urlscan.io logo urlscan.io
SecurityTrails logo

bill-pay-qa.maw-pci.xfinity.com Open in urlscan Pro
2600:9000:214f:6800:10:b98f:e500:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://bill-pay-qa.maw-pci.xfinity.com/
Submission: On August 05 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 5 countries across 22 domains to perform 49 HTTP transactions. The main IP is 2600:9000:214f:6800:10:b98f:e500:93a1, located in United States and belongs to AMAZON-02, US. The main domain is bill-pay-qa.maw-pci.xfinity.com.
TLS certificate: Issued by Amazon on August 5th 2020. Valid for: a year.
This is the only time bill-pay-qa.maw-pci.xfinity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2600:9000:214... 16509 (AMAZON-02)
9 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
2 52.17.216.154 16509 (AMAZON-02)
1 52.49.61.185 16509 (AMAZON-02)
2 15.188.154.177 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 172.217.23.166 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 151.101.112.157 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
1 104.244.42.133 13414 (TWITTER)
1 216.58.210.2 15169 (GOOGLE)
1 205.185.216.42 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
4 45.60.87.226 19551 (INCAPSULA)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:1f18:336... 14618 (AMAZON-AES)
1 104.209.146.221 8075 (MICROSOFT...)
1 2606:2800:133... 15133 (EDGECAST)
49 24
6    2600:9000:214f:6800:10:b98f:e500:93a1 (United States)

ASN16509 (AMAZON-02, US)
bill-pay-qa.maw-pci.xfinity.com
9    2a02:26f0:10c:382::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
assets.adobedtm.com
1    2a02:26f0:10c:399::2af2 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.comcast.com
2    52.17.216.154 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-216-154.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    52.49.61.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-61-185.eu-west-1.compute.amazonaws.com
comcast.demdex.net
2    15.188.154.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-154-177.eu-west-3.compute.amazonaws.com
comcastcom.d1.sc.omtrdc.net
1    66.117.28.86 (United States)

ASN15224 (OMNITURE, US)
cm.everesttech.net
4    2a02:26f0:6c00:181::30d4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
static.cimcontent.net
1    172.217.23.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f6.1e100.net
fls.doubleclick.net
1    2600:9000:214f:ae00:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net
www.googleadservices.com
1    205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
servedby.flashtalking.com
2    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    45.60.87.226 (United States)

ASN19551 (INCAPSULA, US)
universal-preprod.iperceptions.com
sd.iperceptions.com
2    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2600:1f18:336:b300:f2fc:c51e:b2b0:2b4c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
melee.sed.dh.comcast.net
1    104.209.146.221 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
invite-preprod.iperceptions.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
art.azureedge.net
Domain Requested by
9 assets.adobedtm.com bill-pay-qa.maw-pci.xfinity.com
assets.adobedtm.com
6 bill-pay-qa.maw-pci.xfinity.com bill-pay-qa.maw-pci.xfinity.com
4 static.cimcontent.net bill-pay-qa.maw-pci.xfinity.com
3 universal-preprod.iperceptions.com assets.adobedtm.com
universal-preprod.iperceptions.com
2 www.google.de
2 www.google.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 bat.bing.com assets.adobedtm.com
2 comcastcom.d1.sc.omtrdc.net cdn.comcast.com
assets.adobedtm.com
2 dpm.demdex.net assets.adobedtm.com
bill-pay-qa.maw-pci.xfinity.com
1 art.azureedge.net universal-preprod.iperceptions.com
1 sd.iperceptions.com universal-preprod.iperceptions.com
1 invite-preprod.iperceptions.com cdn.comcast.com
1 melee.sed.dh.comcast.net bill-pay-qa.maw-pci.xfinity.com
1 servedby.flashtalking.com assets.adobedtm.com
1 www.googleadservices.com www.googletagmanager.com
1 t.co
1 analytics.twitter.com static.ads-twitter.com
1 www.googletagmanager.com assets.adobedtm.com
1 static.ads-twitter.com assets.adobedtm.com
1 www.facebook.com
1 d.agkn.com
1 fls.doubleclick.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 comcast.demdex.net assets.adobedtm.com
1 cdn.comcast.com bill-pay-qa.maw-pci.xfinity.com
49 26

This site contains links to these domains. Also see Links.

Domain
customer.local.xfinity.com
www.xfinity.com
Subject Issuer Validity Valid
bill-pay-qa.maw-pci.xfinity.com
Amazon		 2020-08-05 -
2021-09-05		 a year crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-10-22 -
2021-10-01		 2 years crt.sh
xapi.xfinity.com
COMODO RSA Organization Validation Secure Server CA		 2020-05-07 -
2022-05-07		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.d1.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-02-28 -
2022-03-04		 2 years crt.sh
static.cimcontent.net
COMODO RSA Organization Validation Secure Server CA		 2020-04-16 -
2022-04-16		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
servedby.flashtalking.com
DigiCert SHA2 Secure Server CA		 2019-02-08 -
2021-02-11		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-08-02 -
2021-08-03		 a year crt.sh
www.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.sed.dh.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2019-02-26 -
2021-02-25		 2 years crt.sh
*.iperceptions.com
Sectigo RSA Domain Validation Secure Server CA		 2019-05-07 -
2021-05-06		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2020-03-18 -
2022-03-18		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://bill-pay-qa.maw-pci.xfinity.com/
Frame ID: 1A52AC16DEFCDA51BF37A27064408F2C
Requests: 46 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: 89FACC18330676FAE54A5456168F4115
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//bill-pay-qa.maw-pci.xfinity.com/&ns=&cb=342602.75326985813
Frame ID: E64C0985698D8B541DAA8F9E1F1551F4
Requests: 1 HTTP requests in this frame

Frame: https://universal-preprod.iperceptions.com/iFrame.html
Frame ID: 0F7A113DA109D736E09F69FE31C58518
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /https?:\/\/fls\.doubleclick\.net/i
Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i

Page Statistics

49
Requests

100 %
HTTPS

52 %
IPv6

22
Domains

26
Subdomains

24
IPs

5
Countries

517 kB
Transfer

1758 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://cm.everesttech.net/cm/dd?d_uuid=53758037729703549360743672386693215052 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XysKqQAAA6QA5i3-

49 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bill-pay-qa.maw-pci.xfinity.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bill-pay-qa.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:6800:10:b98f:e500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89009e49998aae7510ec8ced43b132e9b6a3e770a1bc11a4f04339d32df6ea78

Request headers

:method
GET
:authority
bill-pay-qa.maw-pci.xfinity.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html
date
Wed, 05 Aug 2020 19:38:17 GMT
last-modified
Fri, 22 May 2020 19:48:16 GMT
etag
W/"a0cf2afbb44ef6cbdc29ba9da4ef9f18"
cache-control
max-age=30,public
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
9AIetctGu0b8l8sP1sBnY24pAovFro4LKo4AvH6WjNjz8gICaBrCCg==
2.c6231af7.chunk.css
bill-pay-qa.maw-pci.xfinity.com/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bill-pay-qa.maw-pci.xfinity.com/static/css/2.c6231af7.chunk.css
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:6800:10:b98f:e500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db890e345847d24ceb6829011a5fafe897893d71ad3c97636287fcbadb254ef7

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 19:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"be4f0da119101babd6ed26007e8ad06f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
status
200
cache-control
max-age=31536000,public
x-amz-cf-id
WUl5vfQqyU4vHngVVBynFs8UUGzx0aVgGqkYcu4MrlApMMxohvDPwg==
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
main.69d90e6a.chunk.css
bill-pay-qa.maw-pci.xfinity.com/static/css/ 		61 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bill-pay-qa.maw-pci.xfinity.com/static/css/main.69d90e6a.chunk.css
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:6800:10:b98f:e500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22f0fa86d777d4ebf05fa4c5c83de7b399821de8660f29ade8b4650327fb8b12

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 19:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"bd1f94e1e018d41fcdb9286fda0297a2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
status
200
cache-control
max-age=31536000,public
x-amz-cf-id
3hXegjqLa-ME0crElNzgzc2VDGq8W_27lGMjycNec0zORPBa3QSVPw==
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
2.722fa389.chunk.js
bill-pay-qa.maw-pci.xfinity.com/static/js/ 		499 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay-qa.maw-pci.xfinity.com/static/js/2.722fa389.chunk.js
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:6800:10:b98f:e500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cce5a04931826bba4d0c86c8c10750c7a7e580bc0d7f919e38a416591f34a104

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 19:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"f7b03b0947d3373b0c5c33fe00f150b5"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31536000,public
x-amz-cf-id
azHLjT4XWNiiW3tVipAK4sUJDKG1-pF5kbqsCwpSpSBb5LKD24XuJw==
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
main.0265181b.chunk.js
bill-pay-qa.maw-pci.xfinity.com/static/js/ 		277 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay-qa.maw-pci.xfinity.com/static/js/main.0265181b.chunk.js
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:6800:10:b98f:e500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8852ed038964bf4e5cbc2816f2f48a54a4f966709d2961a05fc104c9eb8f52f1

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 19:48:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"3a1f8a47beb6888dca8302893bb934ec"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31536000,public
x-amz-cf-id
XKNis9wRbcGC1_puN_VJZ0_J8iZtVoIz7F3uyxGwMjl_sE1VxbafgQ==
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/ 		373 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e4cdca181c51486b60b23b011634c5ad56544672ffba05c47aee612d0b5de561

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:17 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 17:52:32 GMT
server
AkamaiNetStorage
status
200
etag
"0eb68ea18ee45aaccdb9ef27f31a7559:1596649952.610086"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-qa.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Aug 2020 19:38:17 GMT
data-layer-non-prod-3-4-2-min.js
cdn.comcast.com/-/media/common/analytics/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.comcast.com/-/media/common/analytics/data-layer-non-prod-3-4-2-min.js
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:399::2af2 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e4fb4a0a50a6e29c8607985620aa76cf86436cb59dac9fe6ee3d6f79dc2d60d3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-qa.maw-pci.xfinity.com/
Origin
https://bill-pay-qa.maw-pci.xfinity.com

Response headers

date
Wed, 05 Aug 2020 19:38:17 GMT
content-encoding
br
x-xfnlog-site
XDS
status
200
content-disposition
inline; filename="data-layer-non-prod-3-4-2-min.js"
content-length
13691
last-modified
Wed, 06 May 2020 18:19:20 GMT
x-frame-options
SAMEORIGIN
etag
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
private, max-age=31529725
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
noindex, nofollow
access-control-allow-headers
*
expires
Thu, 05 Aug 2021 17:53:42 GMT
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1596656297679
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.216.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-216-154.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
2b12e93eba80b2560a6aeff93b91ddbd7ec317bd1bfcb407c6cfe306a817e45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v078-0f29a83e1.edge-irl1.demdex.com 5.76.0.20200805085924 4ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
IdDw0IclTnk=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://bill-pay-qa.maw-pci.xfinity.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1473
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cookie set dest5.html
comcast.demdex.net/ Frame 89FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://comcast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.61.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-61-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
comcast.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bill-pay-qa.maw-pci.xfinity.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=53758037729703549360743672386693215052
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-qa.maw-pci.xfinity.com/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 05 Aug 2020 12:34:40 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=53758037729703549360743672386693215052;Path=/;Domain=.demdex.net;Expires=Mon, 01-Feb-2021 19:38:17 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
usqhAwgnRFY=
Content-Length
2785
Connection
keep-alive
id
comcastcom.d1.sc.omtrdc.net/ 		2 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=4.3.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=53910289471378197430727462556976320491&ts=1596656297824
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/common/analytics/data-layer-non-prod-3-4-2-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-154-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Wed, 05 Aug 2020 19:38:17 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-7447d85976-hxc59
vary
Origin
x-c
master-1315.Ia06625.M0-426
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://bill-pay-qa.maw-pci.xfinity.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=XysKqQAAA6QA5i3-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=53758037729703549360743672386693215052
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XysKqQAAA6QA5i3-
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XysKqQAAA6QA5i3-
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.17.216.154 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-17-216-154.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v078-09c4546f7.edge-irl1.demdex.com 5.76.0.20200805085924 0ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
1r/cZFDPQ/k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Wed, 05 Aug 2020 19:38:17 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XysKqQAAA6QA5i3-
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
session
bill-pay-qa.maw-pci.xfinity.com/apis/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bill-pay-qa.maw-pci.xfinity.com/apis/session
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/static/js/2.722fa389.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:6800:10:b98f:e500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89009e49998aae7510ec8ced43b132e9b6a3e770a1bc11a4f04339d32df6ea78

Request headers

accept
application/json; v=2
Referer
https://bill-pay-qa.maw-pci.xfinity.com/
x-xsrf-token
undefined
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json

Response headers

date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
last-modified
Fri, 22 May 2020 19:48:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"a0cf2afbb44ef6cbdc29ba9da4ef9f18"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html
status
200
cache-control
max-age=30,public
x-amz-cf-id
4yvDV9wn7HlXvMGUD5rDCBxTHQrQbFyedvDTFUG-yB6I__0oe72RJA==
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
s-code-contents-11c8f38a44853a1fa459e08fd609da47c7ce7efd-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-11c8f38a44853a1fa459e08fd609da47c7ce7efd-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
876400331612d5dad01a09ed668a8aa28b0e257e9d517f432612a5064cf8fd35

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:18 GMT
server
AkamaiNetStorage
status
200
etag
"0fcc10067328a326c8c9a582a5ed82e9:1595969658.098499"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-qa.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
31501
expires
Wed, 05 Aug 2020 19:38:18 GMT
xfinitystandard-regular.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/xfinitystandard-regular.woff2
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a2b4a990c936ee2641cff51c8df6d44834d31373afbc7b8fd42c495c5f06b34

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-qa.maw-pci.xfinity.com/static/css/main.69d90e6a.chunk.css
Origin
https://bill-pay-qa.maw-pci.xfinity.com

Response headers

x-amz-version-id
WrPmfUi4UlGF2SU1VPDWyt4.o1azE7lI
last-modified
Fri, 24 Apr 2020 17:31:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"af7706356819daeaa580e88fbcff64f2"
content-type
binary/octet-stream
status
200
cache-control
max-age=31536000
date
Wed, 05 Aug 2020 19:38:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
13900
x-amz-cf-id
oI_NuSLbBkM8GaKo35jCEZneZyV7eWbzBo11cn-NU_XFkFcPxrZroA==
json
fls.doubleclick.net/ 		40 B
702 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fls.doubleclick.net/json?spot=4053494&src=1516422&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=6357860158371
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-11c8f38a44853a1fa459e08fd609da47c7ce7efd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s22-in-f6.1e100.net
Software
cafe /
Resource Hash
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60
x-xss-protection
0
pragma
no-cache
server
cafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
s89785239573741
comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomqa/10/JS-2.18.0-D7QN/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomqa/10/JS-2.18.0-D7QN/s89785239573741?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F7%2F2020%2021%3A38%3A18%203%20-120&d.&nsid=0&jsonv=1&.d&D=D%3D&mid=53910289471378197430727462556976320491&aamlh=6&ce=UTF-8&ns=comcastcom&g=https%3A%2F%2Fbill-pay-qa.maw-pci.xfinity.com%2F&cc=USD&events=undefined&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=undefined%7Cpage%20load&v29=landscape%3Anot%20rwd%20page%3A1600x1200&v37=D%3DpageName&v46=First%20Visit&c54=VisitorAPI%20Present&v91=nc&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-11c8f38a44853a1fa459e08fd609da47c7ce7efd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-154-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
1f5b4d9d9c9a9a1f5ffca5f4fa6b8f001a7f2aaff63d6ae794f4851b051ea734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-aam-tid
A6WTGR+OSBA=
date
Wed, 05 Aug 2020 19:38:17 GMT
x-content-type-options
nosniff
x-c
master-1315.Ia06625.M0-426
p3p
CP="This is not a P3P policy"
status
200
content-length
4796
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-v078-0e128aa0a.edge-irl1.demdex.com 5.76.0.20200805085924 7ms (+1ms)
pragma
no-cache
last-modified
Thu, 06 Aug 2020 19:38:18 GMT
server
jag
xserver
anedge-7447d85976-xtfxf
etag
3428793291516510208-4614161189831978035
vary
*
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 04 Aug 2020 19:38:18 GMT
satellite-5d1b970964746d3435000850-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		663 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5d1b970964746d3435000850-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1af1424a065c25e105f9b49851324d6c3e55f25afac6321a690135900d083f5d

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:31 GMT
server
AkamaiNetStorage
status
200
etag
"5dfee9c70c3e95b8e8ee93e4e85d07d7:1595969671.853782"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-qa.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
351
expires
Wed, 05 Aug 2020 19:38:18 GMT
satellite-5784f5c764746d24f80015ae-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		1 KB
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5784f5c764746d24f80015ae-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1c84dd70ad9554c6dd4975ac7d8dbdafc8453219d412d548b4b9ddb366fb6d85

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 19:06:51 GMT
server
AkamaiNetStorage
status
200
etag
"d3c9ebc15377306cc85a67ef422236d4:1596481611.145622"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-qa.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
446
expires
Wed, 05 Aug 2020 19:38:19 GMT
satellite-57f3beff64746d082c006ad6-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		552 B
680 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-57f3beff64746d082c006ad6-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d027a96c9981ee0d7dcc0b6150c644c79a119d0003ab5e84a8b7af3bd80183bc

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:32 GMT
server
AkamaiNetStorage
status
200
etag
"274a2d8191173ffc0377c6894b227e28:1595969672.391104"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-qa.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
377
expires
Wed, 05 Aug 2020 19:38:18 GMT
satellite-5a2ea0b564746d3f4e00e094-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		643 B
709 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5a2ea0b564746d3f4e00e094-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
01dfbd7715ecb8fc9e7bf143d7b0520abf110743683552fcf03be7e2551d59bf

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:32 GMT
server
AkamaiNetStorage
status
200
etag
"ea8cb8fa0c6e56788b482df0aa8133b3:1595969672.534063"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-qa.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
405
expires
Wed, 05 Aug 2020 19:38:19 GMT
satellite-5ba10aa564746d1323001dbb-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		454 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5ba10aa564746d1323001dbb-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0ae211da5f365a98fb2d8f267477c481f42f2b9b0ae32926301c6d2421042578

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:32 GMT
server
AkamaiNetStorage
status
200
etag
"7830f4bb750e333e887be2e21efdf12b:1595969672.705441"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-qa.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
331
expires
Wed, 05 Aug 2020 19:38:18 GMT
satellite-5e78d6ac64746d041a0023ac-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		804 B
727 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5e78d6ac64746d041a0023ac-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4c5557b6a6209c48e7cc2b17e6922e6684436b1b62e262e02b0eb498d722918b

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:32 GMT
server
AkamaiNetStorage
status
200
etag
"042c0f54a6361c782a59f287d4529375:1595969672.233985"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-qa.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
423
expires
Wed, 05 Aug 2020 19:38:18 GMT
satellite-5b194bc564746d59b4000864-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5b194bc564746d59b4000864-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
17a71edee6d5e0514b7d9fcb4821d80b99fbb12d56e1979dfb90b209bd35c45a

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:32 GMT
server
AkamaiNetStorage
status
200
etag
"72b3596085059d14ae71524f1965ee18:1595969672.035055"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-qa.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
791
expires
Wed, 05 Aug 2020 19:38:19 GMT
xfinitystandard-bold.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/xfinitystandard-bold.woff2
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/static/js/main.0265181b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
243164ef61224b5f3e7f9dd9f1c31e6e62db5f4906a1f9fe86a77be5a7cef360

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-qa.maw-pci.xfinity.com/static/css/main.69d90e6a.chunk.css
Origin
https://bill-pay-qa.maw-pci.xfinity.com

Response headers

x-amz-version-id
_VgF2ipJTVkDvi_hQsG99Y63Py8pZNGV
last-modified
Fri, 24 Apr 2020 17:31:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"724299b8cfbcc8fbffd79fe88d13cc44"
content-type
binary/octet-stream
status
200
cache-control
max-age=31536000
date
Wed, 05 Aug 2020 19:38:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
10680
x-amz-cf-id
WOMryQ64wJzfmI84TBJgE7TMxpIBr3H2OEIM9yQmoFfs_8r1KNW_dw==
xfinitystandard-medium.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/xfinitystandard-medium.woff2
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/static/js/main.0265181b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
000f2b27b0f8732ca6e0d4134f4aeda5792ee889220c09fd75abb50691c56da5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-qa.maw-pci.xfinity.com/static/css/main.69d90e6a.chunk.css
Origin
https://bill-pay-qa.maw-pci.xfinity.com

Response headers

x-amz-version-id
oEscn0vB4TbRQmAKOKLJYPbefnDiRB4z
last-modified
Fri, 24 Apr 2020 17:31:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"232c2eee67cca99cadf3d5955f114542"
content-type
binary/octet-stream
status
200
cache-control
max-age=31536000
date
Wed, 05 Aug 2020 19:38:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
10700
x-amz-cf-id
pZG7lSmGNLMYbYWtRJrcCoiqs3YGtfvbQFty9jFFHqfOxLhXH6uq7g==
xfinitystandard-light.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/xfinitystandard-light.woff2
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/static/js/main.0265181b.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7af534aa66de0f37e57d5d32cef87a5690c092eb651970199df1f1b3d9386b2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-qa.maw-pci.xfinity.com/static/css/main.69d90e6a.chunk.css
Origin
https://bill-pay-qa.maw-pci.xfinity.com

Response headers

x-amz-version-id
2puCFBfShCFrWTlCp2htmvZzNsD3yC5H
last-modified
Fri, 24 Apr 2020 17:31:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"dcd8fa24e4cfe11bfe00a19f994daaa4"
content-type
binary/octet-stream
status
200
cache-control
max-age=31536000
date
Wed, 05 Aug 2020 19:38:18 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
10832
x-amz-cf-id
hgoC311YzPERJS1WeyTFGlYGwOBcslnwLb6wBC-T0DAJPzpdGkCo2A==
/
d.agkn.com/pixel/10533/ 		43 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/10533/?che=3017184310786.8335&aauid=53910289471378197430727462556976320491
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:ae00:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:18 GMT
via
1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
5G2dY99fUlECLBV0gEY6hj-15402mxqjjSsJiGHsAGHNNeQXQHO3ow==
expires
Sat, 01 Jan 2000 00:00:00 GMT
tr
www.facebook.com/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=3570459783026493&ev=PageView&cd[order_id]=53910289471378197430727462556976320491
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 05 Aug 2020 19:38:18 GMT
bat.js
bat.bing.com/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-57f3beff64746d082c006ad6-staging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:18 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref
Ref A: B1EB406B6D3B41BAB3B7765EA2238D61 Ref B: FRAEDGE1512 Ref C: 2020-08-05T19:38:18Z
status
200
etag
"0e0bdafab5bd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8028
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5280004&Ver=2&mid=d3fcb02a-6bc6-455d-5d90-516baefce2bd&sid=9e55d84bfc62504637f10d19bb622cb0&vid=a820b13555aa13b19876bf73774f56c8&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=XFINITY%20%7C%20Bill%20Pay&p=https%3A%2F%2Fbill-pay-qa.maw-pci.xfinity.com%2F&r=&lt=1979&evt=pageLoad&msclkid=N&sv=1&rn=685766
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Wed, 05 Aug 2020 19:38:18 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 4B032EAD84154D20933DD969F4E7D050 Ref B: FRAEDGE1512 Ref C: 2020-08-05T19:38:18Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5ba10aa564746d1323001dbb-staging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
age
79577
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4057-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1596656299.026382,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1023869955
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5a2ea0b564746d3f4e00e094-staging.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52220e66a636559727d9cac0e6181c4b3ac5e99aa5fa66ca63d459ab3923ec9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34835
x-xss-protection
0
last-modified
Wed, 05 Aug 2020 18:56:36 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Aug 2020 19:38:19 GMT
adsct
analytics.twitter.com/i/ 		31 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nuptm&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fbill-pay-qa.maw-pci.xfinity.com%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
120
pragma
no-cache
last-modified
Wed, 05 Aug 2020 19:38:19 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
c9eb5e4de515524096a1b5136e4718e6
x-transaction
00afc528006d17ae
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nuptm&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
113
pragma
no-cache
last-modified
Wed, 05 Aug 2020 19:38:19 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
1ea00a78a1fe88fa3fec1a270fd0a37b
x-transaction
00863cf600b96d38
expires
Tue, 31 Mar 1981 05:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1023869955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s07-in-f2.1e100.net
Software
cafe /
Resource Hash
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11323
x-xss-protection
0
server
cafe
etag
17153042000983114910
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Aug 2020 19:38:19 GMT
/
servedby.flashtalking.com/container/12345;91797;9487;iframe/ Frame E64C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//bill-pay-qa.maw-pci.xfinity.com/&ns=&cb=342602.75326985813
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5b194bc564746d59b4000864-staging.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app29.frk11 /
Resource Hash

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bill-pay-qa.maw-pci.xfinity.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
flashtalkingad1="GUID=4600D539FA4F41"
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-qa.maw-pci.xfinity.com/

Response headers

Date
Wed, 05 Aug 2020 19:38:19 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app29.frk11
Pragma
no-cache
X-HW
1596656298.dop145.am5.t,1596656298.cds155.am5.shn,1596656298.dop145.am5.t,1596656299.cds228.am5.sc,1596656299.cds228.am5.p
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?random=1596656299167&cv=9&fst=1596656299167&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbill-pay-qa.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5744030a9f423454c34627902a0a6ee1e87917466b48fc7f8c857c9e9bd3aea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1045
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?random=1596656299170&cv=9&fst=1596656299170&num=1&value=1&currency_code=USD&label=7HWWCN-bhwgQg4ic6AM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbill-pay-qa.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c74fcada46b4ca81a8fa164db294282c863a2729d0033fcc83e0ae2e605b5c88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1111
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrapper.js
universal-preprod.iperceptions.com/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://universal-preprod.iperceptions.com/wrapper.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5784f5c764746d24f80015ae-staging.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.226 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
ceab2be9ca819bfd0e763d45049c76098dec8b6ea64528bc39f4569a0a310900

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:19 GMT
content-encoding
gzip
last-modified
Wed, 29 Jul 2020 14:11:09 GMT
server
Apache
etag
"5dea01bb265d61:0"
status
200
content-type
application/javascript
access-control-allow-origin
*
x-iinfo
12-2354854-2354278 2NYN RT(1596656298721 0) q(0 0 0 0) r(4 4) U18
accept-ranges
bytes
x-cdn
Incapsula
/
www.google.com/pagead/1p-user-list/1023869955/ 		42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1023869955/?random=1596656299167&cv=9&fst=1596654000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbill-pay-qa.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&async=1&fmt=3&is_vtc=1&random=3964090147&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1023869955/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1023869955/?random=1596656299167&cv=9&fst=1596654000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbill-pay-qa.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&async=1&fmt=3&is_vtc=1&random=3964090147&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1023869955/ 		42 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1023869955/?random=1596656299170&cv=9&fst=1596654000000&num=1&value=1&currency_code=USD&label=7HWWCN-bhwgQg4ic6AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbill-pay-qa.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&async=1&fmt=3&is_vtc=1&random=666865193&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1023869955/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1023869955/?random=1596656299170&cv=9&fst=1596654000000&num=1&value=1&currency_code=USD&label=7HWWCN-bhwgQg4ic6AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbill-pay-qa.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&async=1&fmt=3&is_vtc=1&random=666865193&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iFrame.html
universal-preprod.iperceptions.com/ Frame 0F7A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://universal-preprod.iperceptions.com/iFrame.html
Requested by
Host: universal-preprod.iperceptions.com
URL: https://universal-preprod.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.226 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
universal-preprod.iperceptions.com
:scheme
https
:path
/iFrame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bill-pay-qa.maw-pci.xfinity.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
nlbi_2291903=fAdETBHpvBt/JBWm4s/xZQAAAACDoB+Sp7Ps9PkOfgg9uQO8; visid_incap_2291903=MalDRPBWSiamaBfITC2I+6oKK18AAAAAQUIPAAAAAABDoYPhCJM7L2e4bDJNpVsh; incap_ses_770_2291903=bZKLQIebYEXOz9CRAJevCqsKK18AAAAAKga5qgWmpHE8IPpQ41iO/A==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-qa.maw-pci.xfinity.com/

Response headers

status
200
date
Wed, 05 Aug 2020 19:38:19 GMT
server
Apache
content-type
text/html; charset=UTF-8
content-encoding
gzip
last-modified
Fri, 24 Jul 2020 13:46:41 GMT
accept-ranges
bytes
etag
"80b633dcc061d61:0"
vary
Accept-Encoding
access-control-allow-origin
*
x-cdn
Incapsula
x-iinfo
12-2354888-2354889 NNNN CT(89 183 0) RT(1596656299288 0) q(0 0 3 -1) r(4 4) U12
maw-bill-pay
melee.sed.dh.comcast.net/v2/unstructured/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://melee.sed.dh.comcast.net/v2/unstructured/maw-bill-pay
Requested by
Host: bill-pay-qa.maw-pci.xfinity.com
URL: https://bill-pay-qa.maw-pci.xfinity.com/static/js/2.722fa389.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:336:b300:f2fc:c51e:b2b0:2b4c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Melee /
Resource Hash

Request headers

melee-token
9F819838-F0F2-4387-BDB7-E0BD4FE50312
Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json

Response headers

status
204
date
Wed, 05 Aug 2020 19:38:20 GMT
x-client-id
maw-billpay
server
Melee
access-control-allow-origin
*
InviteTriggers
invite-preprod.iperceptions.com/ 		238 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://invite-preprod.iperceptions.com/InviteTriggers
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/common/analytics/data-layer-non-prod-3-4-2-min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.146.221 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ccc50c47914dad626506c09a2472c5a6c02aec3d7fbce4cbf0acc24f367cc8c9

Request headers

SecurityToken
410f8076-db76-454d-bfc2-c724a5fc59b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-qa.maw-pci.xfinity.com/

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:38:20 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
238
expires
-1
ipEngine.js
universal-preprod.iperceptions.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://universal-preprod.iperceptions.com/ipEngine.js
Requested by
Host: universal-preprod.iperceptions.com
URL: https://universal-preprod.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.226 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash
44bee2b2d37fb3718d276433720dcd53cbbd57bc99d78074ae2c5aa1a51056f4

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:20 GMT
content-encoding
gzip
last-modified
Wed, 29 Jul 2020 14:11:09 GMT
server
Apache
etag
"94368d1bb265d61:0"
status
200
content-type
application/javascript
access-control-allow-origin
*
x-iinfo
12-2354956-2354703 2NYN RT(1596656300560 0) q(0 0 0 0) r(5 5) U18
accept-ranges
bytes
x-cdn
Incapsula
22299_637320737206721988
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ 		132 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/22299_637320737206721988
Requested by
Host: universal-preprod.iperceptions.com
URL: https://universal-preprod.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.226 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
cc5077a4f73c73a865bb7c7d87c132a1a019fa09cd93a12f07d9eaf76d97ca6f

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:38:21 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 17:48:40 GMT
x-cdn
Incapsula
etag
0x8D837D575479B7D
content-type
application/javascript
status
200
x-iinfo
12-2354985-0 0CNN RT(1596656301163 0) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=3600, public
content-length
9877
expires
Wed, 05 Aug 2020 20:38:21 GMT
harvest_22299.js
art.azureedge.net/harvest/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://art.azureedge.net/harvest/harvest_22299.js
Requested by
Host: universal-preprod.iperceptions.com
URL: https://universal-preprod.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD3) /
Resource Hash
9d526cc59af43fd4ff67f8eee25ff2c0a52c2c008e661af3b62eafad0507c5fd

Request headers

Referer
https://bill-pay-qa.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Aug 2020 19:38:21 GMT
content-encoding
gzip
content-md5
H60ZpvNB4GMbbO835WkX9g==
age
254847
x-cache
HIT
status
200
content-length
2022
x-ms-lease-status
unlocked
last-modified
Fri, 02 Feb 2018 16:09:55 GMT
server
ECAcc (frc/8FD3)
etag
0x8D56A57668419AD
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
5bf1e4ca-701e-000f-420e-69ce5f000000
x-ms-version
2009-09-19

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| MAW object| cspPattern object| cspEnv function| e object| adobe function| Visitor object| _satellite object| s_c_il number| s_c_in object| AdobeTeamUtils object| targetGlobalSettings object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| webpackJsonpmaw-bill-pay object| __core-js_shared__ object| core object| BrowserInterface object| regeneratorRuntime string| upDate function| s_doPlugins boolean| cookieCombiningUtility function| removeExpiredCookies function| cookieRead function| cookieWrite function| cookieDelete object| dfaConfig function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s number| s_objectID number| s_giq object| s_Integrate_DFA string| v function| DIL object| s_3_Integrate_DFA_get_0 number| j string| f0 object| s_i_comcastdotcomqa object| uetq function| UET function| twq object| dataLayer object| twttr object| google_tag_manager object| google_tag_data function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO string| iperceptionskey object| iPerceptions object| ipDef function| initharvest boolean| result object| trigger number| rate object| SEAC

12 Cookies

Domain/Path Name / Value
.demdex.net/ Name: dextp
Value: 21-1-1596656298031|60-1-1596656298132|358-1-1596656298233
.bill-pay-qa.maw-pci.xfinity.com/ Name: aam_uuid
Value: 53758037729703549360743672386693215052
.demdex.net/ Name: demdex
Value: 53758037729703549360743672386693215052
.bill-pay-qa.maw-pci.xfinity.com/ Name: aam_sitecore
Value: 1898505%3Dy%2C2962186%3Dy
.xfinity.com/ Name: check
Value: true
.xfinity.com/ Name: s_sess
Value: %20s_cc%3Dtrue%3B
.bill-pay-qa.maw-pci.xfinity.com/ Name: fltk
Value: segID%3D1662899
.xfinity.com/ Name: s_pers
Value: %20s_dfa%3Dcomcastdotcomqa%7C1596658098048%3B%20stc18%3D%7C1596658098140%3B%20s_lv%3D1596656298142%7C1691264298142%3B%20s_lv_s%3DFirst%2520Visit%7C1596658098142%3B
.xfinity.com/ Name: AAMC_comcast_0
Value: REGION%7C6
bill-pay-qa.maw-pci.xfinity.com/ Name: MAW_sessionID
Value: 0d6fa2eb-f1f7-4d22-bcb0-bc78adc022bb
.xfinity.com/ Name: AMCVS_DA11332E5321D0550A490D45%40AdobeOrg
Value: 1
.xfinity.com/ Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg
Value: -1712354808%7CMCIDTS%7C18480%7CMCMID%7C53910289471378197430727462556976320491%7CMCAAMLH-1597261097%7C6%7CMCAAMB-1597261097%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1596663497s%7CNONE%7CMCSYNCSOP%7C411-18487%7CMCAID%7CNONE%7CvVersion%7C4.3.0

1 Console Messages

Source Level URL
Text
console-api log URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-11c8f38a44853a1fa459e08fd609da47c7ce7efd-staging.js(Line 1)
Message:
Error, missing Report Suite ID in AppMeasurement initialization

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
art.azureedge.net
assets.adobedtm.com
bat.bing.com
bill-pay-qa.maw-pci.xfinity.com
cdn.comcast.com
cm.everesttech.net
comcast.demdex.net
comcastcom.d1.sc.omtrdc.net
d.agkn.com
dpm.demdex.net
fls.doubleclick.net
googleads.g.doubleclick.net
invite-preprod.iperceptions.com
melee.sed.dh.comcast.net
sd.iperceptions.com
servedby.flashtalking.com
static.ads-twitter.com
static.cimcontent.net
t.co
universal-preprod.iperceptions.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.209.146.221
104.244.42.133
104.244.42.195
15.188.154.177
151.101.112.157
172.217.23.166
205.185.216.42
216.58.210.2
2600:1f18:336:b300:f2fc:c51e:b2b0:2b4c
2600:9000:214f:6800:10:b98f:e500:93a1
2600:9000:214f:ae00:19:fc2c:a140:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:816::2008
2a02:26f0:10c:382::1e80
2a02:26f0:10c:399::2af2
2a02:26f0:6c00:181::30d4
2a03:2880:f11c:8183:face:b00c:0:25de
45.60.87.226
52.17.216.154
52.49.61.185
66.117.28.86
000f2b27b0f8732ca6e0d4134f4aeda5792ee889220c09fd75abb50691c56da5
01dfbd7715ecb8fc9e7bf143d7b0520abf110743683552fcf03be7e2551d59bf
0ae211da5f365a98fb2d8f267477c481f42f2b9b0ae32926301c6d2421042578
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17a71edee6d5e0514b7d9fcb4821d80b99fbb12d56e1979dfb90b209bd35c45a
1af1424a065c25e105f9b49851324d6c3e55f25afac6321a690135900d083f5d
1c84dd70ad9554c6dd4975ac7d8dbdafc8453219d412d548b4b9ddb366fb6d85
1f5b4d9d9c9a9a1f5ffca5f4fa6b8f001a7f2aaff63d6ae794f4851b051ea734
22f0fa86d777d4ebf05fa4c5c83de7b399821de8660f29ade8b4650327fb8b12
243164ef61224b5f3e7f9dd9f1c31e6e62db5f4906a1f9fe86a77be5a7cef360
2b12e93eba80b2560a6aeff93b91ddbd7ec317bd1bfcb407c6cfe306a817e45f
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44bee2b2d37fb3718d276433720dcd53cbbd57bc99d78074ae2c5aa1a51056f4
4c5557b6a6209c48e7cc2b17e6922e6684436b1b62e262e02b0eb498d722918b
52220e66a636559727d9cac0e6181c4b3ac5e99aa5fa66ca63d459ab3923ec9d
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
71aa66e3c94df617c70a1b9530acaa18c9f049d6d29dbaa6d0efe84d7104805a
876400331612d5dad01a09ed668a8aa28b0e257e9d517f432612a5064cf8fd35
8852ed038964bf4e5cbc2816f2f48a54a4f966709d2961a05fc104c9eb8f52f1
89009e49998aae7510ec8ced43b132e9b6a3e770a1bc11a4f04339d32df6ea78
8a2b4a990c936ee2641cff51c8df6d44834d31373afbc7b8fd42c495c5f06b34
9d526cc59af43fd4ff67f8eee25ff2c0a52c2c008e661af3b62eafad0507c5fd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c5744030a9f423454c34627902a0a6ee1e87917466b48fc7f8c857c9e9bd3aea
c74fcada46b4ca81a8fa164db294282c863a2729d0033fcc83e0ae2e605b5c88
cc5077a4f73c73a865bb7c7d87c132a1a019fa09cd93a12f07d9eaf76d97ca6f
ccc50c47914dad626506c09a2472c5a6c02aec3d7fbce4cbf0acc24f367cc8c9
cce5a04931826bba4d0c86c8c10750c7a7e580bc0d7f919e38a416591f34a104
ceab2be9ca819bfd0e763d45049c76098dec8b6ea64528bc39f4569a0a310900
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d027a96c9981ee0d7dcc0b6150c644c79a119d0003ab5e84a8b7af3bd80183bc
d7af534aa66de0f37e57d5d32cef87a5690c092eb651970199df1f1b3d9386b2
db890e345847d24ceb6829011a5fafe897893d71ad3c97636287fcbadb254ef7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cdca181c51486b60b23b011634c5ad56544672ffba05c47aee612d0b5de561
e4fb4a0a50a6e29c8607985620aa76cf86436cb59dac9fe6ee3d6f79dc2d60d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629