urlscan.io logo urlscan.io
SecurityTrails logo

connect.xfinity.com Open in urlscan Pro
2001:558:fc18:1:f816:3eff:fea3:d90c  Public Scan

Go To Rescan Add Verdict Report
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Submission: On March 11 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 5 countries across 23 domains to perform 34 HTTP transactions. The main IP is 2001:558:fc18:1:f816:3eff:fea3:d90c, located in United States and belongs to COMCAST-7922, US. The main domain is connect.xfinity.com. The Cisco Umbrella rank of the primary domain is 16908.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on January 5th 2022. Valid for: a year.
This is the only time connect.xfinity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2001:558:fc18... 7922 (COMCAST-7922)
1 151.101.194.217 54113 (FASTLY)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 104.108.144.200 16625 (AKAMAI-AS)
5 52.212.232.57 16509 (AMAZON-02)
4 13.32.119.176 16509 (AMAZON-02)
2 34.98.64.218 15169 (GOOGLE)
1 18.195.231.241 16509 (AMAZON-02)
1 2602:803:c004... 26667 (RUBICONPR...)
3 134.209.131.220 14061 (DIGITALOC...)
1 178.250.2.131 44788 (ASN-CRITE...)
3 52.19.204.92 16509 (AMAZON-02)
2 2 34.254.143.3 16509 (AMAZON-02)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 2 35.244.174.68 15169 (GOOGLE)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 3.122.214.165 16509 (AMAZON-02)
1 2600:1f16:e61... 16509 (AMAZON-02)
2 2 52.213.253.251 16509 (AMAZON-02)
1 37.252.172.36 29990 (ASN-APPNEX)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2 2a02:2638:1::13 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
2 2 18.184.26.136 16509 (AMAZON-02)
2 2 3.126.56.137 16509 (AMAZON-02)
2 2 76.223.111.18 16509 (AMAZON-02)
1 3.33.220.150 16509 (AMAZON-02)
2 2 104.108.145.8 16625 (AKAMAI-AS)
1 178.162.133.149 60781 (LEASEWEB-...)
34 21
1    2001:558:fc18:1:f816:3eff:fea3:d90c (United States)

ASN7922 (COMCAST-7922, US)
connect.xfinity.com
1    151.101.194.217 (United States)

ASN54113 (FASTLY, US)
scripts.webcontentassessor.com
1    2a02:26f0:6c00:2bd::1b62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
my.xfinity.com
1    104.108.144.200 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-200.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    52.212.232.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-232-57.eu-west-1.compute.amazonaws.com
dpm.demdex.net
4    13.32.119.176 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-176.fra60.r.cloudfront.net
c.amazon-adsystem.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
comcast-d.openx.net
u.openx.net
1    18.195.231.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    52.19.204.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-204-92.eu-west-1.compute.amazonaws.com
comcastathena.demdex.net
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c700::1 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
idsync.rlcdn.com
2    2a05:d018:24:b001:8602:c81a:97ba:276d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
2    52.213.253.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-253-251.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    18.184.26.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-26-136.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
1    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
Apex Domain
Subdomains		 Transfer
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
comcastathena.demdex.net — Cisco Umbrella Rank: 34834
12 KB
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 689
gum.criteo.com — Cisco Umbrella Rank: 347
mug.criteo.com — Cisco Umbrella Rank: 3185
7 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
40 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 950
load77.exelator.com — Cisco Umbrella Rank: 3015
2 KB
3 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 2774
1 KB
3 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 512
eb2.3lift.com — Cisco Umbrella Rank: 346
1 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
653 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
624 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 600
63 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 462
1 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1032
686 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 281
802 B
2 openx.net
comcast-d.openx.net — Cisco Umbrella Rank: 27603
u.openx.net — Cisco Umbrella Rank: 621
512 B
2 adnxs.com
acdn.adnxs.com — Cisco Umbrella Rank: 523
ib.adnxs.com — Cisco Umbrella Rank: 205
32 KB
2 xfinity.com
connect.xfinity.com — Cisco Umbrella Rank: 16908
my.xfinity.com — Cisco Umbrella Rank: 30621
83 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 843
478 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
265 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10111
411 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 899
344 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 381
490 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 412
1 KB
1 webcontentassessor.com
scripts.webcontentassessor.com — Cisco Umbrella Rank: 4175
20 KB
34 23
Domain Requested by
5 dpm.demdex.net connect.xfinity.com
4 c.amazon-adsystem.com connect.xfinity.com
c.amazon-adsystem.com
3 comcastathena.demdex.net connect.xfinity.com
3 e.serverbid.com my.xfinity.com
2 ssum-sec.casalemedia.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net my.xfinity.com
static.criteo.net
2 match.prod.bidr.io 2 redirects
2 sync.tidaltv.com 2 redirects
2 idsync.rlcdn.com 2 redirects
2 loadm.exelator.com 2 redirects
1 sync.go.sonobi.com
1 u.openx.net
1 match.adsrvr.org
1 mug.criteo.com
1 ib.adnxs.com acdn.adnxs.com
1 dmp.v.fwmrm.net
1 ps.eyeota.net
1 pixel.quantserve.com 1 redirects
1 load77.exelator.com
1 bidder.criteo.com my.xfinity.com
1 fastlane.rubiconproject.com my.xfinity.com
1 tlx.3lift.com my.xfinity.com
1 comcast-d.openx.net my.xfinity.com
1 acdn.adnxs.com connect.xfinity.com
1 my.xfinity.com connect.xfinity.com
1 scripts.webcontentassessor.com connect.xfinity.com
1 connect.xfinity.com
34 31

This site contains no links.

Subject Issuer Validity Valid
connect.xfinity.com
COMODO RSA Organization Validation Secure Server CA		 2022-01-05 -
2023-01-05		 a year crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2021-10-31 -
2022-12-02		 a year crt.sh
www.xfinity.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2020-05-04 -
2022-05-04		 2 years crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
e.serverbid.com
R3		 2022-01-17 -
2022-04-17		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.eyeota.net
R3		 2022-01-04 -
2022-04-04		 3 months crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh

This page contains 4 frames:

Primary Page: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Frame ID: 0C933C1F251360371CFA93C940DCD979
Requests: 23 HTTP requests in this frame

Frame: https://comcastathena.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 75515A493B7076C2A57EB2B8627DDD43
Requests: 8 HTTP requests in this frame

Frame: https://comcastathena.demdex.net/dest5.html?d_nsid=1
Frame ID: 0C3EBEF01A5AE6BE3AC372E23F2F7AE4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=connect.xfinity.com
Frame ID: 11292CC08C94D4C09E1EDBA9A2F03D66
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Webmail Promotion

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

34
Requests

74 %
HTTPS

30 %
IPv6

23
Domains

31
Subdomains

21
IPs

5
Countries

262 kB
Transfer

788 kB
Size

35
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=59470940507402581252697632676558832019 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=59470940507402581252697632676558832019&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 17
  • https://idsync.rlcdn.com/365868.gif?partner_uid=59470940507402581252697632676558832019 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTk0NzA5NDA1MDc0MDI1ODEyNTI2OTc2MzI2NzY1NTg4MzIwMTkQABoNCODXrpEGEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=058ea4aa9a34b25459bc7c992dcbb9dd62299c6b206ccc76c7e3d7836fce0907b0da87c991749652
Request Chain 18
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=38noredirect HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=38noredirect&s_h=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=f14fba61-0de0-494f-afd9-64069e5025e9?gdpr=1&gdpr_consent=
Request Chain 19
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=nq_LYsn_nDGFrMozyqjUMJmpzGWFq5w4mf8TobcI
Request Chain 22
  • https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AADFnE7EV1gAACshyGkL8A?gdpr=0
Request Chain 27
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=xfinity.com&sn=ChromeSyncframe&so=0&topUrl=connect.xfinity.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=lgAOvnxsbnE5bFhYTFNFeU0yamN6RFh5NzlhbHgycFg3bzRoeWdkbm0zUFBxUE1uR0dmSm96azZxVFBHZ0c3NHdCQlQzMUludlo4Sm93dmVjZlYrcWFKVlp3WHVnQXZQZWRoZDNrN0ZLV21zR1NQNmkrRVVnZjZoSC92UGt5RXFNQW4wNVViQkF3anN5V2JFS3hGbDZmVkI3NDlhZU11T3lnK0pnVUozcTI0V3RtdFRQZmd5elZpTEJFSnVDeG9Ub205SEdLZkNvNG9mMm1veWYzcm9KR1dKUlpEcit2NWVpRHVBUWNERzFmTFY1a1M4S2gvUWFUa3MweVZsdGZ4bWVpNnUxMm1uWHZ5V2ZiditqaWExL0dDZ1dOdz09fA&cppv=2
Request Chain 28
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPcf78b5f4-a176-11ec-b82a-020e0626bef8 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPcf78b5f4-a176-11ec-b82a-020e0626bef8&verify=true HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPcf78b5f4-a176-11ec-b82a-020e0626bef8
Request Chain 29
  • https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Request Chain 30
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D&s=185073&C=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=Yiur5IMnZgmwakifWip0PgAA%261166

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mini-msglistAds-012621.html
connect.xfinity.com/appsuite/apps/ads/minified/ 		62 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:558:fc18:1:f816:3eff:fea3:d90c , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
1b217e1eb25651eff016aad1684acb51ca455264bfe6ca7b5e6c666f6ffb9751
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 11 Mar 2022 20:06:56 GMT
Server
Apache
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT, REPORT
Access-Control-Max-Age
1000
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
x-requested-with, Content-Type, origin, authorization, accept, client-security-token, depth, if-none-match, access-control-allow-origin, if-match, authentication
X-Frame-Options
SAMEORIGIN SAMEORIGIN
Accept-Ranges
bytes
Content-Encoding
gzip
Cache-Control
max-age=15552000, private
Expires
Wed, 07 Sep 2022 20:06:56 GMT
Content-Length
20561
Content-Type
text/html; charset=UTF-8
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Cache-control
private
b4be7e7b6b352605a1ac84e1c5b4df5dd6407a83c34cfd33ff1cc7345cf246a3
scripts.webcontentassessor.com/scripts/ 		78 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.webcontentassessor.com/scripts/b4be7e7b6b352605a1ac84e1c5b4df5dd6407a83c34cfd33ff1cc7345cf246a3
Requested by
Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f02569cef8126f2eb41c0ea2f4101987c71364c9f1ab04d51f6235ae2a9398e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 20:06:56 GMT
content-encoding
gzip
age
781
x-cache
HIT
content-length
20288
x-amz-id-2
UUtPVfaBdqui/KMoxmZD/PkbUS3e9eYtb87dHgBkNQEyG33YmZ3wzWl60WibrvvHGxiV5gnyQKQ=
x-served-by
cache-hhn4081-HHN
last-modified
Fri, 11 Mar 2022 19:48:46 GMT
server
AmazonS3
x-timer
S1647029216.423217,VS0,VE3
etag
"92b0af75e83da38e14e5fcc39b5c4fb6"
vary
Accept-Encoding
x-amz-request-id
6CAC7G55PM5QH142
via
1.1 varnish
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1
prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
my.xfinity.com/assets/ads/ 		194 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Requested by
Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d12019c690a93d78d305ce3e2328770dc64cd7e9645cf25de086db0032fe8cfd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 20:06:56 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 18:25:57 GMT
server
AkamaiNetStorage
etag
"af8b5c8913909b331c98062f33c9236f:1645727157.491095"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
ast.js
acdn.adnxs.com/ast/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.200 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-200.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e8fc85293845d4d357c1af9188cd14fb3b33c7b7d1917fb6bbc61a999e55d84f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 20:06:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Mar 2022 13:35:44 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"621e2130-16a12"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
32044
Expires
Sat, 12 Mar 2022 20:06:58 GMT
id
dpm.demdex.net/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
Requested by
Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.232.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-232-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6fce4b8a57db88b6156a16c1170a0b761e31eee96c1dc27743391bdec8c4e262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v029-0ca14c114.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
VR463DxiSLs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
690
Expires
Thu, 01 Jan 1970 00:00:00 UTC
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-176.fra60.r.cloudfront.net
Software
Server /
Resource Hash
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
cDw9qPFdR3WLu_gch_nIk4UAdfcPuNG7
content-encoding
gzip
etag
4e3fad24a118a07cea7ce88b2721a583
age
39
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1N6NNFR4KV5B6KY7Y3S6
date
Fri, 11 Mar 2022 20:06:18 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA60-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
boCtgBgyXQvQVJdkUKKvBEK3-hBiFqTJKnhBnIUzrPXc6BSu1CIlew==
config
c.amazon-adsystem.com/cdn/prod/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3338&u=https%3A%2F%2Fconnect.xfinity.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-176.fra60.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 16:18:25 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server
Server
age
13710
x-cache
Hit from cloudfront
access-control-allow-origin
https://connect.xfinity.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
QQsJ0zzMmL87EaDKzhGxM7zQ6jPti_fS1skFzMvLgE4ZqiqRmla79A==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3338&u=https%3A%2F%2Fconnect.xfinity.com%2Fappsuite%2Fapps%2Fads%2Fminified%2Fmini-msglistAds-012621.html&pid=wKLimTJu8WstV&cb=0&ws=1600x1200&v=7.74.0&t=1500&slots=%5B%7B%22sd%22%3A%22MAIL_Right%22%2C%22s%22%3A%5B%22160x600%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-176.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 20:06:56 GMT
via
1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
5147QSHZ8RH9V7P7H3F4
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://connect.xfinity.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
s539HFGdSK0ePwUkTzoj7jFBhV8SOD3jlMZRFEk6zNvZHOd3pNO-bQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.176 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-176.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
42905
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 02 Mar 2022 02:09:50 GMT
server
AmazonS3
date
Fri, 11 Mar 2022 08:11:52 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
dKBS37XT7Ss9UmU4Z-CFwJzQDacPnFpe40UMz1I5k-DKiFltfm4Ntw==
arj
comcast-d.openx.net/w/1.0/ 		73 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comcast-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fconnect.xfinity.com%2Fappsuite%2Fapps%2Fads%2Fminified%2Fmini-msglistAds-012621.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0a9d4169-2bc9-41bd-8c37-e797797a17f9&nocache=1647029216730&aus=160x600&divIds=MAIL_Right&auid=540654283
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
124dd6a7bff98ab7dab3d1e6fff5b34d77887633e7913d7b1a303262045caaeb

Request headers

Referer
https://connect.xfinity.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 20:06:56 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://connect.xfinity.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.15.0&referrer=https%3A%2F%2Fconnect.xfinity.com%2Fappsuite%2Fapps%2Fads%2Fminified%2Fmini-msglistAds-012621.html&tmax=3000
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.231.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-231-241.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://connect.xfinity.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 20:06:56 GMT
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width,SecCH-Viewport-Width, Sec-CH-Viewport-Height,Sec-CH-Device-Memory, Sec-CHRTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme,Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
application/json; charset=utf-8
access-control-allow-origin
https://connect.xfinity.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11648&site_id=254254&zone_id=1260106&size_id=9&p_pos=atf&rf=https%3A%2F%2Fconnect.xfinity.com%2Fappsuite%2Fapps%2Fads%2Fminified%2Fmini-msglistAds-012621.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=0a9d4169-2bc9-41bd-8c37-e797797a17f9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5127480283601382
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
14bd8e5e939c7f859c4383775a43fd81eaed87d0ec632ddda457938b4e3bee9d

Request headers

Referer
https://connect.xfinity.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 20:06:56 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://connect.xfinity.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v2
e.serverbid.com/api/ 		711 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
a1864f9c9e8f8b71315692973433328a730a27f673bf692719e01772f2acfb13

Request headers

Referer
https://connect.xfinity.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://connect.xfinity.com
date
Fri, 11 Mar 2022 20:06:56 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.15.0&cb=84534497654
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://connect.xfinity.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 20:06:56 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://connect.xfinity.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
dest5.html
comcastathena.demdex.net/ Frame 7551 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comcastathena.demdex.net/dest5.html?d_nsid=undefined
Requested by
Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.204.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-204-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Fri, 11 Mar 2022 20:06:56 GMT
DCS
dcs-prod-irl1-1-v029-08e23457e.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 4 Mar 2022 17:38:29 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
Kqr6Gt60RY0=
Content-Length
2791
Connection
keep-alive
dest5.html
comcastathena.demdex.net/ Frame 0C3E 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://comcastathena.demdex.net/dest5.html?d_nsid=1
Requested by
Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.204.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-204-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Fri, 11 Mar 2022 20:06:56 GMT
DCS
dcs-prod-irl1-2-v029-0795839a6.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 4 Mar 2022 17:57:15 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
5l6xJCLuSFU=
transfer-encoding
chunked
Connection
keep-alive
event
comcastathena.demdex.net/ 		135 B
869 B 		Script
General
Check archive.org
Download Go to
Full URL
https://comcastathena.demdex.net/event?d_mid=59094667215268188002730620135422944046&d_nsid=1&d_ld=_ts%3D1647029216789&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1647029216789
Requested by
Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-012621.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.204.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-204-92.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
46ccedc6079b20a83ded9ad6f374c4bc83bdc285a72c83f660e10a74fbf19634
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcscanary-prod-irl1-1-v034-06729ab4d.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
PUMF4zd4Rdk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
151
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pixel.gif
load77.exelator.com/ Frame 7551
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=59470940507402581252697632676558832019
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=59470940507402581252697632676558832019&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Protocol
H2
Server
2a02:6ea0:c700::1 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comcastathena.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-nzt
AcO1ryyqNzH/+jMPAA
x-accel-expires
@1647069671
date
Fri, 11 Mar 2022 20:06:57 GMT
etag
"59f0c3fc-2b"
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
boNyD1zV1VQ
x-77-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-cache
HIT
x-age
996346
accept-ranges
bytes
x-77-pop
frankfurtDE
content-length
43

Redirect headers

date
Fri, 11 Mar 2022 20:06:57 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
ibs:dpid=477&dpuuid=058ea4aa9a34b25459bc7c992dcbb9dd62299c6b206ccc76c7e3d7836fce0907b0da87c991749652
dpm.demdex.net/ Frame 7551
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=59470940507402581252697632676558832019
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTk0NzA5NDA1MDc0MDI1ODEyNTI2OTc2MzI2NzY1NTg4MzIwMTkQABoNCODXrpEGEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=058ea4aa9a34b25459bc7c992dcbb9dd62299c6b206ccc76c7e3d7836fce0907b0da87c991749652
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=058ea4aa9a34b25459bc7c992dcbb9dd62299c6b206ccc76c7e3d7836fce0907b0da87c991749652
Protocol
HTTP/1.1
Server
52.212.232.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-232-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comcastathena.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v029-037da014a.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0yYEHQmjSF4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 11 Mar 2022 20:06:56 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=058ea4aa9a34b25459bc7c992dcbb9dd62299c6b206ccc76c7e3d7836fce0907b0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
ibs:dpid=445&dpuuid=f14fba61-0de0-494f-afd9-64069e5025e9
dpm.demdex.net/ Frame 7551
Redirect Chain
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=38noredirect
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=38noredirect&s_h=1
  • https://dpm.demdex.net/ibs:dpid=445&dpuuid=f14fba61-0de0-494f-afd9-64069e5025e9?gdpr=1&gdpr_consent=
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=445&dpuuid=f14fba61-0de0-494f-afd9-64069e5025e9?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Server
52.212.232.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-232-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comcastathena.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 20:06:57 GMT
server
Apache-Coyote/1.1
location
https://dpm.demdex.net/ibs:dpid=445&dpuuid=f14fba61-0de0-494f-afd9-64069e5025e9?gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
ibs:dpid=1175&&dpuuid=nq_LYsn_nDGFrMozyqjUMJmpzGWFq5w4mf8TobcI
dpm.demdex.net/ Frame 7551
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=nq_LYsn_nDGFrMozyqjUMJmpzGWFq5w4mf8TobcI
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=nq_LYsn_nDGFrMozyqjUMJmpzGWFq5w4mf8TobcI
Protocol
HTTP/1.1
Server
52.212.232.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-232-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comcastathena.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v029-070af1854.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ldIDdNA4QUA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 20:06:57 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=nq_LYsn_nDGFrMozyqjUMJmpzGWFq5w4mf8TobcI
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
match
ps.eyeota.net/ Frame 7551 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=6j5b2cv&uid=59470940507402581252697632676558832019&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comcastathena.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 20:06:57 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
u
dmp.v.fwmrm.net/ad/ Frame 7551 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comcastathena.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 20:06:57 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
ibs:dpid=275754&dpuuid=AADFnE7EV1gAACshyGkL8A
dpm.demdex.net/ Frame 7551
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AADFnE7EV1gAACshyGkL8A?gdpr=0
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AADFnE7EV1gAACshyGkL8A?gdpr=0
Protocol
HTTP/1.1
Server
52.212.232.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-232-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://comcastathena.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v029-01e2c5d7c.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
njO+LI/QTcM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AADFnE7EV1gAACshyGkL8A?gdpr=0
Date
Fri, 11 Mar 2022 20:06:57 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
v3
ib.adnxs.com/ut/ 		53 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://connect.xfinity.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 20:06:57 GMT
X-Proxy-Origin
217.64.151.10; 217.64.151.10; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d3c9c790-44a7-47ec-980c-04da58fcced6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://connect.xfinity.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		97 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 20:06:59 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 12 Mar 2022 20:06:59 GMT
syncframe
gum.criteo.com/ Frame 1129 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=connect.xfinity.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1822
date
Fri, 11 Mar 2022 20:06:59 GMT
content-length
5145
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ 		97 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 20:06:59 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 21:31:17 GMT
server
nginx
etag
W/"62194aa5-18342"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 12 Mar 2022 20:06:59 GMT
sid
mug.criteo.com/ Frame 1129
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=xfinity.com&sn=ChromeSyncframe&so=0&topUrl=connect.xfinity.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=lgAOvnxsbnE5bFhYTFNFeU0yamN6RFh5NzlhbHgycFg3bzRoeWdkbm0zUFBxUE1uR0dmSm96azZxVFBHZ0c3NHdCQlQzMUludlo4Sm93dmVjZlYrcWFKVlp3WHVnQXZQZWRoZDNrN0ZLV21zR1NQNmkrRVVnZjZoSC92UG...
436 B
631 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=lgAOvnxsbnE5bFhYTFNFeU0yamN6RFh5NzlhbHgycFg3bzRoeWdkbm0zUFBxUE1uR0dmSm96azZxVFBHZ0c3NHdCQlQzMUludlo4Sm93dmVjZlYrcWFKVlp3WHVnQXZQZWRoZDNrN0ZLV21zR1NQNmkrRVVnZjZoSC92UGt5RXFNQW4wNVViQkF3anN5V2JFS3hGbDZmVkI3NDlhZU11T3lnK0pnVUozcTI0V3RtdFRQZmd5elZpTEJFSnVDeG9Ub205SEdLZkNvNG9mMm1veWYzcm9KR1dKUlpEcit2NWVpRHVBUWNERzFmTFY1a1M4S2gvUWFUa3MweVZsdGZ4bWVpNnUxMm1uWHZ5V2ZiditqaWExL0dDZ1dOdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
de4684c8fb5f59fad3724b3decd943dcbf0e477d3f2e2761dcc03bfc4551438d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 20:06:59 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4861
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 20:06:58 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=lgAOvnxsbnE5bFhYTFNFeU0yamN6RFh5NzlhbHgycFg3bzRoeWdkbm0zUFBxUE1uR0dmSm96azZxVFBHZ0c3NHdCQlQzMUludlo4Sm93dmVjZlYrcWFKVlp3WHVnQXZQZWRoZDNrN0ZLV21zR1NQNmkrRVVnZjZoSC92UGt5RXFNQW4wNVViQkF3anN5V2JFS3hGbDZmVkI3NDlhZU11T3lnK0pnVUozcTI0V3RtdFRQZmd5elZpTEJFSnVDeG9Ub205SEdLZkNvNG9mMm1veWYzcm9KR1dKUlpEcit2NWVpRHVBUWNERzFmTFY1a1M4S2gvUWFUa3MweVZsdGZ4bWVpNnUxMm1uWHZ5V2ZiditqaWExL0dDZ1dOdz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2378
content-length
541
expires
0
i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPcf78b5f4-a176-11ec-b82a-020e0626bef8
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPcf78b5f4-a176-11ec-b82a-020e0626bef8&verify=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPcf78b5f4-a176-11ec-b82a-020e0626bef8
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPcf78b5f4-a176-11ec-b82a-020e0626bef8
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 20:07:00 GMT
content-length
0

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPcf78b5f4-a176-11ec-b82a-020e0626bef8
date
Fri, 11 Mar 2022 20:07:00 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://eb2.3lift.com/sync?px=1&src=prebid&
  • https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 20:07:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date
Fri, 11 Mar 2022 20:07:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D&s=185073&C=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=Yiur5IMnZgmwakifWip0PgAA%261166
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=Yiur5IMnZgmwakifWip0PgAA%261166
Protocol
H2
Server
134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 20:07:00 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 20:07:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=Yiur5IMnZgmwakifWip0PgAA%261166
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
293
Expires
Fri, 11 Mar 2022 20:07:00 GMT
pd
u.openx.net/w/1.0/ 		43 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 20:07:00 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usa
sync.go.sonobi.com/ 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?a=true&partnerId=38&userId=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://connect.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 20:07:00 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| structuredClone object| oncontextlost object| oncontextrestored object| apntag object| DILComcastA object| visitor string| oas_am_cookiename undefined| oas_am_cookieval function| Visitor function| get_aamCookie object| s_c_il number| s_c_in function| DIL function| measureLoadTime object| apstag number| bidTimeout object| apstagSlots object| MAIL_Right_sizes object| pbjs object| adUnits function| fetchHeaderBids boolean| apstagLOADED function| pbjsChunk object| _pbjsGlobals object| Criteo function| demdexRequestCallback_1_1647029216789 object| criteo_syncframe_state object| googletag object| criteo_pubtag object| criteo_pubtag_prebid_120 object| Criteo_prebid_120

35 Cookies

Domain/Path Name / Value
.my.xfinity.com/assets/ads Name: offnet
Value: true
.3lift.com/sync Name: sync
Value: CgkIOhDp5d3U9y8=
connect.xfinity.com/ Name: OXBETA
Value: oxui-hob-07o.email.comcast.net
.demdex.net/ Name: demdex
Value: 59470940507402581252697632676558832019
.xfinity.com/ Name: AMCVS_723C39F756ABCD0B7F000101%40AdobeOrg
Value: 1
.xfinity.com/ Name: AMCV_723C39F756ABCD0B7F000101%40AdobeOrg
Value: -1248264605%7CMCMID%7C59094667215268188002730620135422944046%7CMCAAMLH-1647634016%7C6%7CMCAAMB-1647634016%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1647036416s%7CNONE
.my.xfinity.com/ Name: userZip
Value:
.rubiconproject.com/ Name: khaos
Value: L0MUO54R-7-47QG
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0EqlWW2eXgLTpcd3HBZZ775PzI6EyVJjlVAthPpLFZy8prdQB8TmbDV+oGQUqN8EMsJ/bgjYKypsBQn6AvuCLF5uRUJvyOICwdOKW1qRBjyg==
.connect.xfinity.com/ Name: aam_uuid
Value: 59470940507402581252697632676558832019
.rlcdn.com/ Name: rlas3
Value: HypWVKRedBz2oiZ7zk3UUjeRtp3+L/Vl7ISajqWQQa8=
.rlcdn.com/ Name: pxrc
Value: CODXrpEGEgUI6AcQABIGCPHrARAA
.exelator.com/ Name: EE
Value: "c1f1353558f5977ecfe600bc02b77ef0"
.dpm.demdex.net/ Name: dpm
Value: 59470940507402581252697632676558832019
.demdex.net/ Name: dextp
Value: 3-1-1647029216896|60-1-1647029216909|445-1-1647029216924|477-1-1647029216939|1175-1-1647029216954|30064-1-1647029216970|796-1-1647029216985|275754-1-1647029217000
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHZMM3Q2NTY1NQizdTS3Dw1OS3VzMAgKdnAKAnISzNYXJZatGBpaXFqStKhJRU5JTlNq8viQx3j3Rx9PX0ilzlnFOXnpq4AC4W5Bi2ytFySX5SZvsjFdXFRShrDopLiU8H79%252FoAAHxJKjs%253D"
e.serverbid.com/ Name: azk
Value: ue1-sb1-e1b12857-7699-437c-a6d9-710e6423fe9a
.quantserve.com/ Name: d
Value: EJ4BDAHRJbmvYA
.quantserve.com/ Name: mc
Value: 622babe1-133b5-0145e-6e81b
.eyeota.net/ Name: SERVERID
Value: 24258~DM
.tidaltv.com/ Name: tidal_ttid
Value: f14fba61-0de0-494f-afd9-64069e5025e9
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA1tjI0tAAA9U00mgkAAAA="
.bidr.io/ Name: bito
Value: AADFnE7EV1gAACshyGkL8A
.bidr.io/ Name: bitoIsSecure
Value: ok
.fwmrm.net/ Name: _uid
Value: "o2e5d_7073936622572167102"
.criteo.com/ Name: uid
Value: 5928dd41-7ad4-44bf-b1a3-f5712a3a43e7
.xfinity.com/ Name: cto_bundle
Value: 9YOAJF80ZXMlMkZONHB5VGhuSklmNXZsOTJuMUJFejlXdnlFTEhQbkEwNEl4ZXVFJTJCeG1lWFclMkI3Z2JlcDN2JTJGSGkzbDhvSkxrdGp5VjQ1Y3c4VXFETTNoRXZWcFJNTGZNejJPdUFpeTY5TWFTMjNkY0kzdXRJVWZlMkdWRDJOVUQ1ZXlTYTA0czFhTmVVd29ib1Z2cjFXVW01S3hJZyUzRCUzRA
.advertising.com/ Name: APID
Value: UPcf78b5f4-a176-11ec-b82a-020e0626bef8
.3lift.com/ Name: tluid
Value: 2092629164658123086777
.yahoo.com/ Name: A3
Value: d=AQABBOSrK2ICEBNpAm7uRLk75fB7A0IHhscFEgEBAQH9LGI1YgAAAAAA_eMAAA&S=AQAAAtxQalrjkGG4fAmQi5Pqp7Q
.analytics.yahoo.com/ Name: IDSYNC
Value: 17ot~23p8
.casalemedia.com/ Name: CMID
Value: Yiur5IMnZgmwakifWip0PgAA
.casalemedia.com/ Name: CMPS
Value: 5191
.casalemedia.com/ Name: CMPRO
Value: 1166
.casalemedia.com/ Name: CMST
Value: Yiur5GIrq+QA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
bidder.criteo.com
c.amazon-adsystem.com
comcast-d.openx.net
comcastathena.demdex.net
connect.xfinity.com
dmp.v.fwmrm.net
dpm.demdex.net
e.serverbid.com
eb2.3lift.com
fastlane.rubiconproject.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
my.xfinity.com
pixel.advertising.com
pixel.quantserve.com
ps.eyeota.net
scripts.webcontentassessor.com
ssum-sec.casalemedia.com
static.criteo.net
sync.go.sonobi.com
sync.tidaltv.com
tlx.3lift.com
u.openx.net
ups.analytics.yahoo.com
104.108.144.200
104.108.145.8
13.32.119.176
134.209.131.220
151.101.194.217
178.162.133.149
178.250.0.157
178.250.2.131
18.184.26.136
18.195.231.241
2001:558:fc18:1:f816:3eff:fea3:d90c
2600:1f16:e61:3f02:34e5:5cce:7c1d:e87a
2602:803:c004:200::143
2620:116:800d:21:36a9:ecb:e518:b308
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:2bd::1b62
2a02:6ea0:c700::1
2a05:d018:24:b001:8602:c81a:97ba:276d
3.122.214.165
3.126.56.137
3.33.220.150
34.254.143.3
34.98.64.218
35.244.174.68
37.252.172.36
52.19.204.92
52.212.232.57
52.213.253.251
76.223.111.18
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
124dd6a7bff98ab7dab3d1e6fff5b34d77887633e7913d7b1a303262045caaeb
14bd8e5e939c7f859c4383775a43fd81eaed87d0ec632ddda457938b4e3bee9d
1b217e1eb25651eff016aad1684acb51ca455264bfe6ca7b5e6c666f6ffb9751
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3ef5bfd224e0baa902eb88c94979cfaeccf2169a996c601fa3de4c3f3b33da01
46ccedc6079b20a83ded9ad6f374c4bc83bdc285a72c83f660e10a74fbf19634
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
6fce4b8a57db88b6156a16c1170a0b761e31eee96c1dc27743391bdec8c4e262
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7f02569cef8126f2eb41c0ea2f4101987c71364c9f1ab04d51f6235ae2a9398e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d8a9c4b3954d44aa586c80eb8963694553bca477e95be61a9f19f1e8b0195fa
a1864f9c9e8f8b71315692973433328a730a27f673bf692719e01772f2acfb13
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
d12019c690a93d78d305ce3e2328770dc64cd7e9645cf25de086db0032fe8cfd
de4684c8fb5f59fad3724b3decd943dcbf0e477d3f2e2761dcc03bfc4551438d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fc85293845d4d357c1af9188cd14fb3b33c7b7d1917fb6bbc61a999e55d84f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf