pub-1a282a45be37473684116312dd030cbf.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Submission: On June 11 via api (June 11th 2023, 3:10:08 pm UTC) from US — Scanned from US

Summary HTTP 84 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 31 domains to perform 84 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-1a282a45be37473684116312dd030cbf.r2.dev.
TLS certificate: Issued by E1 on April 17th 2023. Valid for: 3 months.

This is the only time pub-1a282a45be37473684116312dd030cbf.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.18.3.35 104.18.3.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
12	2600:1400:d:5... 2600:1400:d:588::2c06	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 17	35.85.195.233 35.85.195.233	16509 (AMAZON-02) (AMAZON-02)
3	2600:1400:900... 2600:1400:9000:1a6::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2600:141b:13:... 2600:141b:13:7a0::30d4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	108.138.107.138 108.138.107.138	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	23.77.172.245 23.77.172.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:100:a001... 2620:100:a001::18	19750 (AS-CRITEO) (AS-CRITEO)
1	159.89.246.130 159.89.246.130	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2602:803:c002... 2602:803:c002:200::52	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	18.164.107.227 18.164.107.227	16509 (AMAZON-02) (AMAZON-02)
1	52.35.195.189 52.35.195.189	16509 (AMAZON-02) (AMAZON-02)
1	63.140.36.112 63.140.36.112	16509 (AMAZON-02) (AMAZON-02)
3	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	185.235.85.31 185.235.85.31	19750 (AS-CRITEO) (AS-CRITEO)
1	185.235.85.52 185.235.85.52	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1 1	13.225.214.90 13.225.214.90	16509 (AMAZON-02) (AMAZON-02)
2 2	34.236.99.3 34.236.99.3	14618 (AMAZON-AES) (AMAZON-AES)
2 2	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 2	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2620:112:f002... 2620:112:f002:bbbb::23	6336 (TURN-US-ASN) (TURN-US-ASN)
3 3	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	23.213.49.243 23.213.49.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	3.225.218.10 3.225.218.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:445... 2600:1f18:445b:903:dec7:71c:8a6:f123	14618 (AMAZON-AES) (AMAZON-AES)
1 1	108.138.128.39 108.138.128.39	16509 (AMAZON-02) (AMAZON-02)
1 1	18.164.96.91 18.164.96.91	16509 (AMAZON-02) (AMAZON-02)
1 1	3.248.152.94 3.248.152.94	16509 (AMAZON-02) (AMAZON-02)
2 2	3.217.144.211 3.217.144.211	14618 (AMAZON-AES) (AMAZON-AES)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2 2	44.216.109.127 44.216.109.127	14618 (AMAZON-AES) (AMAZON-AES)
84	23

22 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-1a282a45be37473684116312dd030cbf.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.3.35 (None, )

ASN13335 (CLOUDFLARENET, US)

pub-1a282a45be37473684116312dd030cbf.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:1400:d:588::2c06 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

dl.cws.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.85.195.233 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-85-195-233.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1400:9000:1a6::1e80 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:141b:13:7a0::30d4 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

static.cimcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.77.172.245 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-77-172-245.deploy.static.akamaitechnologies.com

crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:200::52 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

comcast-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.107.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-107-227.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.35.195.189 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-195-189.us-west-2.compute.amazonaws.com

comcast.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.36.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-112.data.adobedc.net

comcastcom.d1.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

dnacdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.235.85.31 (France)

ASN19750 (AS-CRITEO, US)

ag.gbc.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.235.85.52 (France)

ASN19750 (AS-CRITEO, US)

gem.gbc.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.90 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-90.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.99.3 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-99-3.compute-1.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.60.146 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.179.166 (North Bergen, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::23 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.41.2 (East White Plains, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.49.243 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-49-243.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.225.218.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:903:dec7:71c:8a6:f123 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.128.39 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-39.jfk50.r.cloudfront.net

ads.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.91 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-91.jfk50.r.cloudfront.net

evt.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.152.94 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-152-94.eu-west-1.compute.amazonaws.com

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.217.144.211 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-144-211.compute-1.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.216.109.127 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-216-109-127.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	r2.dev pub-1a282a45be37473684116312dd030cbf.r2.dev	656 KB
18	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 219 comcast.demdex.net — Cisco Umbrella Rank: 4305	20 KB
12	xfinity.com dl.cws.xfinity.com — Cisco Umbrella Rank: 24289	3 KB
7	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax.amazon-adsystem.com — Cisco Umbrella Rank: 443 s.amazon-adsystem.com — Cisco Umbrella Rank: 335	63 KB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 742 ag.gbc.criteo.com — Cisco Umbrella Rank: 4369 gem.gbc.criteo.com — Cisco Umbrella Rank: 4417 gum.criteo.com — Cisco Umbrella Rank: 413 mug.criteo.com — Cisco Umbrella Rank: 2161	2 KB
4	cimcontent.net static.cimcontent.net — Cisco Umbrella Rank: 20394	150 KB
3	doubleclick.net 3 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 248	978 B
3	openx.net 1 redirects comcast-d.openx.net — Cisco Umbrella Rank: 37466 us-u.openx.net — Cisco Umbrella Rank: 491	1 KB
3	adnxs.com 2 redirects acdn.adnxs.com — Cisco Umbrella Rank: 600 ib.adnxs.com — Cisco Umbrella Rank: 244	36 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 408	23 KB
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 562	31 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 655	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 588	1 KB
2	undertone.com 2 redirects ads.undertone.com — Cisco Umbrella Rank: 6523 evt.undertone.com — Cisco Umbrella Rank: 5806	1 KB
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1254 ups.analytics.yahoo.com — Cisco Umbrella Rank: 334	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 385	717 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 433	833 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 991	1 KB
2	dnacdn.net dnacdn.net — Cisco Umbrella Rank: 2697	1 KB
1	adswizz.com 1 redirects synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2781	487 B
1	innovid.com 1 redirects ag.innovid.com — Cisco Umbrella Rank: 1624	248 B
1	flashtalking.com 1 redirects servedby.flashtalking.com — Cisco Umbrella Rank: 950	552 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 252	611 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 707	393 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1536	402 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 529	633 B
1	omtrdc.net comcastcom.d1.sc.omtrdc.net — Cisco Umbrella Rank: 42130	287 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 526	910 B
1	serverbid.com e.serverbid.com — Cisco Umbrella Rank: 4184	208 B
1	adnxs-simple.com crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 4497	150 KB
0	rundsp.com Failed match.rundsp.com Failed
84	31

	Domain	Requested by
25	pub-1a282a45be37473684116312dd030cbf.r2.dev	pub-1a282a45be37473684116312dd030cbf.r2.dev
17	dpm.demdex.net	1 redirects pub-1a282a45be37473684116312dd030cbf.r2.dev
12	dl.cws.xfinity.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
4	static.cimcontent.net	pub-1a282a45be37473684116312dd030cbf.r2.dev
3	s.amazon-adsystem.com	2 redirects
3	cm.g.doubleclick.net	3 redirects
3	c.amazon-adsystem.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
3	assets.adobedtm.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
3	static.criteo.net	pub-1a282a45be37473684116312dd030cbf.r2.dev
2	us-u.openx.net	1 redirects
2	i.liadm.com	2 redirects
2	match.prod.bidr.io	2 redirects
2	match.adsrvr.org	2 redirects
2	ib.adnxs.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	pm.w55c.net	2 redirects
2	dnacdn.net	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	synchroscript.deliveryengine.adswizz.com	1 redirects
1	evt.undertone.com	1 redirects
1	ads.undertone.com	1 redirects
1	ag.innovid.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	servedby.flashtalking.com	1 redirects
1	c.bing.com	1 redirects
1	analytics.twitter.com
1	d.turn.com	1 redirects
1	aa.agkn.com	1 redirects
1	mug.criteo.com
1	gum.criteo.com	1 redirects
1	gem.gbc.criteo.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	ag.gbc.criteo.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	comcastcom.d1.sc.omtrdc.net	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	comcast.demdex.net	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	aax.amazon-adsystem.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	comcast-d.openx.net	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	fastlane.rubiconproject.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	e.serverbid.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	bidder.criteo.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	crcdn01.adnxs-simple.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
1	acdn.adnxs.com	pub-1a282a45be37473684116312dd030cbf.r2.dev
0	match.rundsp.com Failed
84	42

This site contains links to these domains. Also see Links.

Domain
ams1-ib.adnxs.com
www.comcast.net
www.surveymonkey.com
idm.xfinity.com
customer.xfinity.com
my.xfinity.com
xfinity.comcast.net
www.xfinity.com

Subject Issuer	Validity	Valid
*.r2.dev E1	`2023-04-17` - `2023-07-16`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.cws.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2023-04-12` - `2024-04-11`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
static.cimcontent.net COMODO RSA Organization Validation Secure Server CA	`2023-03-30` - `2024-03-29`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.consumableaudio.com R3	`2023-05-15` - `2023-08-13`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.d1.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-03-08`	a year	crt.sh
dnacdn.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-16` - `2023-08-14`	3 months	crt.sh
*.gbc.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-03` - `2023-07-28`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Frame ID: 161607595B45035AC2109F144F1CD89C
Requests: 55 HTTP requests in this frame

Frame: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/syncframe.htm
Frame ID: BA23933E9481F64C059DA95F91DAAD21
Requests: 6 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: 2D29F095387A2CCCDB2CC310C2101093
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Xfinity

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

84
Requests

77 %
HTTPS

28 %
IPv6

31
Domains

42
Subdomains

23
IPs

4
Countries

1133 kB
Transfer

2421 kB
Size

35
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://ams1-ib.adnxs.com/click?AAAAAAAAAAAAAAAAAAAAAAAAAMD1KPg_AAAAAAAAAAAAAAAAAAAAALihGukEcN0_ZdnEfWxbVwHxMjhhAAAAAP7j5ADUHQAA1B0AAAIAAADTK4ASGY4bAAAAAABVU0QAVVNEAHgFIANMhAAAAAABAQMCAAAAAMYAaxc4GgAAAAA./bcr=AAAAAAAA8D8=/cnd=%21KBB-0QiewosYENPXgJQBGJmcbiAEKAAxAAAAAAAX4UA6CUFNUzE6NDE3N0CwLEkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAAAAAA../cca=NzYzNiNBTVMxOjQxNzc=/bn=84061/clickenc=http%3A%2F%2Fwww.thefastsaga.com%2Fwatchnow%2F

Search URL Search Domain Scan URL

URL: http://www.comcast.net/adinformation
Title: Ad Info

Search URL Search Domain Scan URL

URL: https://www.surveymonkey.com/s.aspx?sm=FyNNVDhj_2f2FNc2KVOHQ4eg_3d_3d
Title: Ad Feedback

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/lookup?continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26client_id%3Dmy-xfinity%26reqId%3D55d885d0-3c26-4b37-8cbd-6518c334ac07%26r%3Dcomcast.net%26s%3Doauth%26deviceAuthn%3Dfalse%26continue%3Dhttps%253A%252F%252Foauth.xfinity.com%252Foauth%252Fauthorize%253Fresponse_type%253Dcode%2526redirect_uri%253Dhttps%25253A%25252F%25252Fauth.xfinity.com%25252Foauth%25252Fcallback%2526client_id%253Dmy-xfinity%2526state%253Dhttps%25253A%25252F%25252Fcustomer.xfinity.com%25252F%252523%25252F%25253FCMP%25253DILC_signin_myxfinity_re%2526response%253D1%26forceAuthn%3D0%26lang%3Den%26rm%3D2&lang=en
Title: Xfinity ID

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/reset?continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26client_id%3Dmy-xfinity%26reqId%3D55d885d0-3c26-4b37-8cbd-6518c334ac07%26r%3Dcomcast.net%26s%3Doauth%26deviceAuthn%3Dfalse%26continue%3Dhttps%253A%252F%252Foauth.xfinity.com%252Foauth%252Fauthorize%253Fresponse_type%253Dcode%2526redirect_uri%253Dhttps%25253A%25252F%25252Fauth.xfinity.com%25252Foauth%25252Fcallback%2526client_id%253Dmy-xfinity%2526state%253Dhttps%25253A%25252F%25252Fcustomer.xfinity.com%25252F%252523%25252F%25253FCMP%25253DILC_signin_myxfinity_re%2526response%253D1%26forceAuthn%3D0%26lang%3Den%26rm%3D2&lang=en
Title: password

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/create-uid?continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26client_id%3Dmy-xfinity%26reqId%3D55d885d0-3c26-4b37-8cbd-6518c334ac07%26r%3Dcomcast.net%26s%3Doauth%26deviceAuthn%3Dfalse%26continue%3Dhttps%253A%252F%252Foauth.xfinity.com%252Foauth%252Fauthorize%253Fresponse_type%253Dcode%2526redirect_uri%253Dhttps%25253A%25252F%25252Fauth.xfinity.com%25252Foauth%25252Fcallback%2526client_id%253Dmy-xfinity%2526state%253Dhttps%25253A%25252F%25252Fcustomer.xfinity.com%25252F%252523%25252F%25253FCMP%25253DILC_signin_myxfinity_re%2526response%253D1%26forceAuthn%3D0%26lang%3Den%26rm%3D2&lang=en
Title: Create one

Search URL Search Domain Scan URL

URL: https://customer.xfinity.com/lite
Title: Pay any balance

Search URL Search Domain Scan URL

URL: http://my.xfinity.com/terms/web/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://xfinity.comcast.net/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/privacy/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/privacy/manage-preference
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://gum.criteo.com/sid/json?origin=NA&domain=pub-1a282a45be37473684116312dd030cbf.r2.dev&sn=FirefoxSyncframe&so=0&topUrl=undefined&info=BvLE6F9RVFUzaE82Nm54dzhKZmEwNzQ1RWtBazVvN1ElMkJaNll4JTJCZmt5cWtTWDhtNVNnOGpQT2J2VGdXU1k5WUlGQmJyWWxTWEpBVkl5cFVxSnprZVk4UVpWcHclM0QlM0Q&idsd=-1530154827,-909382924 HTTP 302
https://mug.criteo.com/sid?cpp=id-fVXxWWlByUThHNFBsYjc4aXNNRmFGLzNzVk05SW80dWlhQ1NRMnpzUld5cVhJblhCOHZQMlhBV1JkemJaaklwUi9VMXF3NEhHTExySlFiYnJ5UjQzOGhiNzRCNzdpRHhsTzF5aEdOc1IwSjlMamFwNFNkTTZLNGhSakd3QUdjak1rRWNpWVNSQWMzTnFGczhodytXY1A3cnZGSmc0V0YxNkJ0b25iU2FXWXZNbnhXQ2hKaTV1NU9WcTg5M2hvUkx3ci9MT0o4bXptelRTRXVBdFF4aVJrQ2JzMCtuU2szcmliNG95czZpMkIzeDE0RW8vVFdxd0d0SVUzOGxwalU2eUpYQ2E0OW5MREx4ZXBLWHVUYXpMeHdEa3R3bWxrQjB0VWhaRUtnOTEyVUI0TT18&cppv=2

Request Chain 62

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=40520259984296694423633209718763612890 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=214990604544007865866

Request Chain 63

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
https://dpm.demdex.net/ibs:dpid=359&dpuuid=1vncY2361Q8mHB5

Request Chain 64

https://idsync.rlcdn.com/365868.gif?partner_uid=40520259984296694423633209718763612890 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNDA1MjAyNTk5ODQyOTY2OTQ0MjM2MzMyMDk3MTg3NjM2MTI4OTAQABoNCMfHl6QGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=73c44d0cfe8a561e3de77ffa4f25045fe8d54ae4f0169720f2cda0fa7d5f379fb0da87c991749652

Request Chain 65

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2784250317573254986

Request Chain 66

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2589063383687740355

Request Chain 67

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDA1MjAyNTk5ODQyOTY2OTQ0MjM2MzMyMDk3MTg3NjM2MTI4OTA= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDA1MjAyNTk5ODQyOTY2OTQ0MjM2MzMyMDk3MTg3NjM2MTI4OTA=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDa278qbrSxROkII_QKUPz4&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 71

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=pub-1a282a45be37473684116312dd030cbf.r2.dev&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=pub-1a282a45be37473684116312dd030cbf.r2.dev&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=37c29fd2-bff5-406e-b02c-2b60567c088c

Request Chain 72

https://c.bing.com/c.gif?uid=40520259984296694423633209718763612890&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=230775705FB56BE72C9A665D5E0B6AC6

Request Chain 73

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5640726B8FA321&gdpr=0&gdpr_consent=

Request Chain 75

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=40520259984296694423633209718763612890&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=40520259984296694423633209718763612890&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-0bwcn5xE2pE1tKqmJZLlgeh0eGyB4ctqZ70-~A

Request Chain 76

https://ag.innovid.com/dv/sync?tid=6 HTTP 302
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=767a1615-508e-4c78-8234-968cfcdc8950

Request Chain 77

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Request Chain 78

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=78d1b9fc11acb1021b0460b17f73576a

Request Chain 79

https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AACeX07JC8gAACAcTLZiog?gdpr=0

Request Chain 80

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=7i5L8jsnQEymJLo3GcAlWA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=40520259984296694423633209718763612890

Request Chain 81

https://i.liadm.com/s/30576?bidder_id=82775&bidder_uuid=40520259984296694423633209718763612890 HTTP 303
https://i.liadm.com/s/30576?bidder_id=82775&bidder_uuid=40520259984296694423633209718763612890&_li_chk=true&previous_uuid=df1d2b3fdc164f07bd75e41275716d68 HTTP 303
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=df1d2b3f-dc16-4f07-bd75-e41275716d68

Request Chain 82

https://us-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIzueU7w9kR3jsNrgrelGN0&google_cver=1

84 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.htm Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/ 72 KB
10 KB 844ms
374ms Document
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecff72cf54fbf99faae120af7044c9f1d1e142a1c82a24eaff789c5176fd5e3a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-RAY: 7d5ac726de28336b-MIA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 11 Jun 2023 15:09:55 GMT
ETag: W/"9ddfcefc392deb50dc9f76bd4c0c2585"
Last-Modified: Mon, 05 Jun 2023 12:27:22 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK publishertag.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 84 KB
24 KB 224ms
224ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/publishertag.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:24 GMT
Server: cloudflare
ETag: W/"1562c796335badba77eb55361c56e57b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac729aa28336b-MIA

GET
H/1.1 200
OK ast.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 88 KB
31 KB 285ms
285ms Script
text/javascript 104.18.3.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ast.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca2ccdd5846d54ff24d04393a9d6ce0b5d60a91814e7bd2755b03059ed98c2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:22 GMT
Server: cloudflare
ETag: W/"9c6290ea17425b04643796600888fa4a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac729a90731d2-MIA

GET
H/1.1 200
OK apstag.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 127 KB
35 KB 258ms
257ms Script
text/javascript 104.18.3.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/apstag.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:23 GMT
Server: cloudflare
ETag: W/"708a268139e52bdfbe59398b3e766151"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac734fc0731d2-MIA

GET
H/1.1 200
OK prebid.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 217 KB
70 KB 232ms
232ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/prebid.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0504d7450b72fc5d0a63cb367b201667e792b35bd38a37f01002583ff826f60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:23 GMT
Server: cloudflare
ETag: W/"7a495d9002d89d3c5e63ac7e274dbd44"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac734f89c21df-MIA

GET
H/1.1 200
OK comcast-common.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 182 KB
92 KB 481ms
400ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1198fb95336f488f50bf7bdca1737d2b958e7c756976a663a447c872deb76946

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:23 GMT
Server: cloudflare
ETag: W/"ee797474d9bc6c7bf9a3b8dfa3c0e82b"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac72a28198dc6-MIA

GET
H/1.1 200
OK launch-46f715e51bac.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 218 KB
63 KB 377ms
297ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/launch-46f715e51bac.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59de4349e46a840aee96c8a802c20d53947d9d129611ab75b375064d535d35cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:23 GMT
Server: cloudflare
ETag: W/"1976a25256119a51654b33c5d43d0681"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac72a2a1121df-MIA

GET
H/1.1 200
OK a Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 84 KB
85 KB 484ms
197ms Script
text/plain 104.18.3.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/a
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a71bad4d04d7358f86c292779d4194cc5c21afbf42fa742d153b1490bb1f5e2b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Last-Modified: Mon, 05 Jun 2023 12:27:22 GMT
Server: cloudflare
ETag: "38b44e852665518309e4aff0c9f43cc1"
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7d5ac72b7bb131d2-MIA
Content-Length: 86512

GET
H/1.1 200
OK fonts-remote.css
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 3 KB
642 B 324ms
249ms Stylesheet
text/css 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/fonts-remote.css
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:23 GMT
Server: cloudflare
ETag: W/"143a68eba72adb1b176692cb35122c8a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
CF-RAY: 7d5ac72a2f69ef2a-MIA

GET
H/1.1 200
OK styles-light.css
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 45 KB
11 KB 322ms
247ms Stylesheet
text/css 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/styles-light.css
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ede2b7c47228abab954649f7e61ed257760887ec78994c6d5d5ed2e9895140

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:24 GMT
Server: cloudflare
ETag: W/"52312f0dd03ef48385975849e06afcdc"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
CF-RAY: 7d5ac72a2978dac1-MIA

GET
H/1.1 200
OK AppMeasurement.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 33 KB
12 KB 215ms
213ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/AppMeasurement.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:22 GMT
Server: cloudflare
ETag: W/"f259ee6445c19c2ce3c64a1b117a4f35"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac734ff238dc6-MIA

GET
H/1.1 200
OK AppMeasurement_Module_ActivityMap.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 3 KB
2 KB 349ms
347ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/AppMeasurement_Module_ActivityMap.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:22 GMT
Server: cloudflare
ETag: W/"5dedcda2c8a6c3a51fd419d306427010"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac734ff70ef2a-MIA

GET
H/1.1 200
OK AppMeasurement_Module_AudienceManagement.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 25 KB
9 KB 259ms
256ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/AppMeasurement_Module_AudienceManagement.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:22 GMT
Server: cloudflare
ETag: W/"c8afb92bc0d997ba5b673367e69b9ff1"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac734fb39dac1-MIA

GET
H/1.1 200
OK e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367 Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 87 KB
88 KB 543ms
253ms Script
text/plain 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee2d85bfd16ce85b6d9392c6c91d717b9f31be7ea5dafb0ea2abb8a143620867

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Last-Modified: Mon, 05 Jun 2023 12:27:23 GMT
Server: cloudflare
ETag: "933baee39559a42673c20354f86fda26"
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7d5ac72b7d27336b-MIA
Content-Length: 89543

GET
H/1.1 200
OK LRECcta.gif
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 43 B
351 B 256ms
253ms Image
image/gif 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/LRECcta.gif
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Last-Modified: Mon, 05 Jun 2023 12:27:23 GMT
Server: cloudflare
ETag: "325472601571f31e1bf00674c368d335"
Vary: Accept-Encoding
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7d5ac734fac0336b-MIA
Content-Length: 43

GET
H/1.1 200
OK vm-login-form-ad.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 9 KB
4 KB 590ms
266ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/vm-login-form-ad.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab31816aa0fa561765323e1ffee2f48db4c5c406282a68416b1264c18fa629c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:24 GMT
Server: cloudflare
ETag: W/"88da27e6f58aa5bb91964f5b101f88db"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac72bbbd3dac1-MIA

GET
H/1.1 200
OK u.gif
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 42 B
350 B 361ms
331ms Image
image/gif 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/u.gif
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Last-Modified: Mon, 05 Jun 2023 12:27:25 GMT
Server: cloudflare
ETag: "d89746888da2d9510b64a9f031eaecd5"
Vary: Accept-Encoding
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7d5ac7369c8d336b-MIA
Content-Length: 42

GET
H/1.1 200
OK event.gif
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 42 B
350 B 482ms
481ms Image
image/gif 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/event.gif
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Last-Modified: Mon, 05 Jun 2023 12:27:22 GMT
Server: cloudflare
ETag: "d89746888da2d9510b64a9f031eaecd5"
Vary: Accept-Encoding
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7d5ac7369e50dac1-MIA
Content-Length: 42

GET
H/1.1 404
Not Found it.htm
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 27 KB
27 KB 156ms
155ms Image
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/it.htm
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Content-Encoding: gzip
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
CF-RAY: 7d5ac736dabd21df-MIA

GET
H/1.1 200
OK jquery-3.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 85 KB
30 KB 668ms
344ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/jquery-3.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:23 GMT
Server: cloudflare
ETag: W/"a09e13ee94d51c524b7e2a728c7d4039"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac72bb896ef2a-MIA

GET
H/1.1 200
OK scripts-responsive.js Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 8 KB
3 KB 799ms
256ms Script
text/javascript 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/scripts-responsive.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08c97b8e6d782987492706dc6ba7f136a455ca62d73632e883f7ed05806e6771

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 05 Jun 2023 12:27:24 GMT
Server: cloudflare
ETag: W/"27cfe6760478c75959a6e85a432ece39"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
CF-RAY: 7d5ac72d1c4b8dc6-MIA

GET
H/1.1 404
Not Found cri.txt
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 27 KB
27 KB 248ms
240ms Image
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/cri.txt
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Content-Encoding: gzip
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
CF-RAY: 7d5ac737290cef2a-MIA

GET
H/1.1 200
OK sync.gif
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 43 B
351 B 409ms
299ms Image
image/gif 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/sync.gif
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Last-Modified: Mon, 05 Jun 2023 12:27:24 GMT
Server: cloudflare
ETag: "df3e567d6f16d040326c7a0ea29a4f41"
Vary: Accept-Encoding
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7d5ac737dc1821df-MIA
Content-Length: 43

GET
H/1.1 404
Not Found cm.txt
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ 27 KB
27 KB 186ms
137ms Image
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/cm.txt
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Content-Encoding: gzip
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html
Connection: keep-alive
CF-RAY: 7d5ac7382b6d8dc6-MIA

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 281ms
120ms XHR
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 15:09:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 31 May 2023 13:09:50 GMT
server: nginx
etag: W/"6477471e-176eb"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 12 Jun 2023 15:09:56 GMT

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 442ms
82ms Preflight
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 11 Jun 2023 15:09:58 GMT
x-amz-apigw-id: GXCHBECboAMF85A=
x-amz-cf-id: 0gnfG9e7ilQdJsTau7lumXDhosXI0UKrsnrD9eZHDlKAdhcWpKcqGQ==
x-amz-cf-pop: EWR52-C1
x-amzn-requestid: 028eb9f3-4222-4108-b929-281e9bb396df

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 440ms
83ms Preflight
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 11 Jun 2023 15:09:58 GMT
x-amz-apigw-id: GXCHBEjyIAMFytg=
x-amz-cf-id: 6Iq1WC1eyXznSosV80Eu-iFK4_7HLwisrSb7fpJWKIa4oq59JWCsGg==
x-amz-cf-pop: EWR52-C1
x-amzn-requestid: 2c604d5a-cc9a-43a9-9040-1bdb4f711e58

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 4 KB
2 KB 463ms
117ms XHR
application/json 35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1686496197855

Requested by

Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

a9b1ab35ef0697a04ec63ca50b85b9895eb1778f0a13b400b0b22d9ed8128c0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-2-v044-0c4f193cc.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: bgzpVae3T+Y=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1216
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 338ms
89ms Script
application/x-javascript 2600:1400:9000:1a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/launch-46f715e51bac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:1a6::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 15:09:58 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Sun, 11 Jun 2023 16:09:58 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 387ms
138ms Script
application/x-javascript 2600:1400:9000:1a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/launch-46f715e51bac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:1a6::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 15:09:58 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Sun, 11 Jun 2023 16:09:58 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 338ms
89ms Script
application/x-javascript 2600:1400:9000:1a6::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/launch-46f715e51bac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:9000:1a6::1e80 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 15:09:58 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Sun, 11 Jun 2023 16:09:58 GMT

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
481 B 151ms
149ms XHR
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6bb552076fbe9015f28bcd29b1bad2d18f22e0977b4e6be013f2b8d172e99437

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 11 Jun 2023 15:09:58 GMT
x-amz-cf-pop: EWR52-C1
x-amzn-trace-id: Root=1-6485e3c6-23b2508074a46c5f671f68f3
x-amzn-requestid: 10cccfd0-3e2c-44f6-924c-d679671051f3
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
x-amz-apigw-id: GXCHCE76IAMFnIg=
content-length: 110
x-amz-cf-id: 5t65daMZr6keH22hr-XetH1FgZPmDH6netN2tLy-0E-cqjWKkr6dpg==
access-control-allow-headers: *

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
480 B 145ms
145ms XHR
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: dc966560adbe6011daf8ef8e9b15a82fe67865428b409ed99ff354fbbf91462e

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 11 Jun 2023 15:09:58 GMT
x-amz-cf-pop: EWR52-C1
x-amzn-trace-id: Root=1-6485e3c6-046c44ea12ea192176b07fc6
x-amzn-requestid: 72ee770a-5626-42ab-afca-6450519e9387
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
x-amz-apigw-id: GXCHCFUmoAMFg8A=
content-length: 110
x-amz-cf-id: s87z0XBQD7lRfn7p06UNSaKzvfnQh20k9LTSb13gbso_f2NUD1bRjQ==
access-control-allow-headers: *

GET
H2 200 prebid.js Show response
static.cimcontent.net/common-web-assets/ad-assets/prebid/ 217 KB
70 KB 327ms
66ms Script
application/javascript 2600:141b:13:7a0::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/vm-login-form-ad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a0::30d4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0504d7450b72fc5d0a63cb367b201667e792b35bd38a37f01002583ff826f60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: BALoLYjFSscdqPNtuDeC.igBQsqQ8Tr9
content-encoding: gzip
date: Sun, 11 Jun 2023 15:09:58 GMT
last-modified: Wed, 01 Sep 2021 16:28:16 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "7a495d9002d89d3c5e63ac7e274dbd44"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sm9rumn4O8PIswNZR9O1AE0zfwFZg5R7ndQZaANjmNvNnHpiNLZMgA==
content-length: 71285

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 235 KB
57 KB 267ms
76ms Script
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/vm-login-form-ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9420e56a22b664683ff574bc2a819744333f7a8feaad998b4c49a5a2d66a0647

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 14:25:02 GMT
content-encoding: gzip
via: 1.1 156336391961f724345f6534c674b6ea.cloudfront.net (CloudFront), 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
last-modified: Thu, 08 Jun 2023 19:47:45 GMT
server: AmazonS3
x-amz-cf-pop: IAD89-C3, JFK50-P3
age: 2697
x-amz-server-side-encryption: AES256
etag: W/"d0b9d816cec36bd9f5556c7b963d0257"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: IhFpnmbdUC0ZDVJxhDlVdkRHHLSMvAcRtqcuvSorDyEIt-6OKY3UZA==

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 100 KB
34 KB 131ms
34ms Script
application/javascript 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/vm-login-form-ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8d8d98bf03978db751f5ad59d041b9d234f0b6ceef68c76f7c57ba6cea4ebd1e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: Thu, 01 Jun 2023 14:24:51 GMT
Date: Sun, 11 Jun 2023 15:09:58 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 2687
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 34394
X-Served-By: cache-lga21942-LGA, cache-mia-kmia1760043-MIA
Last-Modified: Wed, 31 May 2023 14:24:47 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1686496198.392144,VS0,VE0
ETag: W/"647758af-18ee3"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 9737, 617

GET
H/1.1 200
OK 02f3f151-ea93-4dcf-8c65-49f397802fc0.jpeg
crcdn01.adnxs-simple.com/creative/p/7636/2021/9/6/28083631/ 149 KB
150 KB 578ms
347ms Image
image/jpeg 23.77.172.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/7636/2021/9/6/28083631/02f3f151-ea93-4dcf-8c65-49f397802fc0.jpeg
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.77.172.245 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-77-172-245.deploy.static.akamaitechnologies.com
Software: nginx/1.21.3 /
Resource Hash: 24bc64546aa0f74a0c159ac5255c55fdf7fdf861c4573bf3417971959789c053

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Sun, 11 Jun 2023 15:09:58 GMT
Last-Modified: Mon, 06 Sep 2021 20:22:04 GMT
Server: nginx/1.21.3
x-amz-request-id: b47e70e8-3478-42a4-a070-17b6384642e9
ETag: "082e2cd2d992428db1cb0c29295886f7"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Clv-Request-Id: b47e70e8-3478-42a4-a070-17b6384642e9
Cache-Control: max-age=3888000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 153043
X-Clv-S3-Version: 2.5
Expires: Wed, 26 Jul 2023 15:09:58 GMT

GET
H2 200 XfinityStandard-Medium.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 27 KB
27 KB 320ms
66ms Font
font/woff2 2600:141b:13:7a0::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/fonts-remote.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a0::30d4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
Origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: 6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
date: Sun, 11 Jun 2023 15:09:58 GMT
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "13709eac065721ba8cd0e2d1b6fa8026"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1592154
accept-ranges: bytes
content-length: 27152
x-amz-cf-id: fUQpBI5sB2TqmXwSxA0W6LbWNT2JUXt-ia1XKfyPTMftZ612H8RISw==

GET
H2 200 XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 26 KB
26 KB 394ms
142ms Font
font/woff2 2600:141b:13:7a0::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/fonts-remote.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a0::30d4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
Origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
date: Sun, 11 Jun 2023 15:09:58 GMT
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "e3e79cd377b28c1e7ffea64b194136cf"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1552086
accept-ranges: bytes
content-length: 26768
x-amz-cf-id: 7ji2rF2ID1b0u9s-BvY6hxw0Z7XRfwLB_kv6J-FK9IsbTxFWHBJoIw==

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
482 B 143ms
142ms XHR
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d20ba838f3431099722259e2b4a1ca78c5ca7b40df419bdc713aaa504a994d19

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 11 Jun 2023 15:09:58 GMT
x-amz-cf-pop: EWR52-C1
x-amzn-trace-id: Root=1-6485e3c6-14b2ddaf76970036028d1446
x-amzn-requestid: c65f7c1c-6ac0-4226-bfdb-dc584219c038
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
x-amz-apigw-id: GXCHCFULIAMFXcA=
content-length: 110
x-amz-cf-id: J7GC__S6rvDsN7xuzL8_IaROsTp_XnAIekVwLoU0zt9WpWZNn7nGyw==
access-control-allow-headers: *

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 416ms
92ms Preflight
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 11 Jun 2023 15:09:58 GMT
x-amz-apigw-id: GXCHBFkSIAMFXCA=
x-amz-cf-id: CDD-3rZzdneZV2AhD24LFjX_Mi5ghdYXFC2AQiqLVxYuyHNpvB2wiQ==
x-amz-cf-pop: EWR52-C1
x-amzn-requestid: 9aa11f17-1690-4e13-9181-440e0a3e8a8f

GET
DATA 200
OK truncated
/ 933 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 XfinityStandard-Light.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 27 KB
27 KB 320ms
140ms Font
font/woff2 2600:141b:13:7a0::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/fonts-remote.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:13:7a0::30d4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
Origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: wnCwOacXycelzt78IMkr55wWB9WkMd2W
date: Sun, 11 Jun 2023 15:09:58 GMT
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: "f05d3ebe80809d82ab14d62a79da544e"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1328758
accept-ranges: bytes
content-length: 27420
x-amz-cf-id: KpS8Spp3hb7soAiUaTCzkhQgN7EKFwwrPTOlEJcK2hTjKISVPAKofw==

GET
H/1.1 200
OK syncframe.htm Show response
pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/ Frame BA23 13 KB
5 KB 360ms
272ms Document
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/syncframe.htm
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06c7ec2af758f88f3376064ee1fa8aa6f756276358b147ca639aa33825ef936

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index.htm
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

CF-RAY: 7d5ac73669038dc6-MIA
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Sun, 11 Jun 2023 15:09:58 GMT
ETag: W/"765f7e4dcd38b874d532814dc6d8c568"
Last-Modified: Mon, 05 Jun 2023 12:27:24 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

POST
H2 400 cdb Show response
bidder.criteo.com/ 0
225 B 223ms
99ms XHR
text/plain 2620:100:a001::18
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=112&profileId=185&av=17&wv=2.26.0&cb=87671821916

Requested by

Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 11 Jun 2023 15:09:57 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0

POST
H2 204 v2 Show response
e.serverbid.com/api/ 0
208 B 478ms
67ms XHR
text/plain 159.89.246.130
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
date: Sun, 11 Jun 2023 15:09:58 GMT
access-control-allow-credentials: true
access-control-allow-headers: origin, content-type, accept
access-control-max-age: 10080
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 304 B
910 B 542ms
105ms XHR
application/json 2602:803:c002:200::52
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11648&site_id=248132&zone_id=1228140&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fpub-1a282a45be37473684116312dd030cbf.r2.dev%2Findex%2Findex.htm&tk_flint=pbjs_lite_v2.26.0&x_source.tid=ca223ad7-381d-4c19-a845-2987fa59c4f7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.23111518443048817
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ca659d129ec6140b8de99b47ce4d3053deb3e1cc514ff2e97faf7f2189e49a52

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:09:58 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 304
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
comcast-d.openx.net/w/1.0/ 173 B
603 B 154ms
58ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comcast-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fpub-1a282a45be37473684116312dd030cbf.r2.dev%2Findex%2Findex.htm&jr=&ch=windows-1252&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=ca223ad7-381d-4c19-a845-2987fa59c4f7&nocache=1686496198270&aus=300x600%2C300x250&divIds=ad-block&auid=540654279&
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a3d829bc246f3d79b72000d48aa4701cc08487bd698ef4c92e745373fe424663

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:09:58 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
330 B 79ms
78ms XHR
text/plain 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3338&u=https%3A%2F%2Fpub-1a282a45be37473684116312dd030cbf.r2.dev
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 09:40:57 GMT
via: 1.1 eb4c39562c3ea08ed99a3ec30c18db3c.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P3
age: 19741
x-cache: Hit from cloudfront
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: BeK_rYgI2TZwKIes0JQaWrwvm_EVTlpR2N4dleX8VG0BT_r89sLAQQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
484 B 464ms
94ms XHR
text/javascript 18.164.107.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3338&u=https%3A%2F%2Fpub-1a282a45be37473684116312dd030cbf.r2.dev%2Findex%2Findex.htm&pid=t5tFHOwHQFQ3p&cb=0&ws=1600x1200&v=23.605.2213&t=1500&slots=%5B%7B%22sd%22%3A%22ad-block%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.107.227 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-107-227.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 15:09:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c36b03c9737c294317e3651e77ee0c4a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: JFK50-P6
x-amz-rid: VDSEG6ZB9C11G1AMTSKA
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: oD_NAS-IgHXUTCmqXJHCA_LJ422Ei6qABrKHjtQsrSWNZxBH37f2oA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 269ms
107ms XHR
application/javascript 108.138.107.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-107-138.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 15:09:59 GMT
x-amz-version-id: Zm_tZQQ808JKRizBfXGgSN2OWn8Z6JUU
content-encoding: gzip
via: 1.1 44ffe5f6f95421818455d39547956aa4.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Fri, 26 May 2023 01:35:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: PlGloDixi7YEFCNjsTL-Qh69yRaqnLWqAHyALPjeBk_dMd7R_23OdA==

GET
H/1.1 200
OK dest5.html Show response
comcast.demdex.net/ Frame 2D29 7 KB
3 KB 569ms
112ms Document
text/html 52.35.195.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcast.demdex.net/dest5.html?d_nsid=0

Requested by

Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/launch-46f715e51bac.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.35.195.189 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-35-195-189.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-1-v044-0cb72ce4f.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: PcloG+MCQO0=
content-encoding: gzip
date: Sun, 11 Jun 2023 15:09:58 GMT
last-modified: Wed, 10 May 2023 10:46:23 GMT
vary: accept-encoding

GET
H2 200 id Show response
comcastcom.d1.sc.omtrdc.net/ 2 B
287 B 465ms
113ms XHR
application/x-javascript 63.140.36.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=40672533632648122613612372552170854013&ts=1686496198356

Requested by

Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-112.data.adobedc.net

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 11 Jun 2023 15:09:58 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 2
x-xss-protection: 1; mode=block

GET
H2 200 dna Show response
dnacdn.net/ Frame BA23 0
549 B 268ms
57ms Fetch 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dnacdn.net/dna

Requested by

Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/syncframe.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:09:58 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 340983
content-length: 0
expires: 0

GET
H2 200 newidsd Show response
ag.gbc.criteo.com/ Frame BA23 20 B
420 B 265ms
54ms Fetch
application/json 185.235.85.31
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ag.gbc.criteo.com/newidsd

Requested by

Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/syncframe.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.235.85.31 , France, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

31c81ec8db9b0a80b2e0cab5573b766ee30c6c38934415b67837b3ab4d1a0063

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:09:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 247534
expires: 0

GET
H2 200 newidsd Show response
gem.gbc.criteo.com/ Frame BA23 19 B
419 B 266ms
55ms Fetch
application/json 185.235.85.52
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gem.gbc.criteo.com/newidsd

Requested by

Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/syncframe.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.235.85.52 , France, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

45d1a08eb5c83ae4fb91a7d78cf0f2df1bdad5c6beeb2e7cae2913fec0a6afc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:09:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 135729
expires: 0

GET
H2 200 dna Show response
dnacdn.net/ Frame BA23 146 B
773 B 56ms
56ms Fetch
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://dnacdn.net/dna

Requested by

Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/syncframe.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

ed7e8e34aa9f94906a58009a77c54fea19c311bdad4e2f3e44a726b694f7ee1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:09:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 222197
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame BA23
Redirect Chain

https://gum.criteo.com/sid/json?origin=NA&domain=pub-1a282a45be37473684116312dd030cbf.r2.dev&sn=FirefoxSyncframe&so=0&topUrl=undefined&info=BvLE6F9RVFUzaE82Nm54dzhKZmEwNzQ1RWtBazVvN1ElMkJaNll4JTJCZ...
https://mug.criteo.com/sid?cpp=id-fVXxWWlByUThHNFBsYjc4aXNNRmFGLzNzVk05SW80dWlhQ1NRMnpzUld5cVhJblhCOHZQMlhBV1JkemJaaklwUi9VMXF3NEhHTExySlFiYnJ5UjQzOGhiNzRCNzdpRHhsTzF5aEdOc1IwSjlMamFwNFNkTTZLNGhSak...

332 B
609 B

175ms
56ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=id-fVXxWWlByUThHNFBsYjc4aXNNRmFGLzNzVk05SW80dWlhQ1NRMnpzUld5cVhJblhCOHZQMlhBV1JkemJaaklwUi9VMXF3NEhHTExySlFiYnJ5UjQzOGhiNzRCNzdpRHhsTzF5aEdOc1IwSjlMamFwNFNkTTZLNGhSakd3QUdjak1rRWNpWVNSQWMzTnFGczhodytXY1A3cnZGSmc0V0YxNkJ0b25iU2FXWXZNbnhXQ2hKaTV1NU9WcTg5M2hvUkx3ci9MT0o4bXptelRTRXVBdFF4aVJrQ2JzMCtuU2szcmliNG95czZpMkIzeDE0RW8vVFdxd0d0SVUzOGxwalU2eUpYQ2E0OW5MREx4ZXBLWHVUYXpMeHdEa3R3bWxrQjB0VWhaRUtnOTEyVUI0TT18&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

72c2adbfe5fdd690a79eb6cc1b2089193bb7b0f493a2eefdfc88021bd6ca0239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:09:59 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 612817
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:09:59 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
access-control-allow-origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
location: https://mug.criteo.com/sid?cpp=id-fVXxWWlByUThHNFBsYjc4aXNNRmFGLzNzVk05SW80dWlhQ1NRMnpzUld5cVhJblhCOHZQMlhBV1JkemJaaklwUi9VMXF3NEhHTExySlFiYnJ5UjQzOGhiNzRCNzdpRHhsTzF5aEdOc1IwSjlMamFwNFNkTTZLNGhSakd3QUdjak1rRWNpWVNSQWMzTnFGczhodytXY1A3cnZGSmc0V0YxNkJ0b25iU2FXWXZNbnhXQ2hKaTV1NU9WcTg5M2hvUkx3ci9MT0o4bXptelRTRXVBdFF4aVJrQ2JzMCtuU2szcmliNG95czZpMkIzeDE0RW8vVFdxd0d0SVUzOGxwalU2eUpYQ2E0OW5MREx4ZXBLWHVUYXpMeHdEa3R3bWxrQjB0VWhaRUtnOTEyVUI0TT18&cppv=2
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 628286
content-length: 0
expires: 0

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 119ms
119ms Preflight
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 11 Jun 2023 15:09:58 GMT
x-amz-apigw-id: GXCHIEa_oAMF_1g=
x-amz-cf-id: LxseTBoAoI__oeylR0FrXKutWVFBst12P4GQOefuOHlH12m1EuUWhg==
x-amz-cf-pop: EWR52-C1
x-amzn-requestid: 83064018-5f6b-43f7-a81b-3a6ad673725d

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
482 B 133ms
122ms XHR
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09e6620c2d3701f8ee2c6c64dc740271b956f6c0da353dde0795273e9179cee3

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 11 Jun 2023 15:09:59 GMT
x-amz-cf-pop: EWR52-C1
x-amzn-trace-id: Root=1-6485e3c7-54398bec79389f43052c3fad
x-amzn-requestid: cb6143ca-e6b5-49a9-a82b-ecfa9467c805
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
x-amz-apigw-id: GXCHKERToAMFv-w=
content-length: 110
x-amz-cf-id: N-lE67td9iPWPIjizarHPHgnEGhysLHtk9Y0rSU__9Jusg7p4TIq7Q==
access-control-allow-headers: *

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
482 B 239ms
228ms XHR
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fefb1351eb349d82eec2460ce3c10a8c93517bea778be3f33835a412ab9dc4f0

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 11 Jun 2023 15:09:59 GMT
x-amz-cf-pop: EWR52-C1
x-amzn-trace-id: Root=1-6485e3c7-72fcfe56679d4cda7d818659
x-amzn-requestid: 3681d686-638d-4d41-b2fc-8ad57ba6cc72
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
x-amz-apigw-id: GXCHKG4ooAMF4vA=
content-length: 110
x-amz-cf-id: TXaPLzYKYrjeUZJxnePYQw7mSFJtGTmg0XZ1V3Ugnb_yGfchJq3xZQ==
access-control-allow-headers: *

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
481 B 238ms
228ms XHR
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: pub-1a282a45be37473684116312dd030cbf.r2.dev
URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 704d9345317b525bca07c2d4521bdd998de077a804fb2d458f109a7556f2db38

Request headers

Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 11 Jun 2023 15:09:59 GMT
x-amz-cf-pop: EWR52-C1
x-amzn-trace-id: Root=1-6485e3c7-37f85d3a0e05fd306355694b
x-amzn-requestid: 1ceace9b-5faa-4aaa-8293-43232a0bc577
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
x-amz-apigw-id: GXCHKF8fIAMFmHA=
content-length: 110
x-amz-cf-id: ngKhdcOQMQ5Ontzm51EGoNMXrntQ7O9Oz4-GYH1cAoAjCDJ5IQTOFQ==
access-control-allow-headers: *

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=214990604544007865866
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=40520259984296694423633209718763612890
https://dpm.demdex.net/ibs:dpid=21&dpuuid=214990604544007865866

42 B
942 B

235ms
114ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=214990604544007865866

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-073b76052.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: P1Df+5gTTSw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:09:59 GMT
via: 1.1 ea450411fc852f7d373f7efbe784dd74.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=214990604544007865866
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id: 6H8irv4nudn3rt-En8Lp9Y3f51BeePR74SvNWB5BSIYuzFpcjUBt1Q==
expires: 0

GET
H/1.1

200
OK

ibs:dpid=359&dpuuid=1vncY2361Q8mHB5
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
https://dpm.demdex.net/ibs:dpid=359&dpuuid=1vncY2361Q8mHB5

42 B
943 B

325ms
136ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=359&dpuuid=1vncY2361Q8mHB5

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-0d7c1a88b.edge-usw2.demdex.com 25 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: eupFQt8+QaU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 15:09:59 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-778-gc59cb35#rel-ec2-master i-07906ee320dd958f3@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://dpm.demdex.net/ibs:dpid=359&dpuuid=1vncY2361Q8mHB5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=73c44d0cfe8a561e3de77ffa4f25045fe8d54ae4f0169720f2cda0fa7d5f379fb0da87c991749652
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=40520259984296694423633209718763612890
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNDA1MjAyNTk5ODQyOTY2OTQ0MjM2MzMyMDk3MTg3NjM2MTI4OTAQABoNCMfHl6QGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=73c44d0cfe8a561e3de77ffa4f25045fe8d54ae4f0169720f2cda0fa7d5f379fb0da87c991749652

42 B
942 B

266ms
113ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=73c44d0cfe8a561e3de77ffa4f25045fe8d54ae4f0169720f2cda0fa7d5f379fb0da87c991749652

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-0d21ea343.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: RIa9ww26QTE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Sun, 11 Jun 2023 15:09:59 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=73c44d0cfe8a561e3de77ffa4f25045fe8d54ae4f0169720f2cda0fa7d5f379fb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=2784250317573254986
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=2784250317573254986

42 B
942 B

256ms
119ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=2784250317573254986

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-068c8cee6.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: UUvhIJP1TvU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Sun, 11 Jun 2023 15:09:59 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 38.132.118.69; 38.132.118.69; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 474c9664-7006-4aab-b856-222ede8e73f4
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=2784250317573254986
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=2589063383687740355
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2589063383687740355

42 B
942 B

125ms
124ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=2589063383687740355

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-015bfbc2f.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: UamrFBs/QmQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=2589063383687740355
pragma: no-cache
date: Sun, 11 Jun 2023 15:09:58 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEDa278qbrSxROkII_QKUPz4&google_cver=1
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDA1MjAyNTk5ODQyOTY2OTQ0MjM2MzMyMDk3MTg3NjM2MTI4OTA=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NDA1MjAyNTk5ODQyOTY2OTQ0MjM2MzMyMDk3MTg3NjM2MTI4OTA=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDa278qbrSxROkII_QKUPz4&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

263ms
118ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDa278qbrSxROkII_QKUPz4&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-0a85e5e5e.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rpwlVZGdQFo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:10:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDa278qbrSxROkII_QKUPz4&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 2D29 43 B
393 B 282ms
56ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=40520259984296694423633209718763612890&p_id=38594

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-response-time: 6
date: Sun, 11 Jun 2023 15:09:59 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: 8c9e6d0fde32fe59
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: cbf99316c622acfda01bfbd310ef6955a3a1454bae31a178d993fd411aed3d70
content-length: 43

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 107ms
107ms Preflight
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 11 Jun 2023 15:09:59 GMT
x-amz-apigw-id: GXCHJGpEIAMFyFA=
x-amz-cf-id: u9kbpF3yb8V894sj6wK2luoTBNxQ1gAEJB6LZR4upTOL5vywdhwAUw==
x-amz-cf-pop: EWR52-C1
x-amzn-requestid: 9c246e63-fecc-4771-b639-39481bab50a7

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 105ms
105ms Preflight
application/json 2600:1400:d:588::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1400:d:588::2c06 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://pub-1a282a45be37473684116312dd030cbf.r2.dev
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sun, 11 Jun 2023 15:09:59 GMT
x-amz-apigw-id: GXCHJE_7IAMFmNw=
x-amz-cf-id: NVLvZwNbgUiOPzatBjBHY-I8_0b1Vl2E5HwVOtLxzFV0DiMoyBCBBw==
x-amz-cf-pop: EWR52-C1
x-amzn-requestid: c4aba632-864d-4927-a962-9cbdde66c0b2

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=37c29fd2-bff5-406e-b02c-2b60567c088c
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=pub-1a282a45be37473684116312dd030cbf.r2.dev&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=pub-1a282a45be37473684116312dd030cbf.r2.dev&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=37c29fd2-bff5-406e-b02c-2b60567c088c

42 B
942 B

278ms
117ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=37c29fd2-bff5-406e-b02c-2b60567c088c

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-04d37bd1e.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2DVSVfAcQcA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=37c29fd2-bff5-406e-b02c-2b60567c088c
date: Sun, 11 Jun 2023 15:10:00 GMT
server: Kestrel
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=230775705FB56BE72C9A665D5E0B6AC6
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://c.bing.com/c.gif?uid=40520259984296694423633209718763612890&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=230775705FB56BE72C9A665D5E0B6AC6

42 B
942 B

260ms
116ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=230775705FB56BE72C9A665D5E0B6AC6

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-0345d2901.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fym0BcsZQMA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:09:59 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64AE64506B554DF18A68F2F0FE03D943 Ref B: MIAEDGE1708 Ref C: 2023-06-11T15:10:00Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=230775705FB56BE72C9A665D5E0B6AC6
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=3047&dpuuid=5640726B8FA321&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5640726B8FA321&gdpr=0&gdpr_consent=

42 B
942 B

115ms
115ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5640726B8FA321&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-0f0a95fbc.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: vqs9qAjCQp0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 15:10:00 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app17.ash11
Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5640726B8FA321&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Sun, 11 Jun 2023 15:10:00 GMT

GET match.gif
match.rundsp.com/ Frame 2D29 0
0

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=40520259984296694423633209718763612890&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=40520259984296694423633209718763612890&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-0bwcn5xE2pE1tKqmJZLlgeh0eGyB4ctqZ70-~A

42 B
942 B

158ms
158ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-0bwcn5xE2pE1tKqmJZLlgeh0eGyB4ctqZ70-~A

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-0a4684eb2.edge-usw2.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zuOI4xY5RqQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-0bwcn5xE2pE1tKqmJZLlgeh0eGyB4ctqZ70-~A
date: Sun, 11 Jun 2023 15:10:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ibs:dpid=80742&dpuuid=767a1615-508e-4c78-8234-968cfcdc8950
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://ag.innovid.com/dv/sync?tid=6
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=767a1615-508e-4c78-8234-968cfcdc8950

42 B
942 B

116ms
116ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=80742&dpuuid=767a1615-508e-4c78-8234-968cfcdc8950

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-0fcbb3a0d.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 52Hm3AZ5QZ8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=80742&dpuuid=767a1615-508e-4c78-8234-968cfcdc8950
date: Sun, 11 Jun 2023 15:10:01 GMT
content-length: 0
request-time: 0

GET
H/1.1

200
OK

ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

42 B
960 B

114ms
114ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-05eab78bc.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: YKk4s45UTfM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:10:00 GMT
via: 1.1 1abf103face183cd8172f37e6ac30038.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location: https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control: private, max-age=0, no-cache
x-envoy-upstream-service-time: 0
content-length: 0
x-amz-cf-id: pDrpUqp_tGNBZK8hKc0w206xSclcImma5dlQ5hMuljlDWd5aUPh2JA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=175765&dpuuid=78d1b9fc11acb1021b0460b17f73576a
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=78d1b9fc11acb1021b0460b17f73576a

42 B
942 B

113ms
112ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=175765&dpuuid=78d1b9fc11acb1021b0460b17f73576a

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-0d7c1a88b.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: D6zHe+oBTZQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Sun, 11 Jun 2023 15:10:00 GMT
X-Clacks-Overhead: GNU Terry Pratchett
X-Adswizz-request-id: 099920d0-086a-11ee-a893-02d55eaa893b
Instance-id: i-0abfdb9a896d26b91
Location: https://dpm.demdex.net/ibs:dpid=175765&dpuuid=78d1b9fc11acb1021b0460b17f73576a
Connection: keep-alive
Content-Length: 0
X-Application-Context: application:production

GET
H/1.1

200
OK

ibs:dpid=275754&dpuuid=AACeX07JC8gAACAcTLZiog
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AACeX07JC8gAACAcTLZiog?gdpr=0

42 B
942 B

121ms
118ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AACeX07JC8gAACAcTLZiog?gdpr=0

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-0c4f193cc.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: mHfjuJJPT5o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AACeX07JC8gAACAcTLZiog?gdpr=0
Date: Sun, 11 Jun 2023 15:10:01 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 2D29
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
https://dpm.demdex.net/ibs:dpid=139200&dpuuid=7i5L8jsnQEymJLo3GcAlWA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=40520259984296694423633209718763612890

43 B
479 B

67ms
67ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=40520259984296694423633209718763612890

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 11 Jun 2023 15:10:01 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: RVY1J10M82HQS130XJCM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-usw2-1-v044-0b9d15273.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: qwk+AbKfROw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=40520259984296694423633209718763612890
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=127444&dpuuid=df1d2b3f-dc16-4f07-bd75-e41275716d68
dpm.demdex.net/ Frame 2D29
Redirect Chain

https://i.liadm.com/s/30576?bidder_id=82775&bidder_uuid=40520259984296694423633209718763612890
https://i.liadm.com/s/30576?bidder_id=82775&bidder_uuid=40520259984296694423633209718763612890&_li_chk=true&previous_uuid=df1d2b3fdc164f07bd75e41275716d68
https://dpm.demdex.net/ibs:dpid=127444&dpuuid=df1d2b3f-dc16-4f07-bd75-e41275716d68

42 B
942 B

122ms
118ms

Image
image/gif

35.85.195.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=df1d2b3f-dc16-4f07-bd75-e41275716d68

Protocol

HTTP/1.1

Server

35.85.195.233 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-85-195-233.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-0217fc91b.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 3r5lZqnuRhs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=127444&dpuuid=df1d2b3f-dc16-4f07-bd75-e41275716d68
Date: Sun, 11 Jun 2023 15:10:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://us-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIzueU7w9kR3jsNrgrelGN0&google_cver=1

43 B
105 B

53ms
52ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIzueU7w9kR3jsNrgrelGN0&google_cver=1
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:10:02 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Jun 2023 15:10:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIzueU7w9kR3jsNrgrelGN0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
366 B 170ms
58ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 15:10:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 05 Jun 2024 15:10:02 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
365 B 178ms
66ms Image
image/gif 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Sun, 11 Jun 2023 15:10:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Wed, 05 Jun 2024 15:10:02 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.rundsp.com
URL: https://match.rundsp.com/match.gif?id=40520259984296694423633209718763612890&partner=adobe

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 13:11:28	Name: _li_ss Value: CgA
.demdex.net/	1970-01-20 16:47:28	Name: demdex Value: 40520259984296694423633209718763612890
.pub-1a282a45be37473684116312dd030cbf.r2.dev/	1969-12-31 23:59:59	Name: AMCVS_DA11332E5321D0550A490D45%40AdobeOrg Value: 1
.openx.net/	1970-01-20 21:13:52	Name: i Value: 6f63da7c-6adf-0650-1ba0-ec470f7e33d6\|1686496198
.rubiconproject.com/	1970-01-20 21:13:52	Name: khaos Value: LIRKAJCX-11-784
.rubiconproject.com/	1970-01-20 21:13:52	Name: audit Value: 1\|mFVHqHkj5bHT/cNbl8xbsKS5Bv7H1ouoxdnNVF8ci15XKMLmOqJbABisTwHuFgBh3k5arwpLfGTUHlP2mjPRBrZrkU1NcqjFoq6sfugSyPu847P9l9GEfs6Z+UR3NOT35tKmiJfNJ4uyqVI1k5poNA==
.dnacdn.net/	1970-01-20 21:49:52	Name: browser_data Value: BvLE6F9RVFUzaE82Nm54dzhKZmEwNzQ1RWtBazVvN1ElMkJaNll4JTJCZmt5cWtTWDhtNVNnOGpQT2J2VGdXU1k5WUlGQmJyWWxTWEpBVkl5cFVxSnprZVk4UVpWcHclM0QlM0Q
.pub-1a282a45be37473684116312dd030cbf.r2.dev/	1970-01-20 22:04:16	Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19520%7CMCMID%7C40672533632648122613612372552170854013%7CMCAAMLH-1687100998%7C9%7CMCAAMB-1687100998%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1686503398s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.turn.com/	1970-01-20 16:47:28	Name: uid Value: 2589063383687740355
.adnxs.com/	1970-01-20 14:37:52	Name: uuid2 Value: 2784250317573254986
.agkn.com/	1970-01-20 21:13:52	Name: ab Value: 0001%3A3Vs3N4rpwtdsZIV6O%2F8enRH2tr1vD6AI
.rlcdn.com/	1970-01-20 21:13:52	Name: rlas3 Value: V3t7wmTakAhrBroMckLh3u3pjge6XE9BXf/xfUN9tNs=
.w55c.net/	1970-01-20 21:58:30	Name: wfivefivec Value: 1vncY2361Q8mHB5
.twitter.com/	1970-01-20 22:04:16	Name: personalization_id Value: "v1_8b4ZhEVbiKFvP9L6WfmnCQ=="
.rlcdn.com/	1970-01-20 13:54:40	Name: pxrc Value: CMfHl6QGEgUI6AcQABIGCPHrARAA
.w55c.net/	1970-01-20 13:11:28	Name: matchdmx Value: 5
.dpm.demdex.net/	1970-01-20 16:47:28	Name: dpm Value: 40520259984296694423633209718763612890
.adsrvr.org/	1970-01-20 21:15:18	Name: TDID Value: 37c29fd2-bff5-406e-b02c-2b60567c088c
.bing.com/	1970-01-20 21:49:52	Name: MUID Value: 230775705FB56BE72C9A665D5E0B6AC6
.c.bing.com/	1970-01-20 12:38:21	Name: MR Value: 0
.adsrvr.org/	1970-01-20 21:15:18	Name: TDCPM Value: CAESEgoDYWFtEgsIuqy00_6l9TsQBRgFIAEoAjILCMq43v-UpvU7EAU4AQ..
.doubleclick.net/	1970-01-20 22:04:16	Name: IDE Value: AHWqTUm7y0_Zu4e2MyPbCqHdqYsy3qZ5__ckKmAhK85YBUjfATVY3s9x8OqJ_zVN3-0
.flashtalking.com/	1970-01-20 22:04:16	Name: flashtalkingad1 Value: "GUID=5640726B8FA321"
.yahoo.com/	1970-01-20 21:14:13	Name: A3 Value: d=AQABBMjjhWQCEBf1oQBgoFkiUmygF1TLLgkFEgEBAQE1h2SPZNxH0iMA_eMAAA&S=AQAAAqzap3Lj3aQivOYdRPvt_gM
.demdex.net/	1970-01-20 16:47:28	Name: dextp Value: 21-1-1686496198976\|359-1-1686496199100\|60-1-1686496199225\|358-1-1686496199330\|470-1-1686496199432\|477-1-1686496199534\|771-1-1686496199636\|1123-1-1686496199737\|903-1-1686496199839\|1957-1-1686496199941\|3047-1-1686496200048\|13870-1-1686496200157\|30646-1-1686496200258\|80742-1-1686496200359\|152416-1-1686496200461\|175765-1-1686496200598\|275754-1-1686496200700\|139200-1-1686496200813\|127444-1-1686496200914
.innovid.com/	1970-01-20 14:37:52	Name: uuid Value: 767a1615-508e-4c78-8234-968cfcdc8950-20230611 11:10:01
.analytics.yahoo.com/	1970-01-20 21:13:52	Name: IDSYNC Value: 19cu~2c5r
.liadm.com/	1970-01-20 22:04:16	Name: lidid Value: df1d2b3f-dc16-4f07-bd75-e41275716d68
.bidr.io/	1970-01-20 21:56:49	Name: bito Value: AACeX07JC8gAACAcTLZiog
.bidr.io/	1970-01-20 21:56:49	Name: bitoIsSecure Value: ok
.amazon-adsystem.com/	1970-01-20 17:22:01	Name: ad-id Value: AxHDhG6f30SchzEoQYlLhmk
.amazon-adsystem.com/	1970-01-20 22:04:16	Name: ad-privacy Value: 0
.undertone.com/	1970-01-20 21:13:52	Name: UTID Value: 94ab97ad303b4cf68737b46be9a82975
.undertone.com/	1970-01-20 21:13:52	Name: UTID_ENC Value: 8suxcc9yiueotjkh23l72irg5
.openx.net/	1970-01-20 12:49:52	Name: pd Value: v2\|1686496201\|gy

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/it.htm Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://bidder.criteo.com/cdb?ptv=112&profileId=185&av=17&wv=2.26.0&cb=87671821916 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/cri.txt Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-1a282a45be37473684116312dd030cbf.r2.dev/index/index_files/cm.txt Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://match.rundsp.com/match.gif?id=40520259984296694423633209718763612890&partner=adobe Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
aax.amazon-adsystem.com
acdn.adnxs.com
ads.undertone.com
ag.gbc.criteo.com
ag.innovid.com
analytics.twitter.com
assets.adobedtm.com
bidder.criteo.com
c.amazon-adsystem.com
c.bing.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
comcast-d.openx.net
comcast.demdex.net
comcastcom.d1.sc.omtrdc.net
crcdn01.adnxs-simple.com
d.turn.com
dl.cws.xfinity.com
dnacdn.net
dpm.demdex.net
e.serverbid.com
evt.undertone.com
fastlane.rubiconproject.com
gem.gbc.criteo.com
gum.criteo.com
i.liadm.com
ib.adnxs.com
idsync.rlcdn.com
match.adsrvr.org
match.prod.bidr.io
match.rundsp.com
mug.criteo.com
pm.w55c.net
pub-1a282a45be37473684116312dd030cbf.r2.dev
s.amazon-adsystem.com
servedby.flashtalking.com
static.cimcontent.net
static.criteo.net
synchroscript.deliveryengine.adswizz.com
ups.analytics.yahoo.com
us-u.openx.net
match.rundsp.com
104.18.3.35
104.244.42.195
108.138.107.138
108.138.128.39
13.225.214.90
142.251.41.2
151.101.129.108
159.89.246.130
18.164.107.227
18.164.96.91
185.235.85.31
185.235.85.52
23.213.49.243
23.77.172.245
2600:1400:9000:1a6::1e80
2600:1400:d:588::2c06
2600:141b:13:7a0::30d4
2600:1f18:445b:903:dec7:71c:8a6:f123
2602:803:c002:200::52
2606:4700::6812:323
2620:100:a001::18
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::23
2620:1ec:c11::200
3.217.144.211
3.225.218.10
3.248.152.94
34.236.99.3
35.190.60.146
35.244.159.8
35.71.131.137
35.85.195.233
44.216.109.127
52.35.195.189
52.46.155.104
63.140.36.112
68.67.179.166
74.119.119.139
76.13.32.147
032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08c97b8e6d782987492706dc6ba7f136a455ca62d73632e883f7ed05806e6771
09e6620c2d3701f8ee2c6c64dc740271b956f6c0da353dde0795273e9179cee3
1198fb95336f488f50bf7bdca1737d2b958e7c756976a663a447c872deb76946
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
1465ea73b9db4601cda29c323ea3eea1fc28337bd2c5193154c9ecbd7bf38bbb
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
24bc64546aa0f74a0c159ac5255c55fdf7fdf861c4573bf3417971959789c053
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
31c81ec8db9b0a80b2e0cab5573b766ee30c6c38934415b67837b3ab4d1a0063
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45d1a08eb5c83ae4fb91a7d78cf0f2df1bdad5c6beeb2e7cae2913fec0a6afc6
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
570a6631252b8a52df4de0e953ae77dbdf524dfc3637cda2840494a0d2b49499
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5
59de4349e46a840aee96c8a802c20d53947d9d129611ab75b375064d535d35cc
6bb552076fbe9015f28bcd29b1bad2d18f22e0977b4e6be013f2b8d172e99437
704d9345317b525bca07c2d4521bdd998de077a804fb2d458f109a7556f2db38
72c2adbfe5fdd690a79eb6cc1b2089193bb7b0f493a2eefdfc88021bd6ca0239
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8d8d98bf03978db751f5ad59d041b9d234f0b6ceef68c76f7c57ba6cea4ebd1e
9420e56a22b664683ff574bc2a819744333f7a8feaad998b4c49a5a2d66a0647
9b34825eb68ebbe49410251b863c07e811c9e406286c7a8f00f88e83d9729c68
a3d829bc246f3d79b72000d48aa4701cc08487bd698ef4c92e745373fe424663
a71bad4d04d7358f86c292779d4194cc5c21afbf42fa742d153b1490bb1f5e2b
a9b1ab35ef0697a04ec63ca50b85b9895eb1778f0a13b400b0b22d9ed8128c0e
ab31816aa0fa561765323e1ffee2f48db4c5c406282a68416b1264c18fa629c8
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc82310d2b82f3aa74a269e8f679359bda827c649adb41486fd1af268a026ac1
bca2ccdd5846d54ff24d04393a9d6ce0b5d60a91814e7bd2755b03059ed98c2e
c0504d7450b72fc5d0a63cb367b201667e792b35bd38a37f01002583ff826f60
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
ca659d129ec6140b8de99b47ce4d3053deb3e1cc514ff2e97faf7f2189e49a52
d06c7ec2af758f88f3376064ee1fa8aa6f756276358b147ca639aa33825ef936
d20ba838f3431099722259e2b4a1ca78c5ca7b40df419bdc713aaa504a994d19
d5ede2b7c47228abab954649f7e61ed257760887ec78994c6d5d5ed2e9895140
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dc966560adbe6011daf8ef8e9b15a82fe67865428b409ed99ff354fbbf91462e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
ecff72cf54fbf99faae120af7044c9f1d1e142a1c82a24eaff789c5176fd5e3a
ed7e8e34aa9f94906a58009a77c54fea19c311bdad4e2f3e44a726b694f7ee1a
ee2d85bfd16ce85b6d9392c6c91d717b9f31be7ea5dafb0ea2abb8a143620867
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a
fefb1351eb349d82eec2460ce3c10a8c93517bea778be3f33835a412ab9dc4f0

pub-1a282a45be37473684116312dd030cbf.r2.dev Open in urlscan Pro 2606:4700::6812:323 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

84 Requests

77 %HTTPS

28 %IPv6

31 Domains

42 Subdomains

23 IPs

4 Countries

1133 kBTransfer

2421 kBSize

35 Cookies

11 Outgoing links

Redirected requests

84 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pub-1a282a45be37473684116312dd030cbf.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

84
Requests

77 %
HTTPS

28 %
IPv6

31
Domains

42
Subdomains

23
IPs

4
Countries

1133 kB
Transfer

2421 kB
Size

35
Cookies

84 HTTP transactions
2 data transactions