urlscan.io logo urlscan.io
SecurityTrails logo

bill-pay-pre-prod.maw-pci.xfinity.com Open in urlscan Pro
2600:9000:214f:c000:17:e313:2540:93a1  Public Scan

Go To Rescan Add Verdict Report
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/
Submission: On August 05 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 22 domains to perform 50 HTTP transactions. The main IP is 2600:9000:214f:c000:17:e313:2540:93a1, located in United States and belongs to AMAZON-02, US. The main domain is bill-pay-pre-prod.maw-pci.xfinity.com.
TLS certificate: Issued by Amazon on August 5th 2020. Valid for: a year.
This is the only time bill-pay-pre-prod.maw-pci.xfinity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2600:9000:214... 16509 (AMAZON-02)
10 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
2 52.30.78.155 16509 (AMAZON-02)
1 18.200.232.122 16509 (AMAZON-02)
1 15.236.9.100 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
1 216.58.205.230 15169 (GOOGLE)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
4 45.60.87.226 19551 (INCAPSULA)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.112.157 54113 (FASTLY)
1 2600:9000:214... 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 205.185.216.10 20446 (HIGHWINDS3)
1 104.244.42.195 13414 (TWITTER)
1 104.244.42.5 13414 (TWITTER)
1 216.58.207.34 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 64.233.166.157 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.209.146.221 8075 (MICROSOFT...)
1 2606:2800:133... 15133 (EDGECAST)
1 2600:1f18:336... 14618 (AMAZON-AES)
50 25
6    2600:9000:214f:c000:17:e313:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
bill-pay-pre-prod.maw-pci.xfinity.com
10    2a02:26f0:10c:382::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
assets.adobedtm.com
1    2a02:26f0:10c:399::2af2 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.comcast.com
2    52.30.78.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-78-155.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.200.232.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-232-122.eu-west-1.compute.amazonaws.com
comcast.demdex.net
1    15.236.9.100 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
comcastcom.d1.sc.omtrdc.net
1    66.117.28.86 (United States)

ASN15224 (OMNITURE, US)
cm.everesttech.net
1    216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f6.1e100.net
fls.doubleclick.net
4    2a02:26f0:6c00:19f::30d4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
static.cimcontent.net
4    45.60.87.226 (United States)

ASN19551 (INCAPSULA, US)
universal-preprod.iperceptions.com
sd.iperceptions.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2600:9000:214f:200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
servedby.flashtalking.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    216.58.207.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    64.233.166.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f157.1e100.net
bid.g.doubleclick.net
2    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    104.209.146.221 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
invite-preprod.iperceptions.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
art.azureedge.net
1    2600:1f18:336:b300:d4ef:71a2:ae8a:6589 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
melee.sed.dh.comcast.net
Domain Requested by
10 assets.adobedtm.com bill-pay-pre-prod.maw-pci.xfinity.com
assets.adobedtm.com
6 bill-pay-pre-prod.maw-pci.xfinity.com bill-pay-pre-prod.maw-pci.xfinity.com
4 static.cimcontent.net bill-pay-pre-prod.maw-pci.xfinity.com
3 universal-preprod.iperceptions.com assets.adobedtm.com
universal-preprod.iperceptions.com
2 www.google.de
2 www.google.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 bat.bing.com assets.adobedtm.com
2 dpm.demdex.net cdn.comcast.com
bill-pay-pre-prod.maw-pci.xfinity.com
1 melee.sed.dh.comcast.net bill-pay-pre-prod.maw-pci.xfinity.com
1 art.azureedge.net universal-preprod.iperceptions.com
1 sd.iperceptions.com universal-preprod.iperceptions.com
1 invite-preprod.iperceptions.com cdn.comcast.com
1 bid.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 t.co
1 analytics.twitter.com static.ads-twitter.com
1 servedby.flashtalking.com assets.adobedtm.com
1 www.facebook.com
1 d.agkn.com
1 static.ads-twitter.com assets.adobedtm.com
1 www.googletagmanager.com assets.adobedtm.com
1 fls.doubleclick.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 comcastcom.d1.sc.omtrdc.net cdn.comcast.com
1 comcast.demdex.net assets.adobedtm.com
1 cdn.comcast.com bill-pay-pre-prod.maw-pci.xfinity.com
50 27

This site contains links to these domains. Also see Links.

Domain
customer.local.xfinity.com
www.xfinity.com
Subject Issuer Validity Valid
bill-pay-pre-prod.maw-pci.xfinity.com
Amazon		 2020-08-05 -
2021-09-05		 a year crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-10-22 -
2021-10-01		 2 years crt.sh
xapi.xfinity.com
COMODO RSA Organization Validation Secure Server CA		 2020-05-07 -
2022-05-07		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.d1.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-02-28 -
2022-03-04		 2 years crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
static.cimcontent.net
COMODO RSA Organization Validation Secure Server CA		 2020-04-16 -
2022-04-16		 2 years crt.sh
incapsula.com
GlobalSign CloudSSL CA - SHA256 - G3		 2020-08-02 -
2021-08-03		 a year crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
servedby.flashtalking.com
DigiCert SHA2 Secure Server CA		 2019-02-08 -
2021-02-11		 2 years crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2020-03-05 -
2021-03-02		 a year crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.iperceptions.com
Sectigo RSA Domain Validation Secure Server CA		 2019-05-07 -
2021-05-06		 2 years crt.sh
*.vo.msecnd.net
Microsoft IT TLS CA 2		 2020-03-18 -
2022-03-18		 2 years crt.sh
*.sed.dh.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2019-02-26 -
2021-02-25		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://bill-pay-pre-prod.maw-pci.xfinity.com/
Frame ID: F53B5537EFFABFF9256EDC888505E9FD
Requests: 46 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: F0DDF3C7022E1715F09CB031553ADB3F
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//bill-pay-pre-prod.maw-pci.xfinity.com/&ns=&cb=634318.957129323
Frame ID: 95915EF89B41836344A5BE5E2E7BF980
Requests: 1 HTTP requests in this frame

Frame: https://universal-preprod.iperceptions.com/iFrame.html
Frame ID: AAB8281BF1EDF1D1AC1A0A7DCD895580
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 0073FD62D43D3E1FED832103FB66F80E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i
Overall confidence: 100%
Detected patterns
  • script /https?:\/\/fls\.doubleclick\.net/i
Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i

Page Statistics

50
Requests

100 %
HTTPS

50 %
IPv6

22
Domains

27
Subdomains

25
IPs

5
Countries

519 kB
Transfer

1786 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://cm.everesttech.net/cm/dd?d_uuid=50997852697336422140984997544689145845 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XysK2wAABZ20zRTJ

50 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
bill-pay-pre-prod.maw-pci.xfinity.com/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bill-pay-pre-prod.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:c000:17:e313:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9af6f9dafb763662542aad51406983b95b0b6a1ace182c16e1443ebb8e25d427

Request headers

:method
GET
:authority
bill-pay-pre-prod.maw-pci.xfinity.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-type
text/html
date
Wed, 05 Aug 2020 19:39:07 GMT
last-modified
Wed, 05 Aug 2020 15:25:34 GMT
etag
W/"a7964020ef8d1638b957a3fefd9cbac0"
cache-control
max-age=30,public
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
qpiRqbA8pXjyPZte_cloLDdRqJVlgbC1uWYa4ZTE70W2LOwCc3KnvQ==
2.c6231af7.chunk.css
bill-pay-pre-prod.maw-pci.xfinity.com/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bill-pay-pre-prod.maw-pci.xfinity.com/static/css/2.c6231af7.chunk.css
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:c000:17:e313:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db890e345847d24ceb6829011a5fafe897893d71ad3c97636287fcbadb254ef7

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:08 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 15:25:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"be4f0da119101babd6ed26007e8ad06f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
status
200
cache-control
max-age=31536000,public
x-amz-cf-id
SQztL8onVIwEx2xHdPfyeorW6egcposrfJVm9Z-hvNE_NnrQE5Ky9Q==
via
1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
main.cc2d657a.chunk.css
bill-pay-pre-prod.maw-pci.xfinity.com/static/css/ 		63 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bill-pay-pre-prod.maw-pci.xfinity.com/static/css/main.cc2d657a.chunk.css
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:c000:17:e313:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e7ac4d350b4fb8c0f3a0eacb18c9de3f7c5da723bced1dc0518920210258131a

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:08 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 15:25:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"dbf9523410d7ef05cf2b82902fe76ac8"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
status
200
cache-control
max-age=31536000,public
x-amz-cf-id
0MnNYoBdxwJ3QQgpK_oKDUvRpivYhV29_daUngERHfCI-9-Shq_KjA==
via
1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
2.db523fe1.chunk.js
bill-pay-pre-prod.maw-pci.xfinity.com/static/js/ 		498 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay-pre-prod.maw-pci.xfinity.com/static/js/2.db523fe1.chunk.js
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:c000:17:e313:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f063e81c5dc9925c7cc1f4badecdd11f1813317a2924e9f4edb2b062a95a9ea5

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:08 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 15:25:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"edef80b339fdc6604957db4bbcd620e6"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31536000,public
x-amz-cf-id
BnkPSfDPgXsVaSu5vGX9hRJFJoHkHkyfYvmkrR4WR1ROovI2JZ6d3A==
via
1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
main.43fff356.chunk.js
bill-pay-pre-prod.maw-pci.xfinity.com/static/js/ 		321 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bill-pay-pre-prod.maw-pci.xfinity.com/static/js/main.43fff356.chunk.js
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:c000:17:e313:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e9255c9f403fd6e9a6dfed892c6f2a8c98dea37e913be8a3cc65e8b9f9e6c0e

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:08 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 15:25:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"3c5346ebc6c64850aefb2bd895fc5160"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31536000,public
x-amz-cf-id
_vnri5xBqwHz8IH9OqXFkGsGGMX7l2ExdBqEGf9ed4pobNt7yhug8w==
via
1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/ 		373 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e4cdca181c51486b60b23b011634c5ad56544672ffba05c47aee612d0b5de561

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 17:52:32 GMT
server
AkamaiNetStorage
status
200
etag
"0eb68ea18ee45aaccdb9ef27f31a7559:1596649952.610086"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
95200
expires
Wed, 05 Aug 2020 19:39:07 GMT
data-layer-non-prod-3-4-2-min.js
cdn.comcast.com/-/media/common/analytics/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.comcast.com/-/media/common/analytics/data-layer-non-prod-3-4-2-min.js
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:399::2af2 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e4fb4a0a50a6e29c8607985620aa76cf86436cb59dac9fe6ee3d6f79dc2d60d3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
Origin
https://bill-pay-pre-prod.maw-pci.xfinity.com

Response headers

date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
br
x-xfnlog-site
XDS
status
200
content-disposition
inline; filename="data-layer-non-prod-3-4-2-min.js"
content-length
13691
last-modified
Wed, 06 May 2020 18:19:20 GMT
x-frame-options
SAMEORIGIN
etag
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
private, max-age=31529719
access-control-allow-credentials
false
accept-ranges
bytes
x-robots-tag
noindex, nofollow
access-control-allow-headers
*
expires
Thu, 05 Aug 2021 17:54:26 GMT
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1596656347452
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/common/analytics/data-layer-non-prod-3-4-2-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.78.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-78-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7516c0739c149609dbe3c2e8318f52e334f4c12ea8eeff87184a33fac8c31ea1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v078-0236788c9.edge-irl1.demdex.com 5.76.0.20200805085924 2ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
LYORv6ZNTiY=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1467
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s-code-contents-11c8f38a44853a1fa459e08fd609da47c7ce7efd-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/ 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-11c8f38a44853a1fa459e08fd609da47c7ce7efd-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
876400331612d5dad01a09ed668a8aa28b0e257e9d517f432612a5064cf8fd35

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:18 GMT
server
AkamaiNetStorage
status
200
etag
"0fcc10067328a326c8c9a582a5ed82e9:1595969658.098499"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
31501
expires
Wed, 05 Aug 2020 19:39:07 GMT
Cookie set dest5.html
comcast.demdex.net/ Frame F0DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://comcast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.232.122 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-232-122.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
comcast.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=50997852697336422140984997544689145845
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 05 Aug 2020 12:34:40 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=50997852697336422140984997544689145845;Path=/;Domain=.demdex.net;Expires=Mon, 01-Feb-2021 19:39:07 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
loR/E6kfRgc=
Content-Length
2785
Connection
keep-alive
id
comcastcom.d1.sc.omtrdc.net/ 		2 B
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=4.3.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=50835555980355469451000101772786740050&ts=1596656347522
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/common/analytics/data-layer-non-prod-3-4-2-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.9.100 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Wed, 05 Aug 2020 19:39:07 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-7447d85976-kmz9s
vary
Origin
x-c
master-1315.Ia06625.M0-426
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=XysK2wAABZ20zRTJ
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=50997852697336422140984997544689145845
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XysK2wAABZ20zRTJ
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XysK2wAABZ20zRTJ
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.78.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-78-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v078-0f695d647.edge-irl1.demdex.com 5.76.0.20200805085924 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
MiGpWXD/Tss=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Wed, 05 Aug 2020 19:39:06 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XysK2wAABZ20zRTJ
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
json
fls.doubleclick.net/ 		40 B
221 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fls.doubleclick.net/json?spot=4053494&src=1516422&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=3639508789703
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-11c8f38a44853a1fa459e08fd609da47c7ce7efd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s24-in-f6.1e100.net
Software
cafe /
Resource Hash
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60
x-xss-protection
0
pragma
no-cache
server
cafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
session
bill-pay-pre-prod.maw-pci.xfinity.com/apis/ 		5 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bill-pay-pre-prod.maw-pci.xfinity.com/apis/session
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/static/js/2.db523fe1.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:9000:214f:c000:17:e313:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9af6f9dafb763662542aad51406983b95b0b6a1ace182c16e1443ebb8e25d427

Request headers

accept
application/json; v=2
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
x-xsrf-token
undefined
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json

Response headers

date
Wed, 05 Aug 2020 19:39:09 GMT
content-encoding
gzip
last-modified
Wed, 05 Aug 2020 15:25:34 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
W/"a7964020ef8d1638b957a3fefd9cbac0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html
status
200
cache-control
max-age=30,public
x-amz-cf-id
yLmy5ktFFQtEf3GvCcZrjR7fr0sndSQr-IF4TFy7DRweiSzC28sOgA==
via
1.1 511c8b6c7e903efca023a504d527516b.cloudfront.net (CloudFront)
satellite-5d1b970964746d3435000850-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		663 B
659 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5d1b970964746d3435000850-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1af1424a065c25e105f9b49851324d6c3e55f25afac6321a690135900d083f5d

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:31 GMT
server
AkamaiNetStorage
status
200
etag
"5dfee9c70c3e95b8e8ee93e4e85d07d7:1595969671.853782"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
351
expires
Wed, 05 Aug 2020 19:39:07 GMT
satellite-5784f5c764746d24f80015ae-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		1 KB
753 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5784f5c764746d24f80015ae-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1c84dd70ad9554c6dd4975ac7d8dbdafc8453219d412d548b4b9ddb366fb6d85

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 19:06:51 GMT
server
AkamaiNetStorage
status
200
etag
"d3c9ebc15377306cc85a67ef422236d4:1596481611.145622"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
446
expires
Wed, 05 Aug 2020 19:39:07 GMT
satellite-58347fc764746d5576002863-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		384 B
577 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-58347fc764746d5576002863-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f519e330f4d7b43a16cbe25e26d3776cf5384b95d5a17843db7a4dbf21d26c27

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:08 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:55:11 GMT
server
AkamaiNetStorage
status
200
etag
"4afc838105ac803036e2f30a6fa7383f:1595969711.92736"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
271
expires
Wed, 05 Aug 2020 19:39:08 GMT
satellite-57f3beff64746d082c006ad6-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		552 B
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-57f3beff64746d082c006ad6-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d027a96c9981ee0d7dcc0b6150c644c79a119d0003ab5e84a8b7af3bd80183bc

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:32 GMT
server
AkamaiNetStorage
status
200
etag
"274a2d8191173ffc0377c6894b227e28:1595969672.391104"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
377
expires
Wed, 05 Aug 2020 19:39:07 GMT
satellite-5a2ea0b564746d3f4e00e094-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		643 B
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5a2ea0b564746d3f4e00e094-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
01dfbd7715ecb8fc9e7bf143d7b0520abf110743683552fcf03be7e2551d59bf

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:32 GMT
server
AkamaiNetStorage
status
200
etag
"ea8cb8fa0c6e56788b482df0aa8133b3:1595969672.534063"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
405
expires
Wed, 05 Aug 2020 19:39:07 GMT
satellite-5ba10aa564746d1323001dbb-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		454 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5ba10aa564746d1323001dbb-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0ae211da5f365a98fb2d8f267477c481f42f2b9b0ae32926301c6d2421042578

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:32 GMT
server
AkamaiNetStorage
status
200
etag
"7830f4bb750e333e887be2e21efdf12b:1595969672.705441"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
331
expires
Wed, 05 Aug 2020 19:39:07 GMT
satellite-5e78d6ac64746d041a0023ac-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		804 B
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5e78d6ac64746d041a0023ac-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4c5557b6a6209c48e7cc2b17e6922e6684436b1b62e262e02b0eb498d722918b

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:32 GMT
server
AkamaiNetStorage
status
200
etag
"042c0f54a6361c782a59f287d4529375:1595969672.233985"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
423
expires
Wed, 05 Aug 2020 19:39:07 GMT
satellite-5b194bc564746d59b4000864-staging.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5b194bc564746d59b4000864-staging.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-773f1d685076ba02ef9dd20f568cce9a6f1991dd-staging.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
17a71edee6d5e0514b7d9fcb4821d80b99fbb12d56e1979dfb90b209bd35c45a

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Jul 2020 20:54:32 GMT
server
AkamaiNetStorage
status
200
etag
"72b3596085059d14ae71524f1965ee18:1595969672.035055"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://bill-pay-pre-prod.maw-pci.xfinity.com
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
timing-allow-origin
*
content-length
791
expires
Wed, 05 Aug 2020 19:39:07 GMT
xfinitystandard-regular.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/xfinitystandard-regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:19f::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8a2b4a990c936ee2641cff51c8df6d44834d31373afbc7b8fd42c495c5f06b34

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/static/css/main.cc2d657a.chunk.css
Origin
https://bill-pay-pre-prod.maw-pci.xfinity.com

Response headers

x-amz-version-id
WrPmfUi4UlGF2SU1VPDWyt4.o1azE7lI
last-modified
Fri, 24 Apr 2020 17:31:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"af7706356819daeaa580e88fbcff64f2"
content-type
binary/octet-stream
status
200
cache-control
max-age=31536000
date
Wed, 05 Aug 2020 19:39:07 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
13900
x-amz-cf-id
oI_NuSLbBkM8GaKo35jCEZneZyV7eWbzBo11cn-NU_XFkFcPxrZroA==
wrapper.js
universal-preprod.iperceptions.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://universal-preprod.iperceptions.com/wrapper.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5784f5c764746d24f80015ae-staging.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.226 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7806c05f4a2e2265967b291c07649d797ef44b7a171f9a3cf51cc7cd4ba78ce0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Wed, 29 Jul 2020 14:11:09 GMT
x-cdn
Incapsula
etag
"5dea01bb265d61:0"
content-type
application/javascript
status
200
x-iinfo
6-232616-0 0CNN RT(1596656347138 0) q(0 -1 -1 0) r(0 -1)
content-length
3451
bat.js
bat.bing.com/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-57f3beff64746d082c006ad6-staging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 20:00:00 GMT
x-msedge-ref
Ref A: E1572A9287434CAB9B0E35B7E6FBF5DB Ref B: FRAEDGE1219 Ref C: 2020-08-05T19:39:07Z
status
200
etag
"0e0bdafab5bd61:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
8022
js
www.googletagmanager.com/gtag/ 		87 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1023869955
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5a2ea0b564746d3f4e00e094-staging.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc6c79b9fde625da0438408c6564b8fb185ded27508bfd8acb40f2a368d2c3bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34834
x-xss-protection
0
last-modified
Wed, 05 Aug 2020 18:56:36 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 05 Aug 2020 19:39:07 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5ba10aa564746d1323001dbb-staging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
age
79626
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4081-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1596656348.877754,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
/
d.agkn.com/pixel/10533/ 		43 B
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/10533/?che=3794690278396.915&aauid=50835555980355469451000101772786740050
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
via
1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
CvO8Hcsxnc96qwa1MKnlk4sDADK7YPvUY7TttSgdzpcEtUk20IUToA==
expires
Sat, 01 Jan 2000 00:00:00 GMT
tr
www.facebook.com/ 		44 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=3570459783026493&ev=PageView&cd[order_id]=50835555980355469451000101772786740050
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 05 Aug 2020 19:39:07 GMT
/
servedby.flashtalking.com/container/12345;91797;9487;iframe/ Frame 9591 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//bill-pay-pre-prod.maw-pci.xfinity.com/&ns=&cb=634318.957129323
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/scripts/satellite-5b194bc564746d59b4000864-staging.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
prod-xre-app26.frk11 /
Resource Hash

Request headers

Host
servedby.flashtalking.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/

Response headers

Date
Wed, 05 Aug 2020 19:39:07 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app26.frk11
Pragma
no-cache
X-HW
1596656347.dop031.pa1.shc,1596656347.dop031.pa1.t,1596656347.cds024.pa1.sc,1596656347.cds024.pa1.p
iFrame.html
universal-preprod.iperceptions.com/ Frame AAB8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://universal-preprod.iperceptions.com/iFrame.html
Requested by
Host: universal-preprod.iperceptions.com
URL: https://universal-preprod.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.226 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

:method
GET
:authority
universal-preprod.iperceptions.com
:scheme
https
:path
/iFrame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
visid_incap_2291903=qcHD7o3NRuCE1UEEX87669EKK18AAAAAQUIPAAAAAAD+DileWRi2E/vOC38nc6ZG; incap_ses_696_2291903=JCmjdtTtwRs+szWYabCoCdsKK18AAAAAKkBbGCMqi5SUwoRW7sIRgA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/

Response headers

status
200
date
Wed, 05 Aug 2020 19:39:08 GMT
server
Apache
content-type
text/html; charset=UTF-8
content-encoding
gzip
last-modified
Fri, 24 Jul 2020 13:46:41 GMT
accept-ranges
bytes
etag
"80b633dcc061d61:0"
vary
Accept-Encoding
access-control-allow-origin
*
set-cookie
nlbi_2291903=YEoVFZ+sHXlRn2Z74s/xZQAAAAD/igRCS/kVCMvHzRGyKRjR; path=/; Domain=.iperceptions.com
x-cdn
Incapsula
x-iinfo
6-232617-232618 NNNN CT(123 123 0) RT(1596656347164 0) q(0 0 3 -1) r(4 4) U12
adsct
analytics.twitter.com/i/ 		31 B
283 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nuptm&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fbill-pay-pre-prod.maw-pci.xfinity.com%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
121
pragma
no-cache
last-modified
Wed, 05 Aug 2020 19:39:07 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b148fb6770942e38568c708ba511af4b
x-transaction
0075c9fc0007719a
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nuptm&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
105
pragma
no-cache
last-modified
Wed, 05 Aug 2020 19:39:07 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
1581f9ef64efdd3916631b32067dde25
x-transaction
00c60d21006175de
expires
Tue, 31 Mar 1981 05:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-1023869955
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s24-in-f2.1e100.net
Software
cafe /
Resource Hash
6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11328
x-xss-protection
0
server
cafe
etag
4229961699705442162
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 05 Aug 2020 19:39:07 GMT
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5280004&Ver=2&mid=9e53fd27-124f-3347-fd29-39558c51b5d4&sid=a47a1da89caa236024a979032f52af36&vid=91cb4984c08f7e3d620c157b65fa1703&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=XFINITY%20%7C%20Bill%20Pay&p=https%3A%2F%2Fbill-pay-pre-prod.maw-pci.xfinity.com%2F&r=&lt=1785&evt=pageLoad&msclkid=N&sv=1&rn=720420
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 77DE139BCDAD4AE5BA3F008B7363923E Ref B: FRAEDGE1219 Ref C: 2020-08-05T19:39:07Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?random=1596656347945&cv=9&fst=1596656347945&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbill-pay-pre-prod.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cc6c5ae43b446642e46bfbb307ead026f9b2a13667afe9c3acedc33cbdda2fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?random=1596656347948&cv=9&fst=1596656347948&num=1&value=1&currency_code=USD&label=7HWWCN-bhwgQg4ic6AM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbill-pay-pre-prod.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84ec99cb2aa6edd22f2d063484291c2662042305b79172c747c4a132488aa077
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
bid.g.doubleclick.net/xbbe/ Frame 0073 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bid.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=KAE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Wed, 05 Aug 2020 19:39:08 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUlRs8jlk97CjUmadVIhMx-4q1OqCaA3_KbWAARIasAinbFbY-VtstmgvXgI; expires=Fri, 05-Aug-2022 19:39:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 05 Aug 2020 19:39:08 GMT
cache-control
private
/
www.google.com/pagead/1p-user-list/1023869955/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1023869955/?random=1596656347945&cv=9&fst=1596654000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbill-pay-pre-prod.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&async=1&fmt=3&is_vtc=1&random=3754934580&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1023869955/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1023869955/?random=1596656347945&cv=9&fst=1596654000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbill-pay-pre-prod.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&async=1&fmt=3&is_vtc=1&random=3754934580&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1023869955/ 		42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/1023869955/?random=1596656347948&cv=9&fst=1596654000000&num=1&value=1&currency_code=USD&label=7HWWCN-bhwgQg4ic6AM&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbill-pay-pre-prod.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&async=1&fmt=3&is_vtc=1&random=535077000&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1023869955/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/1023869955/?random=1596656347948&cv=9&fst=1596654000000&num=1&value=1&currency_code=USD&label=7HWWCN-bhwgQg4ic6AM&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7v1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbill-pay-pre-prod.maw-pci.xfinity.com%2F&tiba=XFINITY%20%7C%20Bill%20Pay&async=1&fmt=3&is_vtc=1&random=535077000&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xfinitystandard-bold.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/xfinitystandard-bold.woff2
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/static/js/main.43fff356.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:19f::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
243164ef61224b5f3e7f9dd9f1c31e6e62db5f4906a1f9fe86a77be5a7cef360

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/static/css/main.cc2d657a.chunk.css
Origin
https://bill-pay-pre-prod.maw-pci.xfinity.com

Response headers

x-amz-version-id
_VgF2ipJTVkDvi_hQsG99Y63Py8pZNGV
last-modified
Fri, 24 Apr 2020 17:31:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"724299b8cfbcc8fbffd79fe88d13cc44"
content-type
binary/octet-stream
status
200
cache-control
max-age=31536000
date
Wed, 05 Aug 2020 19:39:08 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
10680
x-amz-cf-id
WOMryQ64wJzfmI84TBJgE7TMxpIBr3H2OEIM9yQmoFfs_8r1KNW_dw==
xfinitystandard-medium.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/xfinitystandard-medium.woff2
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/static/js/main.43fff356.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:19f::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
000f2b27b0f8732ca6e0d4134f4aeda5792ee889220c09fd75abb50691c56da5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/static/css/main.cc2d657a.chunk.css
Origin
https://bill-pay-pre-prod.maw-pci.xfinity.com

Response headers

x-amz-version-id
oEscn0vB4TbRQmAKOKLJYPbefnDiRB4z
last-modified
Fri, 24 Apr 2020 17:31:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"232c2eee67cca99cadf3d5955f114542"
content-type
binary/octet-stream
status
200
cache-control
max-age=31536000
date
Wed, 05 Aug 2020 19:39:08 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
10700
x-amz-cf-id
pZG7lSmGNLMYbYWtRJrcCoiqs3YGtfvbQFty9jFFHqfOxLhXH6uq7g==
xfinitystandard-light.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/xfinitystandard-light.woff2
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/static/js/main.43fff356.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:19f::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d7af534aa66de0f37e57d5d32cef87a5690c092eb651970199df1f1b3d9386b2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/static/css/main.cc2d657a.chunk.css
Origin
https://bill-pay-pre-prod.maw-pci.xfinity.com

Response headers

x-amz-version-id
2puCFBfShCFrWTlCp2htmvZzNsD3yC5H
last-modified
Fri, 24 Apr 2020 17:31:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"dcd8fa24e4cfe11bfe00a19f994daaa4"
content-type
binary/octet-stream
status
200
cache-control
max-age=31536000
date
Wed, 05 Aug 2020 19:39:08 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
10832
x-amz-cf-id
hgoC311YzPERJS1WeyTFGlYGwOBcslnwLb6wBC-T0DAJPzpdGkCo2A==
InviteTriggers
invite-preprod.iperceptions.com/ 		238 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://invite-preprod.iperceptions.com/InviteTriggers
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/common/analytics/data-layer-non-prod-3-4-2-min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.209.146.221 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e6954d9347299a88dc63ae918a5104028af61b93cb9d9fd9e945547a494af74b

Request headers

SecurityToken
410f8076-db76-454d-bfc2-c724a5fc59b0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/

Response headers

pragma
no-cache
date
Wed, 05 Aug 2020 19:39:08 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
status
200
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
238
expires
-1
ipEngine.js
universal-preprod.iperceptions.com/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://universal-preprod.iperceptions.com/ipEngine.js
Requested by
Host: universal-preprod.iperceptions.com
URL: https://universal-preprod.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.226 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
282dc313375ae4090636efe2f6e35da05f9dbf42f491104b6c5eaf71f7e0de76

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:08 GMT
content-encoding
gzip
last-modified
Wed, 29 Jul 2020 14:11:09 GMT
x-cdn
Incapsula
etag
"94368d1bb265d61:0"
content-type
application/javascript
status
200
x-iinfo
6-232624-0 0CNN RT(1596656348196 0) q(0 -1 -1 0) r(0 -1)
content-length
4230
22299_637320737206721988
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ 		132 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/22299_637320737206721988
Requested by
Host: universal-preprod.iperceptions.com
URL: https://universal-preprod.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.87.226 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
cc5077a4f73c73a865bb7c7d87c132a1a019fa09cd93a12f07d9eaf76d97ca6f

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 05 Aug 2020 19:39:08 GMT
content-encoding
gzip
last-modified
Mon, 03 Aug 2020 17:48:40 GMT
x-cdn
Incapsula
etag
0x8D837D575479B7D
content-type
application/javascript
status
200
x-iinfo
6-232625-0 0CNN RT(1596656348217 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=3600, public
content-length
9877
expires
Wed, 05 Aug 2020 20:39:08 GMT
harvest_22299.js
art.azureedge.net/harvest/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://art.azureedge.net/harvest/harvest_22299.js
Requested by
Host: universal-preprod.iperceptions.com
URL: https://universal-preprod.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FD3) /
Resource Hash
9d526cc59af43fd4ff67f8eee25ff2c0a52c2c008e661af3b62eafad0507c5fd

Request headers

Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 05 Aug 2020 19:39:08 GMT
content-encoding
gzip
content-md5
H60ZpvNB4GMbbO835WkX9g==
age
254894
x-cache
HIT
status
200
content-length
2022
x-ms-lease-status
unlocked
last-modified
Fri, 02 Feb 2018 16:09:55 GMT
server
ECAcc (frc/8FD3)
etag
0x8D56A57668419AD
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
5bf1e4ca-701e-000f-420e-69ce5f000000
x-ms-version
2009-09-19
maw-bill-pay
melee.sed.dh.comcast.net/v2/unstructured/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://melee.sed.dh.comcast.net/v2/unstructured/maw-bill-pay
Requested by
Host: bill-pay-pre-prod.maw-pci.xfinity.com
URL: https://bill-pay-pre-prod.maw-pci.xfinity.com/static/js/2.db523fe1.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:336:b300:d4ef:71a2:ae8a:6589 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Melee /
Resource Hash

Request headers

melee-token
9F819838-F0F2-4387-BDB7-E0BD4FE50312
Referer
https://bill-pay-pre-prod.maw-pci.xfinity.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json

Response headers

status
204
date
Wed, 05 Aug 2020 19:39:10 GMT
x-client-id
maw-billpay
server
Melee
access-control-allow-origin
*

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| MAW object| cspPattern object| cspEnv function| e object| adobe function| Visitor object| _satellite object| s_c_il number| s_c_in object| AdobeTeamUtils object| targetGlobalSettings object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| digitalData object| webpackJsonpmaw-bill-pay string| upDate function| s_doPlugins boolean| cookieCombiningUtility function| removeExpiredCookies function| cookieRead function| cookieWrite function| cookieDelete object| dfaConfig function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s number| s_objectID number| s_giq object| s_Integrate_DFA string| v function| DIL object| s_3_Integrate_DFA_get_0 object| __core-js_shared__ object| core object| BrowserInterface object| regeneratorRuntime string| iperceptionskey object| uetq object| dataLayer function| twq object| iPerceptions object| twttr object| google_tag_manager object| google_tag_data function| UET function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| ipDef function| initharvest boolean| result object| SEAC number| j object| trigger number| rate

7 Cookies

Domain/Path Name / Value
.demdex.net/ Name: dextp
Value: 21-1-1596656347590|60-1-1596656347690|358-1-1596656347791
.demdex.net/ Name: demdex
Value: 50997852697336422140984997544689145845
.xfinity.com/ Name: s_pers
Value: %20s_dfa%3Dcomcastdotcomqa%7C1596658147548%3B
.xfinity.com/ Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg
Value: -1712354808%7CMCIDTS%7C18480%7CMCMID%7C50835555980355469451000101772786740050%7CMCAAMLH-1597261147%7C6%7CMCAAMB-1597261147%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1596663547s%7CNONE%7CMCSYNCSOP%7C411-18487%7CMCAID%7CNONE%7CvVersion%7C4.3.0
bill-pay-pre-prod.maw-pci.xfinity.com/ Name: MAW_sessionID
Value: d7bdc4d4-d397-415f-9e00-d4cc4871715d
.xfinity.com/ Name: AMCVS_DA11332E5321D0550A490D45%40AdobeOrg
Value: 1
.xfinity.com/ Name: check
Value: true

1 Console Messages

Source Level URL
Text
console-api log URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-11c8f38a44853a1fa459e08fd609da47c7ce7efd-staging.js(Line 1)
Message:
Error, missing Report Suite ID in AppMeasurement initialization

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
art.azureedge.net
assets.adobedtm.com
bat.bing.com
bid.g.doubleclick.net
bill-pay-pre-prod.maw-pci.xfinity.com
cdn.comcast.com
cm.everesttech.net
comcast.demdex.net
comcastcom.d1.sc.omtrdc.net
d.agkn.com
dpm.demdex.net
fls.doubleclick.net
googleads.g.doubleclick.net
invite-preprod.iperceptions.com
melee.sed.dh.comcast.net
sd.iperceptions.com
servedby.flashtalking.com
static.ads-twitter.com
static.cimcontent.net
t.co
universal-preprod.iperceptions.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.209.146.221
104.244.42.195
104.244.42.5
15.236.9.100
151.101.112.157
18.200.232.122
205.185.216.10
216.58.205.230
216.58.207.34
2600:1f18:336:b300:d4ef:71a2:ae8a:6589
2600:9000:214f:200:19:fc2c:a140:93a1
2600:9000:214f:c000:17:e313:2540:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:801::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:825::2002
2a02:26f0:10c:382::1e80
2a02:26f0:10c:399::2af2
2a02:26f0:6c00:19f::30d4
2a03:2880:f11c:8183:face:b00c:0:25de
45.60.87.226
52.30.78.155
64.233.166.157
66.117.28.86
000f2b27b0f8732ca6e0d4134f4aeda5792ee889220c09fd75abb50691c56da5
01dfbd7715ecb8fc9e7bf143d7b0520abf110743683552fcf03be7e2551d59bf
0ae211da5f365a98fb2d8f267477c481f42f2b9b0ae32926301c6d2421042578
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17a71edee6d5e0514b7d9fcb4821d80b99fbb12d56e1979dfb90b209bd35c45a
1af1424a065c25e105f9b49851324d6c3e55f25afac6321a690135900d083f5d
1c84dd70ad9554c6dd4975ac7d8dbdafc8453219d412d548b4b9ddb366fb6d85
243164ef61224b5f3e7f9dd9f1c31e6e62db5f4906a1f9fe86a77be5a7cef360
282dc313375ae4090636efe2f6e35da05f9dbf42f491104b6c5eaf71f7e0de76
2e9255c9f403fd6e9a6dfed892c6f2a8c98dea37e913be8a3cc65e8b9f9e6c0e
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c5557b6a6209c48e7cc2b17e6922e6684436b1b62e262e02b0eb498d722918b
4cc6c5ae43b446642e46bfbb307ead026f9b2a13667afe9c3acedc33cbdda2fe
5c622f5433cbb6ea1df5c0dd8671e55ef7d1464366074730473c453de50a579b
6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975
7516c0739c149609dbe3c2e8318f52e334f4c12ea8eeff87184a33fac8c31ea1
7806c05f4a2e2265967b291c07649d797ef44b7a171f9a3cf51cc7cd4ba78ce0
84ec99cb2aa6edd22f2d063484291c2662042305b79172c747c4a132488aa077
876400331612d5dad01a09ed668a8aa28b0e257e9d517f432612a5064cf8fd35
8a2b4a990c936ee2641cff51c8df6d44834d31373afbc7b8fd42c495c5f06b34
9af6f9dafb763662542aad51406983b95b0b6a1ace182c16e1443ebb8e25d427
9d526cc59af43fd4ff67f8eee25ff2c0a52c2c008e661af3b62eafad0507c5fd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
cc5077a4f73c73a865bb7c7d87c132a1a019fa09cd93a12f07d9eaf76d97ca6f
cc6c79b9fde625da0438408c6564b8fb185ded27508bfd8acb40f2a368d2c3bb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d027a96c9981ee0d7dcc0b6150c644c79a119d0003ab5e84a8b7af3bd80183bc
d7af534aa66de0f37e57d5d32cef87a5690c092eb651970199df1f1b3d9386b2
db890e345847d24ceb6829011a5fafe897893d71ad3c97636287fcbadb254ef7
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cdca181c51486b60b23b011634c5ad56544672ffba05c47aee612d0b5de561
e4fb4a0a50a6e29c8607985620aa76cf86436cb59dac9fe6ee3d6f79dc2d60d3
e6954d9347299a88dc63ae918a5104028af61b93cb9d9fd9e945547a494af74b
e7ac4d350b4fb8c0f3a0eacb18c9de3f7c5da723bced1dc0518920210258131a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f063e81c5dc9925c7cc1f4badecdd11f1813317a2924e9f4edb2b062a95a9ea5
f519e330f4d7b43a16cbe25e26d3776cf5384b95d5a17843db7a4dbf21d26c27