68.87.29.197 Open in urlscan Pro
68.87.29.197 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://68.87.29.197/login/concrete/js
Submission: On January 29 via automatic, source openphish (January 29th 2021, 1:25:35 am UTC)

Summary HTTP 45 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 45 HTTP transactions. The main IP is 68.87.29.197, located in United States and belongs to COMCAST-7922, US. The main domain is 68.87.29.197.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on October 2nd 2020. Valid for: a year.

This is the only time 68.87.29.197 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
7	68.87.29.197 68.87.29.197	7922 (COMCAST-7922) (COMCAST-7922)
5	2a02:26f0:6c0... 2a02:26f0:6c00:2be::30d4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
1	2607:ae80:2::230 2607:ae80:2::230	26558 (FREEWHEEL) (FREEWHEEL)
1 2	108.128.13.248 108.128.13.248	16509 (AMAZON-02) (AMAZON-02)
10	2a02:26f0:6c0... 2a02:26f0:6c00:295::2c06	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	13.224.192.34 13.224.192.34	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.251.184.34 34.251.184.34	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	52.50.104.129 52.50.104.129	16509 (AMAZON-02) (AMAZON-02)
1	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
45	20

7 68.87.29.197 (United States)

ASN7922 (COMCAST-7922, US)

68.87.29.197	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:2be::30d4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

static.cimcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:2::230 (United States)

ASN26558 (FREEWHEEL, US)

7468.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.128.13.248 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

xfinitydigital.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:26f0:6c00:295::2c06 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

dl.cws.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:28a::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.34 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-34.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.184.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-184-34.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.131.220 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

comcast-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.104.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-104-129.eu-west-1.compute.amazonaws.com

comcast.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

comcastcom.d1.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.37 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	xfinity.com dl.cws.xfinity.com	2 KB
5	cimcontent.net static.cimcontent.net	173 KB
4	adobedtm.com assets.adobedtm.com	84 KB
4	demdex.net 1 redirects xfinitydigital.demdex.net dpm.demdex.net comcast.demdex.net	3 KB
3	openx.net 1 redirects comcast-d.openx.net eu-u.openx.net us-u.openx.net	1013 B
3	amazon-adsystem.com c.amazon-adsystem.com	34 KB
2	criteo.net static.criteo.net	51 KB
2	criteo.com bidder.criteo.com gum.criteo.com	142 B
2	adnxs.com acdn.adnxs.com ib.adnxs.com	32 KB
1	doubleclick.net 1 redirects cm.g.doubleclick.net	122 B
1	omtrdc.net comcastcom.d1.sc.omtrdc.net	315 B
1	serverbid.com e.serverbid.com	166 B
1	rubiconproject.com fastlane.rubiconproject.com	2 KB
1	fwmrm.net 7468.v.fwmrm.net	407 B
1	webcontentassessor.com scripts.webcontentassessor.com	32 KB
45	15

	Domain	Requested by
10	dl.cws.xfinity.com	static.cimcontent.net
5	static.cimcontent.net	68.87.29.197
4	assets.adobedtm.com	static.cimcontent.net assets.adobedtm.com
3	c.amazon-adsystem.com	68.87.29.197 static.cimcontent.net
2	static.criteo.net	static.cimcontent.net
2	xfinitydigital.demdex.net	1 redirects 68.87.29.197
1	us-u.openx.net
1	cm.g.doubleclick.net	1 redirects
1	eu-u.openx.net	1 redirects
1	gum.criteo.com	static.criteo.net
1	ib.adnxs.com	static.cimcontent.net
1	comcastcom.d1.sc.omtrdc.net	static.cimcontent.net
1	comcast.demdex.net	assets.adobedtm.com
1	comcast-d.openx.net	static.cimcontent.net
1	e.serverbid.com	static.cimcontent.net
1	bidder.criteo.com	static.cimcontent.net
1	fastlane.rubiconproject.com	static.cimcontent.net
1	dpm.demdex.net	static.cimcontent.net
1	acdn.adnxs.com	68.87.29.197
1	7468.v.fwmrm.net	68.87.29.197
1	scripts.webcontentassessor.com	68.87.29.197
45	21

This site contains links to these domains. Also see Links.

Domain
www.comcast.net
www.surveymonkey.com
idm.xfinity.com
customer.xfinity.com
my.xfinity.com
xfinity.comcast.net
www.xfinity.com

Subject Issuer	Validity	Valid
*.identity.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2020-10-02` - `2021-10-02`	a year	crt.sh
static.cimcontent.net COMODO RSA Organization Validation Secure Server CA	`2020-04-16` - `2022-04-16`	2 years	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-01-27` - `2022-02-28`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.cws.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2020-05-04` - `2022-05-04`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2020-01-02` - `2021-04-02`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh
e.serverbid.com R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.d1.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://68.87.29.197/login/concrete/js
Frame ID: 28ECCB4A0C348C06E4BA8A1619144972
Requests: 40 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: AA55EB13187CB11860E70E78D0D13B74
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=68.87.29.197
Frame ID: 1DCA67064727BCE60F33D69EA1D10C6E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

45
Requests

84 %
HTTPS

35 %
IPv6

15
Domains

21
Subdomains

20
IPs

5
Countries

533 kB
Transfer

1290 kB
Size

7
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.comcast.net/adinformation
Title: Ad Info

Search URL Search Domain Scan URL

URL: https://www.surveymonkey.com/s.aspx?sm=FyNNVDhj_2f2FNc2KVOHQ4eg_3d_3d
Title: Ad Feedback

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/lookup?continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26reqId%3Dfb751c46-97cd-4ca2-9941-3c54d3affc5a%26r%3Dcomcast.net%26s%3Dportal%26deviceAuthn%3Dfalse%26continue%3Dhttp%253A%252F%252Fxfinity.comcast.net%252F%26forceAuthn%3D0%26lang%3Den%26rm%3D2%26ui_style%3Dlight&lang=en&ui_style=light
Title: Xfinity ID

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/reset?continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26reqId%3Dfb751c46-97cd-4ca2-9941-3c54d3affc5a%26r%3Dcomcast.net%26s%3Dportal%26deviceAuthn%3Dfalse%26continue%3Dhttp%253A%252F%252Fxfinity.comcast.net%252F%26forceAuthn%3D0%26lang%3Den%26rm%3D2%26ui_style%3Dlight&lang=en&ui_style=light
Title: password

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/create-uid?continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26reqId%3Dfb751c46-97cd-4ca2-9941-3c54d3affc5a%26r%3Dcomcast.net%26s%3Dportal%26deviceAuthn%3Dfalse%26continue%3Dhttp%253A%252F%252Fxfinity.comcast.net%252F%26forceAuthn%3D0%26lang%3Den%26rm%3D2%26ui_style%3Dlight&lang=en&ui_style=light
Title: Create one

Search URL Search Domain Scan URL

URL: https://customer.xfinity.com/lite
Title: Pay any balance

Search URL Search Domain Scan URL

URL: http://my.xfinity.com/terms/web/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://xfinity.comcast.net/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/privacy/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/privacy/manage-preference
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://xfinitydigital.demdex.net/event?d_sid=4702129 HTTP 302
https://xfinitydigital.demdex.net/firstevent?d_sid=4702129

Request Chain 45

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEzOrNBFkuIvpwEBytfzfec&google_cver=1

45 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set js Show response
68.87.29.197/login/concrete/ 12 KB
5 KB 560ms
119ms Document
text/html 68.87.29.197
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://68.87.29.197/login/concrete/js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Resource Hash

4183e04825d9e7a88c01f8a1eaa60fe5faae80ec4bf28757eb19111b0db94561

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: 68.87.29.197
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 01:25:13 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/html;charset=utf-8
X-Frame-Options: DENY
Cache-Control: private, max-age=0, no-cache, must-revalidate
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
X-XSS-Protection: 1; mode=block
Set-Cookie: bid=M4DEHQAkST2Eqp22xR6tZHIQvfI; Expires=Sun, 29 Jan 2023 01:25:13 UTC; SameSite=None; Secure; HttpOnly SESSION=c270d5f9-1e0f-4594-b731-6672c7b9fdc3;Path=/;Secure;HttpOnly BIGipServerp_loginxf-wcdc-ipv4_443=!eFteR87Ag2ewLV/ab3bAYz+ZnnXVjb0n+aglkEVwO8xTlmY0aIQahMZzu+ytlgEaaX9eRlFWZhL8K8k=; path=/; Httponly; Secure
Via: 1.1 idm.xfinity.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4049
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive

GET
H/1.1 404
Not Found comcast-common.js
68.87.29.197/static/js/ 0
0 117ms
115ms Script
text/html 68.87.29.197
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://68.87.29.197/static/js/comcast-common.js

Requested by

Host: 68.87.29.197
URL: https://68.87.29.197/login/concrete/js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 01:25:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jan 2021 19:00:20 GMT
Server: Apache
ETag: "221-6d5-5b9d244143900"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 742

GET
H2 200 / Show response
static.cimcontent.net/data-layer/ 79 KB
23 KB 41ms
20ms Script
application/javascript 2a02:26f0:6c00:2be::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/data-layer/?appID=login
Requested by: Host: 68.87.29.197
URL: https://68.87.29.197/login/concrete/js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ead5e2cd5cb377e25c5c22a466f0c06f0a4a416826c937f89f9391d8e84e38e

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 6NZr6V6JEKIFXnPJ8w5S2wjjqpeDybu6
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 16:08:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "26aed2c2476fdda6683909fb5f1683d8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
date: Fri, 29 Jan 2021 01:25:13 GMT
accept-ranges: bytes
content-length: 22972
x-amz-cf-id: ggiib-6cnNNtI4hBmbgy9_8YkyRD5xKOKKRj3_s2lbeZ36EE2JmeSg==

GET
H/1.1 200
OK fonts-remote.min.css
68.87.29.197/static/css/junket/ 3 KB
691 B 232ms
115ms Stylesheet
text/css 68.87.29.197
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5

Requested by

Host: 68.87.29.197
URL: https://68.87.29.197/login/concrete/js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 01:25:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jan 2021 18:59:47 GMT
Server: Apache
ETag: "261-d2f-5b9d2421caec0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 307

GET
H/1.1 200
OK styles-light.min.css
68.87.29.197/static/css/junket/ 45 KB
11 KB 344ms
117ms Stylesheet
text/css 68.87.29.197
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://68.87.29.197/static/css/junket/styles-light.min.css?v=fe74bd5

Requested by

Host: 68.87.29.197
URL: https://68.87.29.197/login/concrete/js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

785532d6bc98e37d9a9152013f9b0874d32fb92fbfc594431d6c9c142ba686f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 01:25:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Jan 2021 18:59:46 GMT
Server: Apache
ETag: "263-b409-5b9d2420d6c80"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 11160

GET
H2 200 e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367 Show response
scripts.webcontentassessor.com/scripts/ 121 KB
32 KB 87ms
19ms Script
application/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367
Requested by: Host: 68.87.29.197
URL: https://68.87.29.197/login/concrete/js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d99a6664747c1f7b4db699e7a556de1a8bde433e80d290827847ad2ecca4a9d

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:25:13 GMT
content-encoding: gzip
age: 3550
x-cache: HIT
content-length: 32641
x-amz-id-2: hQirLxBDOERPB2N2knEirRSrb0/01ADIbWejSGj6AAmAgilP5ze5en2KUfOBf0Z3WjSmA1K1d2E=
x-served-by: cache-cdg20754-CDG
last-modified: Fri, 29 Jan 2021 00:18:50 GMT
server: AmazonS3
x-timer: S1611883513.289673,VS0,VE1
etag: "60bd7218a7f1c55414dbc4d9ac9cf122"
vary: Accept-Encoding
x-amz-request-id: B24F6EACA4F10C39
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H/1.1 200
OK vm-login-form-ad.js Show response
68.87.29.197/static/js/ 9 KB
10 KB 347ms
116ms Script
text/javascript 68.87.29.197
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://68.87.29.197/static/js/vm-login-form-ad.js

Requested by

Host: 68.87.29.197
URL: https://68.87.29.197/login/concrete/js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

ab31816aa0fa561765323e1ffee2f48db4c5c406282a68416b1264c18fa629c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 01:25:13 GMT
Last-Modified: Tue, 26 Jan 2021 18:55:34 GMT
Server: Apache
ETag: "25b-2507-5b9d233083580"
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 9479

GET
H/1.1 200
OK u
7468.v.fwmrm.net/ad/ 0
407 B 582ms
103ms Image
text/html 2607:ae80:2::230
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://7468.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid=%23%7Buser.id%7D

Requested by

Host: 68.87.29.197
URL: https://68.87.29.197/login/concrete/js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2607:ae80:2::230 , United States, ASN26558 (FREEWHEEL, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Jan 2021 01:25:14 GMT
Strict-Transport-Security: max-age=157680000
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Content-Type: text/html
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

firstevent
xfinitydigital.demdex.net/
Redirect Chain

https://xfinitydigital.demdex.net/event?d_sid=4702129
https://xfinitydigital.demdex.net/firstevent?d_sid=4702129

42 B
937 B

41ms
40ms

Image
image/gif

108.128.13.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xfinitydigital.demdex.net/firstevent?d_sid=4702129

Requested by

Host: 68.87.29.197
URL: https://68.87.29.197/login/concrete/js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.13.248 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-13-248.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v088-0d4f4f270.edge-irl1.demdex.com 5.80.5.20210120122710 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 7y3luVnYSa8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: uh2OlD5NQbk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://xfinitydigital.demdex.net/firstevent?d_sid=4702129
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
68.87.29.197/static/js/libs/ 85 KB
85 KB 117ms
116ms Script
text/javascript 68.87.29.197
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://68.87.29.197/static/js/libs/jquery-3.3.1.min.js

Requested by

Host: 68.87.29.197
URL: https://68.87.29.197/login/concrete/js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 01:25:13 GMT
Last-Modified: Tue, 26 Jan 2021 18:55:34 GMT
Server: Apache
ETag: "257-1538f-5b9d233083580"
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 86927

GET
H/1.1 200
OK scripts-responsive.min.js Show response
68.87.29.197/static/js/ 7 KB
7 KB 120ms
118ms Script
text/javascript 68.87.29.197
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://68.87.29.197/static/js/scripts-responsive.min.js?v=fe74bd5

Requested by

Host: 68.87.29.197
URL: https://68.87.29.197/login/concrete/js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

a242719ced92c4a9873915f0d97859ce735dc8e7ccc65d99a37ebc3d6128c77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 01:25:13 GMT
Last-Modified: Tue, 26 Jan 2021 18:59:47 GMT
Server: Apache
ETag: "3fc-1c95-5b9d2421caec0"
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 7317

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 406ms
206ms Other
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://68.87.29.197
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: 3be04153-7358-420b-9f02-a7f2f47a62ac
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: Z4yPCFbCIAMF_JQ=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: vaixo3bVElLmi9HLHqrqjkkLLcKkUDOeKy6ofPR4uS8IN340pLdQCA==
date: Fri, 29 Jan 2021 01:25:13 GMT

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 405ms
206ms Other
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://68.87.29.197
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: a991ecea-808d-4ad4-89f4-255af427d894
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: Z4yPCG5koAMFuvQ=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: jBG0XLS_INVidYUh0Op8jk8CCZd-hVQtlUbX4IP4y-CPUOBR-R2cng==
date: Fri, 29 Jan 2021 01:25:13 GMT

GET
H2 200 launch-46f715e51bac.min.js Show response
assets.adobedtm.com/331fbea29f79/fdd77923e2da/ 142 KB
44 KB 23ms
5ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ac423d0aedd7fd40cd41a1b15c2f8a4eb02fba9feadb1dde8d3055dde2f8034c

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:25:13 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 19:09:38 GMT
server: AkamaiNetStorage
etag: "175b743c46a8770e143db6565f0ec922:1604516978.270368"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://68.87.29.197
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 44826
expires: Fri, 29 Jan 2021 02:25:13 GMT

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
491 B 218ms
217ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ac91189bef1944671e5f57e6b8c83688040aab8e2da7fc608bdac8700bb2e9a0

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Jan 2021 01:25:13 GMT
x-amz-cf-pop: FRA6-C1
x-amz-apigw-id: Z4yPDHDLoAMFu8Q=
x-amzn-requestid: 2692f60c-46a1-48a9-b406-235132a32f20
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-601363f9-51fadb135602e160237cd403
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: C4mx5C1wLAcHnymGPOpDxgCLBJbVhqE-xHZfZKhwtSOXO3PyvGU1-w==

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
490 B 114ms
114ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: effa0c2a10196d64106fcca875a2c044f30d72208fcec75fd213f2cac2d80aac

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Jan 2021 01:25:13 GMT
x-amz-cf-pop: FRA6-C1
x-amz-apigw-id: Z4yPDHGBIAMF45A=
x-amzn-requestid: fa23cae2-7f37-4843-93ce-76e3c43f8094
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-601363f9-3e9198335d15381c69384fb5
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: hBN8z4d3_iprz-FU0mbISbSPlJxyWkr6gAS3iQqnJBSfs7SqaB_NCQ==

GET
H2 200 XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 26 KB
26 KB 18ms
6ms Font
font/woff2 2a02:26f0:6c00:2be::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by: Host: 68.87.29.197
URL: https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Origin: https://68.87.29.197
Referer: https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "e3e79cd377b28c1e7ffea64b194136cf"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2129876
date: Fri, 29 Jan 2021 01:25:13 GMT
accept-ranges: bytes
content-length: 26768
x-amz-cf-id: ByGny3xKJmpswLg8Ti3HbboM-DIgjnMnw6P8yL13EeMa4LUUOVQRAQ==

GET
H2 200 prebid.js Show response
static.cimcontent.net/common-web-assets/ad-assets/prebid/ 217 KB
70 KB 8ms
6ms Script
application/javascript 2a02:26f0:6c00:2be::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js
Requested by: Host: 68.87.29.197
URL: https://68.87.29.197/static/js/vm-login-form-ad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b453aee00d7c7c9e33e2897b911e9295f343a60f33283fd1fe6a9c084a18c51

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: x83zlTVnk6n8.8PpwNXhXPXFFDojUBI1
content-encoding: gzip
last-modified: Thu, 12 Nov 2020 18:12:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "7a495d9002d89d3c5e63ac7e274dbd44"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 29 Jan 2021 01:25:13 GMT
accept-ranges: bytes
content-length: 71285
x-amz-cf-id: mxD7StxS7mMmZS3vAdq1uf1XkCRQZ_-a-7iTeNHZ5QhEjrIUPWBkNw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 109ms
49ms Script
application/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: 68.87.29.197
URL: https://68.87.29.197/static/js/vm-login-form-ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:12:09 GMT
content-encoding: gzip
server: Server
age: 784
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: m.Wx5c17akL0ZDdjRDCoIM1PRpKlJoJG
x-amz-cf-id: HR0dTSOF0Iy_NQqCnN4cQvUOAL3GvtQCRwNN1QGeWkMutnJU35u9Kg==

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 87 KB
31 KB 107ms
39ms Script
application/javascript 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: 68.87.29.197
URL: https://68.87.29.197/static/js/vm-login-form-ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 0bc6e6b1676941880a99fa4d59b2b8ce181cbd64a2ff5249b6ee8c264b99bdf3

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 29 Jan 2021 01:25:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Jan 2021 15:11:25 GMT
Server: nginx/1.13.10
ETag: "6008481d-15c3f"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 30948
Expires: Sat, 30 Jan 2021 01:25:15 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 3 KB
2 KB 149ms
39ms XHR
application/json 34.251.184.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1611883513708

Requested by

Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.251.184.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-251-184-34.eu-west-1.compute.amazonaws.com

Software

Resource Hash

41488ccb8726c86a579ab8360ea5ce1f119a673adc9787e697851b8754079994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v088-08b177f51.edge-irl1.demdex.com 5.80.5.20210120122710 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: mYPNNgNLS8o=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://68.87.29.197
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 967
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 EX42af35e02f37445ba43641984da760ce-libraryCode_source.min.js Show response
assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/ 85 KB
30 KB 32ms
32ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/EX42af35e02f37445ba43641984da760ce-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0bd5fcba6dcf34771f5e3671e1c8956cc44e8f2bc5f98eb12c3eba27348fe963

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:25:13 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 19:09:38 GMT
server: AkamaiNetStorage
etag: "01222062c70687cd8aac20506b88b359:1604516978.963474"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://68.87.29.197
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 30244
expires: Fri, 29 Jan 2021 02:25:13 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 38ms
37ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:25:13 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://68.87.29.197
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Fri, 29 Jan 2021 02:25:13 GMT

GET
DATA 200
OK truncated
/ 933 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 XfinityStandard-Light.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 27 KB
27 KB 6ms
6ms Font
font/woff2 2a02:26f0:6c00:2be::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
Requested by: Host: 68.87.29.197
URL: https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

Request headers

Origin: https://68.87.29.197
Referer: https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: wnCwOacXycelzt78IMkr55wWB9WkMd2W
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "f05d3ebe80809d82ab14d62a79da544e"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2210814
date: Fri, 29 Jan 2021 01:25:13 GMT
accept-ranges: bytes
content-length: 27420
x-amz-cf-id: Yn0klyZugr8sivyV0LgQXqTf_wsk-gexSp3HJt-FNlURJWfRMn1fKQ==

GET
H2 200 XfinityStandard-Medium.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 27 KB
27 KB 8ms
8ms Font
font/woff2 2a02:26f0:6c00:2be::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
Requested by: Host: 68.87.29.197
URL: https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228

Request headers

Origin: https://68.87.29.197
Referer: https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: 6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "13709eac065721ba8cd0e2d1b6fa8026"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=2452962
date: Fri, 29 Jan 2021 01:25:13 GMT
accept-ranges: bytes
content-length: 27152
x-amz-cf-id: Jor3NH61Fn2PSqLJ4zklRkWkGTBT1cUXUjoN7YFV-CumFSqdCCgwmw==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 175ms
89ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11648&site_id=248132&zone_id=1228140&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2F68.87.29.197%2Flogin%2Fconcrete%2Fjs&tk_flint=pbjs_lite_v2.26.0&x_source.tid=73c2e019-3ba2-4270-bcbd-faa51e8a7a7b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6957334924446328
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2244aa59297c563bb302c8f9d3e8de4f1d5f7fc1ab299326f98f17b99eb7bcfa

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 29 Jan 2021 01:25:13 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://68.87.29.197
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
142 B 106ms
34ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=17&wv=2.26.0&cb=36027233095
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://68.87.29.197
date: Fri, 29 Jan 2021 01:25:13 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
166 B 295ms
99ms XHR
application/json 134.209.131.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.131.220 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://68.87.29.197
date: Fri, 29 Jan 2021 01:25:13 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 arj Show response
comcast-d.openx.net/w/1.0/ 174 B
559 B 152ms
54ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comcast-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F68.87.29.197%2Flogin%2Fconcrete%2Fjs&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=73c2e019-3ba2-4270-bcbd-faa51e8a7a7b&nocache=1611883513802&aus=300x600%2C300x250&divIds=ad-block&auid=540654279&
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash: 9feb05f022dda2edeb53834b181467c27dd72b95555b3f97d0241fade86fed94

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 01:25:13 GMT
content-encoding: gzip
server: OXGW/16.200.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://68.87.29.197
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 64ms
63ms XHR
text/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3338&u=https%3A%2F%2F68.87.29.197%2Flogin%2Fconcrete%2Fjs&pid=U9JxidZhmFR7J&cb=0&ws=1600x1200&v=7.58.01&t=1500&slots=%5B%7B%22sd%22%3A%22ad-block%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:25:13 GMT
via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://68.87.29.197
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nMfZ9qwgf4Oxv6-RlDQMvvSlDnPZNjFDFeA4uDUWzTnJ8US2DskGsg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 90ms
30ms XHR
application/javascript 13.224.192.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-34.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 60781
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
date: Thu, 28 Jan 2021 08:32:13 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: qCyCNTvPz-JKYgHtDG2rKRtSSBMJS0fEcZcCHM39rzo7LiulhwIQ7A==

GET
H/1.1 200
OK Cookie set dest5.html
comcast.demdex.net/ Frame AA55 0
0 166ms
38ms Document
text/html 52.50.104.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcast.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.104.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-104-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: comcast.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://68.87.29.197/login/concrete/js
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=00920998524958971522421924033222834927
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://68.87.29.197/login/concrete/js

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 21 Jan 2021 11:34:58 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=00920998524958971522421924033222834927;Path=/;Domain=.demdex.net;Expires=Wed, 28-Jul-2021 01:25:14 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: mqcVfcWzSEM=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
comcastcom.d1.sc.omtrdc.net/ 2 B
315 B 122ms
34ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=00758015547119695112438169631452513864&ts=1611883513867

Requested by

Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 29 Jan 2021 01:25:13 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-554bb77cdd-m6jgh
vary: Origin
x-c: main-1421.Ie84b3e.M0-477
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://68.87.29.197
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 165 B
1 KB 91ms
30ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5fb05efb778e2a7de8d96e4bf8c211a6fdc5f3ce2d246e9d701aedcf32067d43

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 29 Jan 2021 01:25:14 GMT
X-Proxy-Origin: 82.102.18.114; 82.102.18.114; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.103:80
AN-X-Request-Uuid: 4ab6d7d2-8390-4349-831c-93822f00cbd2
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://68.87.29.197
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 165
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 100ms
100ms Other
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://68.87.29.197
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: fcba6181-f354-4d7f-8c32-f1e1d789538c
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: Z4yPHHCvIAMF62A=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: gG7Rd_b1ljcR95bM4gpDd9hbs70hN-y0QmLiK-spOD4drsT4mRITYQ==
date: Fri, 29 Jan 2021 01:25:14 GMT

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 278ms
278ms Other
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://68.87.29.197
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: 6c2c2594-e6cc-420b-9055-8d0e2a750937
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: Z4yPJHweoAMFmgQ=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: rEA5ArjdFEcEHK01MMX3x7K7de6SVYVQCO5D8Toqc6XWo4QYFDM3zA==
date: Fri, 29 Jan 2021 01:25:14 GMT

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 109ms
109ms Other
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://68.87.29.197
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: 7e7532c3-2048-4014-8903-0886fd84825c
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: Z4yPIEKvIAMFsdg=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: fVBvdZVZkKIDfTRzpMw3qPyMOKLp8ONwT5NC9tUWFfGQhktOG9SMjA==
date: Fri, 29 Jan 2021 01:25:14 GMT

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
492 B 116ms
116ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 58dd5c446260d52859f2d12648452654e1e63709cc53a252322268289e154234

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Jan 2021 01:25:14 GMT
x-amz-cf-pop: FRA6-C1
x-amz-apigw-id: Z4yPJGnKoAMFwHg=
x-amzn-requestid: b539a5e2-c0b4-49d8-b965-5a2ddd068cd9
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-601363fa-570885a527a98d20503b962b
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: TpxZXgGQN1l9CNYfJ7DZUaEzzvVL6SgcCF_ZwiXVvXu0Cspz8rCczQ==

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
489 B 120ms
120ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0dec34a347309e46730151f28f0f62d83cc90fd2f43f8af77773073600d61ecf

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Jan 2021 01:25:14 GMT
x-amz-cf-pop: FRA6-C1
x-amz-apigw-id: Z4yPKG2xoAMFRDw=
x-amzn-requestid: 2b23e772-751f-4668-bdfc-42f7533c19fd
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-601363fa-0e2f94a82cee13154343903f
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: qvJIg7HEazYC2tI7eu66-VyDZLc4E_A4z2GWunV-sv7icvqBcqk7Yw==

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
489 B 109ms
108ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e617ff35fc257d16e594d1ee57d3b35e8b2c1e73ac2d495c82ca11632aade636

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 29 Jan 2021 01:25:14 GMT
x-amz-cf-pop: FRA6-C1
x-amz-apigw-id: Z4yPJFAAIAMFuUw=
x-amzn-requestid: 1d2ec558-863a-44aa-8cc5-52ae2f82c9dc
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-601363fa-68d05d2f19a573717316447e
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: 2BhNZ5dIrMNpkUt4KMIVCuu0NjWX72t24GonWlmEQojBkshPpnox3A==

GET
H2 200 RC0203eaed7e334f4faf2d584bda1e9893-source.min.js Show response
assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/ 2 KB
979 B 6ms
6ms Script
application/x-javascript 2a02:26f0:6c00:28a::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/RC0203eaed7e334f4faf2d584bda1e9893-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 03107b2706fe37dde4bf45439ef373f0b5b6e932a5220a347e7c6b3b2f93df95

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:25:14 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 19:09:38 GMT
server: AkamaiNetStorage
etag: "01222062c70687cd8aac20506b88b359:1604516978.963474"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://68.87.29.197
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 716
expires: Fri, 29 Jan 2021 02:25:14 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 81 KB
26 KB 87ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:25:16 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:36 GMT
server: nginx
etag: W/"5ff6ed94-14284"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 30 Jan 2021 01:25:16 GMT

GET
H2 200 syncframe
gum.criteo.com/ Frame 1DCA 0
0 68ms
23ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=68.87.29.197

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=68.87.29.197
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://68.87.29.197/login/concrete/js
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://68.87.29.197/login/concrete/js

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 2272
date: Fri, 29 Jan 2021 01:25:16 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 81 KB
26 KB 66ms
23ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 01:25:16 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:36 GMT
server: nginx
etag: W/"5ff6ed94-14284"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sat, 30 Jan 2021 01:25:16 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEzOrNBFkuIvpwEBytfzfec&google_cver=1

43 B
114 B

37ms
35ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEzOrNBFkuIvpwEBytfzfec&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://68.87.29.197/login/concrete/js
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 29 Jan 2021 01:25:17 GMT
via: 1.1 google
server: OXGW/16.200.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 29 Jan 2021 01:25:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEzOrNBFkuIvpwEBytfzfec&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 20:03:55	Name: dextp Value: 21-1-1611883514048\|60-1-1611883514156
68.87.29.197/	1970-01-20 09:15:55	Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg Value: 359503849%7CMCIDTS%7C18657%7CMCMID%7C00758015547119695112438169631452513864%7CMCAAMLH-1612488313%7C6%7CMCAAMB-1612488313%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1611890713s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.1
68.87.29.197/login/concrete	1970-01-20 09:15:55	Name: bid Value: M4DEHQAkST2Eqp22xR6tZHIQvfI
68.87.29.197/	1969-12-31 23:59:59	Name: BIGipServerp_loginxf-wcdc-ipv4_443 Value: !eFteR87Ag2ewLV/ab3bAYz+ZnnXVjb0n+aglkEVwO8xTlmY0aIQahMZzu+ytlgEaaX9eRlFWZhL8K8k=
.demdex.net/	1970-01-19 20:03:55	Name: demdex Value: 00920998524958971522421924033222834927
68.87.29.197/	1969-12-31 23:59:59	Name: AMCVS_DA11332E5321D0550A490D45%40AdobeOrg Value: 1
68.87.29.197/	1969-12-31 23:59:59	Name: SESSION Value: c270d5f9-1e0f-4594-b731-6672c7b9fdc3

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/EX42af35e02f37445ba43641984da760ce-libraryCode_source.min.js(Line 2) Message: Error, missing Report Suite ID in AppMeasurement initialization
console-api	info	URL: https://acdn.adnxs.com/ast/ast.js(Line 1) Message: AST library loaded: 0.35.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7468.v.fwmrm.net
acdn.adnxs.com
assets.adobedtm.com
bidder.criteo.com
c.amazon-adsystem.com
cm.g.doubleclick.net
comcast-d.openx.net
comcast.demdex.net
comcastcom.d1.sc.omtrdc.net
dl.cws.xfinity.com
dpm.demdex.net
e.serverbid.com
eu-u.openx.net
fastlane.rubiconproject.com
gum.criteo.com
ib.adnxs.com
scripts.webcontentassessor.com
static.cimcontent.net
static.criteo.net
us-u.openx.net
xfinitydigital.demdex.net
108.128.13.248
13.224.192.34
134.209.131.220
15.237.136.106
151.101.130.217
178.250.2.131
2.18.232.130
2607:ae80:2::230
2a00:1450:4001:812::2002
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:28a::1e80
2a02:26f0:6c00:295::2c06
2a02:26f0:6c00:2be::30d4
34.251.184.34
34.98.64.218
37.252.172.37
52.50.104.129
68.87.29.197
69.173.144.140
03107b2706fe37dde4bf45439ef373f0b5b6e932a5220a347e7c6b3b2f93df95
032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0bc6e6b1676941880a99fa4d59b2b8ce181cbd64a2ff5249b6ee8c264b99bdf3
0bd5fcba6dcf34771f5e3671e1c8956cc44e8f2bc5f98eb12c3eba27348fe963
0dec34a347309e46730151f28f0f62d83cc90fd2f43f8af77773073600d61ecf
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b453aee00d7c7c9e33e2897b911e9295f343a60f33283fd1fe6a9c084a18c51
2244aa59297c563bb302c8f9d3e8de4f1d5f7fc1ab299326f98f17b99eb7bcfa
2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
3ead5e2cd5cb377e25c5c22a466f0c06f0a4a416826c937f89f9391d8e84e38e
41488ccb8726c86a579ab8360ea5ce1f119a673adc9787e697851b8754079994
4183e04825d9e7a88c01f8a1eaa60fe5faae80ec4bf28757eb19111b0db94561
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
58dd5c446260d52859f2d12648452654e1e63709cc53a252322268289e154234
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5
5fb05efb778e2a7de8d96e4bf8c211a6fdc5f3ce2d246e9d701aedcf32067d43
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
785532d6bc98e37d9a9152013f9b0874d32fb92fbfc594431d6c9c142ba686f4
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
9d99a6664747c1f7b4db699e7a556de1a8bde433e80d290827847ad2ecca4a9d
9feb05f022dda2edeb53834b181467c27dd72b95555b3f97d0241fade86fed94
a242719ced92c4a9873915f0d97859ce735dc8e7ccc65d99a37ebc3d6128c77d
ab31816aa0fa561765323e1ffee2f48db4c5c406282a68416b1264c18fa629c8
ac423d0aedd7fd40cd41a1b15c2f8a4eb02fba9feadb1dde8d3055dde2f8034c
ac91189bef1944671e5f57e6b8c83688040aab8e2da7fc608bdac8700bb2e9a0
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e617ff35fc257d16e594d1ee57d3b35e8b2c1e73ac2d495c82ca11632aade636
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effa0c2a10196d64106fcca875a2c044f30d72208fcec75fd213f2cac2d80aac
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

68.87.29.197 Open in urlscan Pro 68.87.29.197 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

45 Requests

84 %HTTPS

35 %IPv6

15 Domains

21 Subdomains

20 IPs

5 Countries

533 kBTransfer

1290 kBSize

7 Cookies

10 Outgoing links

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

68.87.29.197 Open in urlscan Pro
68.87.29.197 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

84 %
HTTPS

35 %
IPv6

15
Domains

21
Subdomains

20
IPs

5
Countries

533 kB
Transfer

1290 kB
Size

7
Cookies

45 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!