a0bfd16e2197a76b279ec879bcce8978fada1dc9ee5d40
23f5157322dc3efc70d6dc4ee69f31a0d086f1f379f56afb41f7b4fb01631221
2624268c4d03ae99b20440586e7f758e0a81b8d3a57e302976383554bae89e9b
2a5008b3654f3039bc94f37977d0902cc452fd3a1db9d6f62d536749d8e3015c
2e4e7991f615fdf3d2bc249a58126cdda3713d693db14d20afa5f4a399678dc9
2fe8c2b4fed251b1c1a7043632725d317e2a465363d1ecb09d1d68a9987b7f41
3729fc8239891354199fec6d94cb0dab2ce3e76d79435a9ef0020add80e5f919
38f29f630543bc211cc755e1ba34ffe9941325aeae93984ea6f34f6b39f070ab
3da6481108ca51980924c55b71433d67b6ed254077ded6752364816607de135b
3dbd82b454ef90b9dfe250bb2cd00c611291f082815aae834e5f219644b98b8e
4088d728973a02015c90643832d6f9fc89072011137883b0888b37561df2cf69
430e25fb5f2d131216a1a4746dfc97feec7be10537a8351655549c94f09d4fdd
453503a14e152a83e85c3111b4b2d6f269e72d09cd9ebb85d18916ac86758fd9
4778c0f2bb962bf245b08b3a42c0d56b4fcf47759d13321e75cf0c5509407537
485bf250acef233a906a3026cae439fe87191d6a25c84bfcd4e767b99b442fc4
4b3aefed91fd42657c4a7ed614748afceaf421c366e2239309e92e3e337d5016
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4beb3473d3f364d67a53ebefe22bfeece19d16d4d1c3bbd38c716b6c6ea24c71
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb96c2d81a511582bdd94b32bb125bcfc2da606812a7b85a60937faa89de094
524e7834ab4cd09479f40e2bb3948f40684a44ac36145d95ced781dd117c26af
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5983039c149960c5aaf52d585b61f3a312c5c9c409ec0f9269c395b49c2fb6bf
5b0bd6db5dc4714868a5e5a0c844bc9fb9222d9e43a0a843850f56f808950360
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5f632169d9c8fe955fca916748d4f9206815a0196a0c4f954eaa9fa8c4f0e726
601d70807d207ccaf2cff4548406b1a453a40d0c7f2ec8b8b3aa112ed4a505c0
62d2d7724aac0d9d97492320c5ea8707f9532f78c17acfb7d690fd76ce119704
63981207c9dfa31a91486f8e6e0607184a0e350ea34c8451760177c1c95a67ac
67a77ce3aa9682bf9e569e63fa12ef12d17d91af11412cfdb8976452d6f764f5
6f482f655ad977ac289c3b4ef584935eb345cddae3f1db33da9f978ef751b021
70db23c2bb789490708851c69500b49d91ce4580d48ae5913295746d08a90418
754fe491cf9ab11e1467cbd01be84ff7cafc0c1d9707ae387a331bdc2eef954a
7b749bfa9df4f18757625053ca003bfe82d036a0b320e97a5661cbdde8ce4379
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
862e67bae5f3fdf6213493f4269fef2e32f9c7fec7da4a20bc3f198f691b073b
882b4ce906e19c02a9d4f93fcab140e85d3907ea517609d62e9d350d25124282
8923de470b0e49b233e56242f3388768dc538928ac3e171a5e6d34ff5b6a822b
8b154bc50d5bac034e7d805645580b9531ba916f9f0fbdeb21962fb810798aab
8b7e9f5baa76fd0f683506e5008013ff32264c7ae97d72528bcd6a2650af57d5
8cb65c65bd1643ea6a8b6b7c33bc8344204fd383d7dedc25ea7c2b3c3e8ce51f
8cd25846974f0a1f4f2c619f9971c22fa7c96234baf302ae3c0b0a0d8b7ffeee
905ac6d7e8e2b72ca4576179a822dc9eea49eac70548f705ba80c4130fe0ccd9
90e82edc440a34c17a9945194ee98e7bd3de23d29fe0e1e50802fdfc9f57ae68
92a39d836ca4264d78d50cfe12f4250545014d2c634751a5612d3da14afbefb4
92cd3665cbfbcce8f46826e22831c8ab5f01bef83055807ca68cb8578f4ccfd8
97f23fc6d315897b43063900b0b73a28619652b6982e4e1982a5c7bb9b7bbf73
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c9977af1dd952c0471a17afcc44bf1e6856231a2918212cff75dcd9d4b6e38c
9f0b30d6b17a030340876dea373213d646cb1aea79ad6d20a28f072248dc35df
9f3d12412ca79a35eae10ffb8ec50cf5f6081d9f8439224a540507ba16a3c90f
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a7334b0ebaa124a0db7b3c84fd262bce90f97d77736d370da39ae0437c9a4375
a85ad2391acdea2c61fb3240ea08fb64f386ff15753cf6c5941990f495c323d1
ae9953529456b61b634b7279f426f305fd9d83921ef34475fc05a8f535846eeb
b11a85a0d10327a9988404ae691733ca379c92ab203f02e628b153fb18689d1d
b5c8b45c41367f8dec46fc71c343aac7b8b90f3e6a7f59325ee5d36d81c22c6b
b6d3ae6548de0a38decadd9abe0f25c1f9bf407639d82998fd309ed22e00f93e
b77838344d2f8869945d319eb759f863d94d5096772bab69cec6433c18b0fbd4
c9aa5cb06f800fc2440e958420bd4eb8a8ddb0700c1078464dbdf6e063283874
ca8ebecaab799226d366aa5605a1dc71c9579376cbd82642ca09c2d11e3827ca
cb3cd619e56a7b12cba0f5e98ae57ce8ce87f4c9fbe30fe190bd59520209331f
cca13a043d768c596be1f3e6410e2fc05872542c9cdca6485d19584b2a0aae1c
ccbea8a338b25c0159e3a49102ab661a444cb412c152da0744c52584b2e43a4a
cfc2b3daab7b6021e5fabaeca15bfdae084cd750f56858a80fa2f030895df132
d088ca48a987af6cf468f6a183b39babdeb1282cc84784c08bb8514d836127ed
d178c93d481320881c3751eb060baa1dfdf3410b39b16f76d7f9606691900878
d1d05e599f94582eb6c8d853fc2e93118ae92f919a0df5c88b320e16e7b6ec9f
d60826499153bf6fcb4e8a8809d3b10d737cf4990ee4a0c8d796af7d5c0a9175
d650e22295f4983fc603d547b5a46a849c0590367253ec90727f94056be7056e
d726fe9c929df177ce82c1bb81e6f4483f60dec0d68226bc3d5662a10570eef1
d773f3b84b76b086da1f7ef57c917769a1e02cffe83cae48a0e1283e828c2531
d944950244b6702d41cb72634014bba316e509056d12acc2fa3793b94692022f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
de98d824e8a4a7b0344d5082e1fbafa724b65a9d713703d48dee602da8226d78
e05e3eac9e3072cc2d9cc030c1eeed9da2b959c5bcacbde8d453d91d3151b6fe
e186a0fd201610cf7cac9d2e6bf654ced94d1be3e546defc167a4cd480315c4e
e2b11cf7484d9d2eb9beeae5c2cae436b9cb0d8818385dd37a7c2455cd5915dd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b47bb9125fd8930713bd6157b6a2ea09b804aa4aa4a5e2e4e4cb5558cf05ba
eb815c0a9dc0c022eebbaab88f1413f0ab1a49013a63b901ac6483fdd1dc3fcd
ed5d6532e8419ae52b1994d1f177a554af7dd2507bd58193df8cb6e35186c129
ee783891d878c38f9a9bec5cbf0eea6f8b05df8c9f066b1b851f9c8eb241c6df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8e8baebac4f64ee22208b08a36fa7bb4996b541e95b03f978e7318bf2c8b362
f99f709f553830c3487a2bc417f76c3e4a3a4160b39d1bff3711f8df7f4fbb50
fd39d9cbff7eeab01fef8defdf96537f6bd629ef091d6777f3db913f18976946

cappadociaballoonflight.com Open in urlscan Pro 89.163.146.53 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

127 Requests

98 %HTTPS

22 %IPv6

36 Domains

58 Subdomains

48 IPs

7 Countries

1757 kBTransfer

5280 kBSize

16 Cookies

10 Outgoing links

Page URL History

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cappadociaballoonflight.com Open in urlscan Pro
89.163.146.53 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

98 %
HTTPS

22 %
IPv6

36
Domains

58
Subdomains

48
IPs

7
Countries

1757 kB
Transfer

5280 kB
Size

16
Cookies

127 HTTP transactions
2 data transactions