urlscan.io logo urlscan.io
SecurityTrails logo

68.87.29.197 Open in urlscan Pro
68.87.29.197  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Submission: On January 29 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 6 countries across 15 domains to perform 45 HTTP transactions. The main IP is 68.87.29.197, located in United States and belongs to COMCAST-7922, US. The main domain is 68.87.29.197.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on October 2nd 2020. Valid for: a year.
This is the only time 68.87.29.197 was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

IP Address AS Autonomous System
7 68.87.29.197 7922 (COMCAST-7922)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.114.217 54113 (FASTLY)
1 2607:ae80:5::230 26558 (FREEWHEEL)
1 4 34.249.66.13 16509 (AMAZON-02)
10 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 13.224.192.34 16509 (AMAZON-02)
1 151.101.113.108 54113 (FASTLY)
1 165.227.252.242 14061 (DIGITALOC...)
2 4 35.244.159.8 15169 (GOOGLE)
1 69.173.144.141 26667 (RUBICONPR...)
1 178.250.2.131 44788 (ASN-CRITE...)
1 15.237.76.117 16509 (AMAZON-02)
1 185.33.220.145 29990 (ASN-APPNEX)
2 2a02:2638::3 44788 (ASN-CRITE...)
1 2a02:2638::1c 44788 (ASN-CRITE...)
1 1 172.217.23.98 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
45 18
7    68.87.29.197 (United States)

ASN7922 (COMCAST-7922, US)
68.87.29.197
5    2a02:26f0:6c00:2bd::30d4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
static.cimcontent.net
1    151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
scripts.webcontentassessor.com
1    2607:ae80:5::230 (United States)

ASN26558 (FREEWHEEL, US)
7468.v.fwmrm.net
4    34.249.66.13 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
xfinitydigital.demdex.net
dpm.demdex.net
comcast.demdex.net
10    2a02:26f0:6c00:29a::2c06 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
dl.cws.xfinity.com
4    2a02:26f0:6c00:28a::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
3    13.224.192.34 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-34.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    165.227.252.242 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
4    35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
comcast-d.openx.net
eu-u.openx.net
us-u.openx.net
1    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
comcastcom.d1.sc.omtrdc.net
1    185.33.220.145 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net
cm.g.doubleclick.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cm.g.doubleclick.net
Domain Requested by
10 dl.cws.xfinity.com static.cimcontent.net
5 static.cimcontent.net 68.87.29.197
4 assets.adobedtm.com static.cimcontent.net
assets.adobedtm.com
3 c.amazon-adsystem.com 68.87.29.197
static.cimcontent.net
2 cm.g.doubleclick.net 2 redirects
2 eu-u.openx.net 2 redirects
2 static.criteo.net static.cimcontent.net
2 xfinitydigital.demdex.net 1 redirects 68.87.29.197
1 us-u.openx.net
1 gum.criteo.com static.criteo.net
1 ib.adnxs.com static.cimcontent.net
1 comcastcom.d1.sc.omtrdc.net static.cimcontent.net
1 comcast.demdex.net assets.adobedtm.com
1 bidder.criteo.com static.cimcontent.net
1 fastlane.rubiconproject.com static.cimcontent.net
1 comcast-d.openx.net static.cimcontent.net
1 e.serverbid.com static.cimcontent.net
1 acdn.adnxs.com 68.87.29.197
1 dpm.demdex.net static.cimcontent.net
1 7468.v.fwmrm.net 68.87.29.197
1 scripts.webcontentassessor.com 68.87.29.197
45 21
Subject Issuer Validity Valid
*.identity.xfinity.com
COMODO RSA Organization Validation Secure Server CA		 2020-10-02 -
2021-10-02		 a year crt.sh
static.cimcontent.net
COMODO RSA Organization Validation Secure Server CA		 2020-04-16 -
2022-04-16		 2 years crt.sh
scripts.webcontentassessor.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-01-27 -
2022-02-28		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-08 -
2021-09-30		 9 months crt.sh
*.cws.xfinity.com
COMODO RSA Organization Validation Secure Server CA		 2020-05-04 -
2022-05-04		 2 years crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-10-29 -
2021-04-14		 5 months crt.sh
e.serverbid.com
R3		 2020-12-17 -
2021-03-17		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-17 -
2021-02-14		 3 months crt.sh
*.d1.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-02-28 -
2022-03-04		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-17 -
2021-02-14		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://68.87.29.197/login/static/static/phpinfo.php...
Frame ID: C24EF2701B8A5D40F3E69C64C2353483
Requests: 40 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: E4CD7B414C99447C802805F6801E7737
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=68.87.29.197
Frame ID: 696178418835BFC3404E9C46A128CDC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

45
Requests

84 %
HTTPS

37 %
IPv6

15
Domains

21
Subdomains

18
IPs

6
Countries

535 kB
Transfer

1293 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://xfinitydigital.demdex.net/event?d_sid=4702129 HTTP 302
  • https://xfinitydigital.demdex.net/firstevent?d_sid=4702129
Request Chain 45
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=1 HTTP 302
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHABnK80lrUN90W1Xfig_nA&google_cver=1

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set phpinfo.php...
68.87.29.197/login/static/static/ 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
/
Resource Hash
d6a59caace6a901e919840d03af80b3a58a2ac2f6d64bc5f5e2d5904b4014a68
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Host
68.87.29.197
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 Jan 2021 01:19:53 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/html;charset=utf-8
X-Frame-Options
DENY
Cache-Control
private, max-age=0, no-cache, must-revalidate
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
X-XSS-Protection
1; mode=block
Set-Cookie
bid=e9wUKv9pSxCdtqWqF64C5g6t-HY; Expires=Sun, 29 Jan 2023 01:19:53 UTC; SameSite=None; Secure; HttpOnly SESSION=642f0d24-3014-43a8-9039-df3442851d35;Path=/;Secure;HttpOnly BIGipServerp_loginxf-wcdc-ipv4_443=!o2OfycdzT2RbH9Tab3bAYz+ZnnXVja2DNcbhAW/5oR3d+pzICu4ZZhqEpiuDy0sOoz0AhzJrTScToek=; path=/; Httponly; Secure
Via
1.1 idm.xfinity.com
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
4049
Keep-Alive
timeout=5, max=500
Connection
Keep-Alive
comcast-common.js
68.87.29.197/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://68.87.29.197/static/js/comcast-common.js
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 Jan 2021 01:19:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Jan 2021 19:00:20 GMT
Server
Apache
ETag
"1d3-6d5-5b9d244143900"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
742
/
static.cimcontent.net/data-layer/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/data-layer/?appID=login
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3ead5e2cd5cb377e25c5c22a466f0c06f0a4a416826c937f89f9391d8e84e38e

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
6NZr6V6JEKIFXnPJ8w5S2wjjqpeDybu6
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 16:08:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"26aed2c2476fdda6683909fb5f1683d8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
date
Fri, 29 Jan 2021 01:19:53 GMT
accept-ranges
bytes
content-length
22972
x-amz-cf-id
ggiib-6cnNNtI4hBmbgy9_8YkyRD5xKOKKRj3_s2lbeZ36EE2JmeSg==
fonts-remote.min.css
68.87.29.197/static/css/junket/ 		3 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 Jan 2021 01:19:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Jan 2021 18:59:47 GMT
Server
Apache
ETag
"21e-d2f-5b9d2421caec0"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
307
styles-light.min.css
68.87.29.197/static/css/junket/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://68.87.29.197/static/css/junket/styles-light.min.css?v=fe74bd5
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
785532d6bc98e37d9a9152013f9b0874d32fb92fbfc594431d6c9c142ba686f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 Jan 2021 01:19:53 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Jan 2021 18:59:46 GMT
Server
Apache
ETag
"221-b409-5b9d2420d6c80"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
11160
e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367
scripts.webcontentassessor.com/scripts/ 		121 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d99a6664747c1f7b4db699e7a556de1a8bde433e80d290827847ad2ecca4a9d

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 01:19:53 GMT
content-encoding
gzip
age
3071
x-cache
HIT
content-length
32641
x-amz-id-2
xb4pMTe35W1+Smez3uAvE/K3qlqAAP7q6dOHmSLrlPEmgySHViJ3SH7UvvmsNHZq8XejcPjOHb0=
x-served-by
cache-hhn4034-HHN
last-modified
Fri, 29 Jan 2021 00:18:50 GMT
server
AmazonS3
x-timer
S1611883193.487935,VS0,VE0
etag
"60bd7218a7f1c55414dbc4d9ac9cf122"
vary
Accept-Encoding
x-amz-request-id
0C61DA3672A311A8
via
1.1 varnish
cache-control
max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
3
vm-login-form-ad.js
68.87.29.197/static/js/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://68.87.29.197/static/js/vm-login-form-ad.js
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
ab31816aa0fa561765323e1ffee2f48db4c5c406282a68416b1264c18fa629c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 Jan 2021 01:19:53 GMT
Last-Modified
Tue, 26 Jan 2021 18:55:34 GMT
Server
Apache
ETag
"218-2507-5b9d233083580"
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
9479
u
7468.v.fwmrm.net/ad/ 		0
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7468.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid=%23%7Buser.id%7D
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2607:ae80:5::230 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=157680000

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 29 Jan 2021 01:19:54 GMT
Strict-Transport-Security
max-age=157680000
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Content-Type
text/html
Content-Length
0
Expires
0
firstevent
xfinitydigital.demdex.net/
Redirect Chain
  • https://xfinitydigital.demdex.net/event?d_sid=4702129
  • https://xfinitydigital.demdex.net/firstevent?d_sid=4702129
42 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xfinitydigital.demdex.net/firstevent?d_sid=4702129
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.66.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v088-0aa58ca3e.edge-irl1.demdex.com 5.80.5.20210120122710 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
gZTKRrfrSbA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GJ3JpKqiSWw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://xfinitydigital.demdex.net/firstevent?d_sid=4702129
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
jquery-3.3.1.min.js
68.87.29.197/static/js/libs/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://68.87.29.197/static/js/libs/jquery-3.3.1.min.js
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 Jan 2021 01:19:53 GMT
Last-Modified
Tue, 26 Jan 2021 18:55:34 GMT
Server
Apache
ETag
"213-1538f-5b9d233083580"
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
86927
scripts-responsive.min.js
68.87.29.197/static/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://68.87.29.197/static/js/scripts-responsive.min.js?v=fe74bd5
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/login/static/static/phpinfo.php...
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
68.87.29.197 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
a242719ced92c4a9873915f0d97859ce735dc8e7ccc65d99a37ebc3d6128c77d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 Jan 2021 01:19:53 GMT
Last-Modified
Tue, 26 Jan 2021 18:59:47 GMT
Server
Apache
ETag
"52d-1c95-5b9d2421caec0"
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=497
Content-Length
7317
/
dl.cws.xfinity.com/event/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Server
2a02:26f0:6c00:29a::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type
Origin
https://68.87.29.197
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
x-amzn-requestid
c6dd0d6f-3c80-4bc8-9625-169a3cb9761f
access-control-allow-origin
*
access-control-allow-headers
Content-Type
x-amz-apigw-id
Z4xdEEv2oAMFvFw=
access-control-allow-methods
HEAD,OPTIONS,PUT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
c6Oc7sqM55dcIYYidkr5VJx71s7ri8nAVYEgFJ6Gyu5t41MLJE7hdw==
date
Fri, 29 Jan 2021 01:19:53 GMT
/
dl.cws.xfinity.com/event/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Server
2a02:26f0:6c00:29a::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type
Origin
https://68.87.29.197
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
x-amzn-requestid
343b88a2-f93a-4fb8-96ec-51e13192e6a1
access-control-allow-origin
*
access-control-allow-headers
Content-Type
x-amz-apigw-id
Z4xdGER1oAMFs7A=
access-control-allow-methods
HEAD,OPTIONS,PUT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
Gfc_QsZ3yRqx4kq6TEdc7zEe02i-5U-EabwWBvE-Wc1akSyefOqfyg==
date
Fri, 29 Jan 2021 01:19:54 GMT
launch-46f715e51bac.min.js
assets.adobedtm.com/331fbea29f79/fdd77923e2da/ 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ac423d0aedd7fd40cd41a1b15c2f8a4eb02fba9feadb1dde8d3055dde2f8034c

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 01:19:53 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 19:09:38 GMT
server
AkamaiNetStorage
etag
"175b743c46a8770e143db6565f0ec922:1604516978.270368"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://68.87.29.197
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
44826
expires
Fri, 29 Jan 2021 02:19:53 GMT
/
dl.cws.xfinity.com/event/ 		110 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29a::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
66e386a4839bfef88772fe6db518cf736f92be0324c11fcef52308f98f36691d

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Jan 2021 01:19:54 GMT
x-amz-cf-pop
FRA6-C1
x-amz-apigw-id
Z4xdFFIKIAMF8JA=
x-amzn-requestid
055568ae-8fd5-40f0-9210-0903e8129708
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-601362ba-09cf4a885071b5dd6c6832ff
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
L0rdBZYuX8MNlj_qUhDRCly6IQrZjWle6aUr5XDkRGuAyUcqrpKoYQ==
/
dl.cws.xfinity.com/event/ 		110 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29a::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a1f5e3251ef8881f260e70495f0471bc0128a4de4f70ed4e7977d19042daab61

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Jan 2021 01:19:54 GMT
x-amz-cf-pop
FRA6-C1
x-amz-apigw-id
Z4xdHF51IAMF3cw=
x-amzn-requestid
83ad8609-9185-47a5-9494-53793e7a394c
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-601362ba-22ae933c6448cd4f5558ec64
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
X4kO71dz3aPc-xLsvzumOkd7bzoy5Qx_2pzUe5CQB92pA8xnoPCpdw==
XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Origin
https://68.87.29.197
Referer
https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"e3e79cd377b28c1e7ffea64b194136cf"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2130196
date
Fri, 29 Jan 2021 01:19:53 GMT
accept-ranges
bytes
content-length
26768
x-amz-cf-id
ByGny3xKJmpswLg8Ti3HbboM-DIgjnMnw6P8yL13EeMa4LUUOVQRAQ==
id
dpm.demdex.net/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1611883193927
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.66.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e2ed2b427f112252a159c8e7fd72df4051e6411209551b17b60b2141e0eb01df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v088-0b7a5de5a.edge-irl1.demdex.com 5.80.5.20210120122710 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
fj4wvM3uS9E=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://68.87.29.197
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
961
Expires
Thu, 01 Jan 1970 00:00:00 GMT
EX42af35e02f37445ba43641984da760ce-libraryCode_source.min.js
assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/EX42af35e02f37445ba43641984da760ce-libraryCode_source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0bd5fcba6dcf34771f5e3671e1c8956cc44e8f2bc5f98eb12c3eba27348fe963

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 01:19:53 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 19:09:38 GMT
server
AkamaiNetStorage
etag
"01222062c70687cd8aac20506b88b359:1604516978.963474"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://68.87.29.197
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
30244
expires
Fri, 29 Jan 2021 02:19:53 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 01:19:53 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:53 GMT
server
AkamaiNetStorage
etag
"c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://68.87.29.197
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Fri, 29 Jan 2021 02:19:53 GMT
prebid.js
static.cimcontent.net/common-web-assets/ad-assets/prebid/ 		217 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/static/js/vm-login-form-ad.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1b453aee00d7c7c9e33e2897b911e9295f343a60f33283fd1fe6a9c084a18c51

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
x83zlTVnk6n8.8PpwNXhXPXFFDojUBI1
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 18:12:35 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"7a495d9002d89d3c5e63ac7e274dbd44"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
date
Fri, 29 Jan 2021 01:19:54 GMT
accept-ranges
bytes
content-length
71285
x-amz-cf-id
mxD7StxS7mMmZS3vAdq1uf1XkCRQZ_-a-7iTeNHZ5QhEjrIUPWBkNw==
apstag.js
c.amazon-adsystem.com/aax2/ 		116 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/static/js/vm-login-form-ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 01:12:09 GMT
content-encoding
gzip
server
Server
age
465
etag
089c185b065ebe3e9c21625b16dea242
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
m.Wx5c17akL0ZDdjRDCoIM1PRpKlJoJG
x-amz-cf-id
ZpH2SIXX_c9FYaV5bqX-rfoMs4TG154T6cMNubCuN0jD9fx12oQ9zw==
ast.js
acdn.adnxs.com/ast/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/static/js/vm-login-form-ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
0bc6e6b1676941880a99fa4d59b2b8ce181cbd64a2ff5249b6ee8c264b99bdf3

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 29 Jan 2021 01:19:54 GMT
Content-Encoding
gzip
Age
36489
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
30948
X-Served-By
cache-lga21952-LGA, cache-hhn4080-HHN
Access-Control-Allow-Origin
*
Last-Modified
Wed, 20 Jan 2021 15:11:25 GMT
Server
nginx/1.13.10
X-Timer
S1611883194.141393,VS0,VE0
ETag
W/"6008481d-15c3f"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 21 Jan 2021 15:11:29 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 64997
truncated
/ 		933 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
XfinityStandard-Light.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

Request headers

Origin
https://68.87.29.197
Referer
https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
wnCwOacXycelzt78IMkr55wWB9WkMd2W
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"f05d3ebe80809d82ab14d62a79da544e"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2211133
date
Fri, 29 Jan 2021 01:19:54 GMT
accept-ranges
bytes
content-length
27420
x-amz-cf-id
Yn0klyZugr8sivyV0LgQXqTf_wsk-gexSp3HJt-FNlURJWfRMn1fKQ==
XfinityStandard-Medium.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
Requested by
Host: 68.87.29.197
URL: https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228

Request headers

Origin
https://68.87.29.197
Referer
https://68.87.29.197/static/css/junket/fonts-remote.min.css?v=fe74bd5
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"13709eac065721ba8cd0e2d1b6fa8026"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2588519
date
Fri, 29 Jan 2021 01:19:54 GMT
accept-ranges
bytes
content-length
27152
x-amz-cf-id
Jor3NH61Fn2PSqLJ4zklRkWkGTBT1cUXUjoN7YFV-CumFSqdCCgwmw==
v2
e.serverbid.com/api/ 		16 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
165.227.252.242 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://68.87.29.197
date
Fri, 29 Jan 2021 01:19:53 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
arj
comcast-d.openx.net/w/1.0/ 		173 B
560 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comcast-d.openx.net/w/1.0/arj?ju=https%3A%2F%2F68.87.29.197%2Flogin%2Fstatic%2Fstatic%2Fphpinfo.php...&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=e58299b8-f2d4-449d-9968-bf03bd9b024f&nocache=1611883194078&aus=300x600%2C300x250&divIds=ad-block&auid=540654279&
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.200.0 /
Resource Hash
c352c304c40975d911d0b806feb5660c54e2ce887f7efa88bba9b2611dedc4cd

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 29 Jan 2021 01:19:54 GMT
content-encoding
gzip
server
OXGW/16.200.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://68.87.29.197
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
166
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11648&site_id=248132&zone_id=1228140&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2F68.87.29.197%2Flogin%2Fstatic%2Fstatic%2Fphpinfo.php...&tk_flint=pbjs_lite_v2.26.0&x_source.tid=e58299b8-f2d4-449d-9968-bf03bd9b024f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.021174435045571594
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
364abf723b3caa6fb70d14ce92a25e80d45fd264921aeaf129da0344cf8b2672

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 29 Jan 2021 01:19:54 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://68.87.29.197
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1672
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=17&wv=2.26.0&cb=12583635155
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://68.87.29.197
date
Fri, 29 Jan 2021 01:19:53 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3338&u=https%3A%2F%2F68.87.29.197%2Flogin%2Fstatic%2Fstatic%2Fphpinfo.php...&pid=L00zQd9ylWleH&cb=0&ws=1600x1200&v=7.58.01&t=1500&slots=%5B%7B%22sd%22%3A%22ad-block%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 01:19:54 GMT
via
1.1 0e75d8f2d484ce463fc04f5c422aa179.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://68.87.29.197
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
zsKFjN49f6jYCQ5Gzb2r_3kzr2LS_XQnoS2pBHKxGbsTIi5Myb-Umw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.34 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-34.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
60462
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Wed, 23 Dec 2020 21:52:09 GMT
server
AmazonS3
date
Thu, 28 Jan 2021 08:32:13 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
2CUiS7tblmUI33lr-ggFu9i9dgwUb45E29d-85OaL9VqTgtAnqp8WQ==
Cookie set dest5.html
comcast.demdex.net/ Frame E4CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://comcast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.66.13 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-66-13.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
comcast.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://68.87.29.197/login/static/static/phpinfo.php...
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=42011407593754660682598965118630657340
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://68.87.29.197/login/static/static/phpinfo.php...

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 21 Jan 2021 11:47:43 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=42011407593754660682598965118630657340;Path=/;Domain=.demdex.net;Expires=Wed, 28-Jul-2021 01:19:54 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
C+/Q/iScRRI=
Content-Length
2785
Connection
keep-alive
id
comcastcom.d1.sc.omtrdc.net/ 		2 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=59518604918604730060596899253772084339&ts=1611883194214
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-237-76-117.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 29 Jan 2021 01:19:54 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-554bb77cdd-b6cp2
vary
Origin
x-c
main-1421.Ie84b3e.M0-477
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://68.87.29.197
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
v3
ib.adnxs.com/ut/ 		19 B
708 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.145 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 29 Jan 2021 01:19:54 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.237:80
AN-X-Request-Uuid
4839ebd1-ed51-41ba-ae11-9f029ae7e9c2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://68.87.29.197
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
dl.cws.xfinity.com/event/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Server
2a02:26f0:6c00:29a::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type
Origin
https://68.87.29.197
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
x-amzn-requestid
c4b82c02-9f99-4fa7-ad6f-ca1b50b3ba74
access-control-allow-origin
*
access-control-allow-headers
Content-Type
x-amz-apigw-id
Z4xdMFHbIAMFl1Q=
access-control-allow-methods
HEAD,OPTIONS,PUT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
d15NlnUzi0bUfy5tL-Njn-uulf7EOHXAPNd9BHJb6noufe1iCtsDAw==
date
Fri, 29 Jan 2021 01:19:54 GMT
/
dl.cws.xfinity.com/event/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Server
2a02:26f0:6c00:29a::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type
Origin
https://68.87.29.197
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
x-amzn-requestid
dfe35850-185b-4a5e-ac93-189cc039951b
access-control-allow-origin
*
access-control-allow-headers
Content-Type
x-amz-apigw-id
Z4xdOEUxoAMFs7A=
access-control-allow-methods
HEAD,OPTIONS,PUT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
N0hEkFsrhYemK4M9ofn1AwTeBV_lztqNrlpu-tVdz8qY7W7gGR5tUA==
date
Fri, 29 Jan 2021 01:19:55 GMT
/
dl.cws.xfinity.com/event/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Server
2a02:26f0:6c00:29a::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type
Origin
https://68.87.29.197
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
x-amzn-requestid
20073b5c-cdd2-4573-92b4-94e52d857020
access-control-allow-origin
*
access-control-allow-headers
Content-Type
x-amz-apigw-id
Z4xdMFesIAMFxtw=
access-control-allow-methods
HEAD,OPTIONS,PUT
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
NoUBnkdkrTF9RZxyiuaWK6erNE1Kb_dBvlAcnV1ey-ripLRwu9ajfg==
date
Fri, 29 Jan 2021 01:19:54 GMT
/
dl.cws.xfinity.com/event/ 		110 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29a::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
13526f1b990f11d21057249d8138d22482d2afb2ece89e3cef8cfe8399d9682c

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Jan 2021 01:19:55 GMT
x-amz-cf-pop
FRA6-C1
x-amz-apigw-id
Z4xdPFMtIAMFYnA=
x-amzn-requestid
8a42f867-2059-4820-a570-a36c58290e24
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-601362bb-52df9eaa19a25e863b7f00ab
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
r4b_-qRNdFS5R6mIaxfETNvXv_Yb6fDJtMO0FbupaaWeacLMqcpAkg==
/
dl.cws.xfinity.com/event/ 		110 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29a::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ff3a3cf01a567f1c7cf808904b0081c404a106e06e2b5c27c8fee33bf34f6595

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Jan 2021 01:19:55 GMT
x-amz-cf-pop
FRA6-C1
x-amz-apigw-id
Z4xdRE3AoAMFoXQ=
x-amzn-requestid
00edfe14-4af2-4145-a9af-daf9843e1f85
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-601362bb-3a7ba15861b93b9a76374a9e
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
_HWESIy3jKy4WK6-t8bG6hTUCNxUL_4Ktc3Y4Lh-zGLf-hQIezNq2A==
/
dl.cws.xfinity.com/event/ 		110 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:29a::2c06 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
12ee40575a59c2b882581bd49ecbdfa41ebf8f0a221a9c98d585a342eb3fdcf6

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 29 Jan 2021 01:19:55 GMT
x-amz-cf-pop
FRA6-C1
x-amz-apigw-id
Z4xdQElVoAMFV8A=
x-amzn-requestid
f88fdec0-2d59-404b-a653-329482e275bb
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-601362bb-66346a3065e6ae466e348954
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
3JHzHCqRAyo0nOnYSQQmORLB5fTAGgPo--uvmWYDjuWOUlt4rIZRfw==
RC0203eaed7e334f4faf2d584bda1e9893-source.min.js
assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/ 		2 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/RC0203eaed7e334f4faf2d584bda1e9893-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
03107b2706fe37dde4bf45439ef373f0b5b6e932a5220a347e7c6b3b2f93df95

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 01:19:54 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 19:09:38 GMT
server
AkamaiNetStorage
etag
"01222062c70687cd8aac20506b88b359:1604516978.963474"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://68.87.29.197
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
716
expires
Fri, 29 Jan 2021 02:19:54 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		81 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 01:19:57 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 11:16:36 GMT
server
nginx
etag
W/"5ff6ed94-14284"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 30 Jan 2021 01:19:57 GMT
syncframe
gum.criteo.com/ Frame 6961 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=68.87.29.197
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=68.87.29.197
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://68.87.29.197/login/static/static/phpinfo.php...
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://68.87.29.197/login/static/static/phpinfo.php...

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1666
date
Fri, 29 Jan 2021 01:19:56 GMT
content-length
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		81 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 01:19:57 GMT
content-encoding
gzip
last-modified
Thu, 07 Jan 2021 11:16:36 GMT
server
nginx
etag
W/"5ff6ed94-14284"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sat, 30 Jan 2021 01:19:57 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=1
  • https://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHABnK80lrUN90W1Xfig_nA&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHABnK80lrUN90W1Xfig_nA&google_cver=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.200.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://68.87.29.197/login/static/static/phpinfo.php...
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Jan 2021 01:19:57 GMT
via
1.1 google
server
OXGW/16.200.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Jan 2021 01:19:57 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHABnK80lrUN90W1Xfig_nA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated boolean| trackingDebug object| digitalData object| runtimeData object| apntag object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_AudienceManagement function| DIL function| s_doPlugins function| s_getLoadTime function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq string| upDate undefined| s_account object| s undefined| c_rspers undefined| c_r undefined| c_w object| adInfo object| apstag object| pbjs function| pbjsChunk object| __core-js_shared__ function| JSEncrypt object| Criteo boolean| apstagLOADED function| $ function| jQuery object| login object| shared function| CircleLoader number| s_loadT number| s_objectID object| criteo_pubtag object| criteo_pubtag_prebid_103 object| Criteo_prebid_103

7 Cookies

Domain/Path Name / Value
.demdex.net/ Name: dextp
Value: 21-1-1611883194501|60-1-1611883194602
68.87.29.197/ Name: BIGipServerp_loginxf-wcdc-ipv4_443
Value: !o2OfycdzT2RbH9Tab3bAYz+ZnnXVja2DNcbhAW/5oR3d+pzICu4ZZhqEpiuDy0sOoz0AhzJrTScToek=
.demdex.net/ Name: demdex
Value: 42011407593754660682598965118630657340
68.87.29.197/ Name: AMCVS_DA11332E5321D0550A490D45%40AdobeOrg
Value: 1
68.87.29.197/ Name: SESSION
Value: 642f0d24-3014-43a8-9039-df3442851d35
68.87.29.197/ Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg
Value: 359503849%7CMCIDTS%7C18657%7CMCMID%7C59518604918604730060596899253772084339%7CMCAAMLH-1612487994%7C6%7CMCAAMB-1612487994%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1611890394s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.0.1
68.87.29.197/login/static/static Name: bid
Value: e9wUKv9pSxCdtqWqF64C5g6t-HY

2 Console Messages

Source Level URL
Text
console-api log URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/EX42af35e02f37445ba43641984da760ce-libraryCode_source.min.js(Line 2)
Message:
Error, missing Report Suite ID in AppMeasurement initialization
console-api info URL: https://acdn.adnxs.com/ast/ast.js(Line 1)
Message:
AST library loaded: 0.35.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7468.v.fwmrm.net
acdn.adnxs.com
assets.adobedtm.com
bidder.criteo.com
c.amazon-adsystem.com
cm.g.doubleclick.net
comcast-d.openx.net
comcast.demdex.net
comcastcom.d1.sc.omtrdc.net
dl.cws.xfinity.com
dpm.demdex.net
e.serverbid.com
eu-u.openx.net
fastlane.rubiconproject.com
gum.criteo.com
ib.adnxs.com
scripts.webcontentassessor.com
static.cimcontent.net
static.criteo.net
us-u.openx.net
xfinitydigital.demdex.net
13.224.192.34
15.237.76.117
151.101.113.108
151.101.114.217
165.227.252.242
172.217.23.98
178.250.2.131
185.33.220.145
2607:ae80:5::230
2a00:1450:4001:813::2002
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:28a::1e80
2a02:26f0:6c00:29a::2c06
2a02:26f0:6c00:2bd::30d4
34.249.66.13
35.244.159.8
68.87.29.197
69.173.144.141
03107b2706fe37dde4bf45439ef373f0b5b6e932a5220a347e7c6b3b2f93df95
032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0bc6e6b1676941880a99fa4d59b2b8ce181cbd64a2ff5249b6ee8c264b99bdf3
0bd5fcba6dcf34771f5e3671e1c8956cc44e8f2bc5f98eb12c3eba27348fe963
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
12ee40575a59c2b882581bd49ecbdfa41ebf8f0a221a9c98d585a342eb3fdcf6
13526f1b990f11d21057249d8138d22482d2afb2ece89e3cef8cfe8399d9682c
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b453aee00d7c7c9e33e2897b911e9295f343a60f33283fd1fe6a9c084a18c51
2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
364abf723b3caa6fb70d14ce92a25e80d45fd264921aeaf129da0344cf8b2672
3ead5e2cd5cb377e25c5c22a466f0c06f0a4a416826c937f89f9391d8e84e38e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5
66e386a4839bfef88772fe6db518cf736f92be0324c11fcef52308f98f36691d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
785532d6bc98e37d9a9152013f9b0874d32fb92fbfc594431d6c9c142ba686f4
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
9d99a6664747c1f7b4db699e7a556de1a8bde433e80d290827847ad2ecca4a9d
a1f5e3251ef8881f260e70495f0471bc0128a4de4f70ed4e7977d19042daab61
a242719ced92c4a9873915f0d97859ce735dc8e7ccc65d99a37ebc3d6128c77d
ab31816aa0fa561765323e1ffee2f48db4c5c406282a68416b1264c18fa629c8
ac423d0aedd7fd40cd41a1b15c2f8a4eb02fba9feadb1dde8d3055dde2f8034c
c352c304c40975d911d0b806feb5660c54e2ce887f7efa88bba9b2611dedc4cd
d6a59caace6a901e919840d03af80b3a58a2ac2f6d64bc5f5e2d5904b4014a68
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
e2ed2b427f112252a159c8e7fd72df4051e6411209551b17b60b2141e0eb01df
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a
ff3a3cf01a567f1c7cf808904b0081c404a106e06e2b5c27c8fee33bf34f6595