bsaero.space Open in urlscan Pro
103.118.32.38 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bsaero.space/cq/cas/login.php?r=comcast.net&s=oauth&continue=https://oauth.xfinity.com/oauth/authorize?client...
Submission: On March 06 via automatic, source openphish (March 6th 2021, 1:40:33 pm UTC)

Summary HTTP 70 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 30 domains to perform 70 HTTP transactions. The main IP is 103.118.32.38, located in Brisbane, Australia and belongs to TECHPATH-AS-AP TechPath Pty Ltd, AU. The main domain is bsaero.space.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 1st 2021. Valid for: 3 months.

This is the only time bsaero.space was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1	103.118.32.38 103.118.32.38	58868 (TECHPATH-...) (TECHPATH-AS-AP TechPath Pty Ltd)
6	2001:558:fe21... 2001:558:fe21:38:162:150:57:167	7922 (COMCAST-7922) (COMCAST-7922)
5	2a02:26f0:6c0... 2a02:26f0:6c00:2be::30d4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
1	2607:ae80:5::49 2607:ae80:5::49	26558 (FREEWHEEL) (FREEWHEEL)
1 13	54.195.23.91 54.195.23.91	16509 (AMAZON-02) (AMAZON-02)
12	2a02:26f0:6c0... 2a02:26f0:6c00:295::2c06	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	65.9.24.128 65.9.24.128	16509 (AMAZON-02) (AMAZON-02)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1	134.209.129.254 134.209.129.254	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.228.36.34 54.228.36.34	16509 (AMAZON-02) (AMAZON-02)
2	15.237.136.106 15.237.136.106	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.51.10.56 184.51.10.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.51.9.18 184.51.9.18	16625 (AKAMAI-AS) (AKAMAI-AS)
4	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 1	52.58.248.2 52.58.248.2	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
2 2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2 2	52.49.114.167 52.49.114.167	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:b538:d7a2:ecd1:cf51	16509 (AMAZON-02) (AMAZON-02)
1 1	34.246.45.184 34.246.45.184	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.70.9 52.214.70.9	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
70	28

1 103.118.32.38 (Brisbane, Australia)

ASN58868 (TECHPATH-AS-AP TechPath Pty Ltd, AU)

bsaero.space	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2001:558:fe21:38:162:150:57:167 (United States)

ASN7922 (COMCAST-7922, US)

login.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:2be::30d4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.cimcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:ae80:5::49 (United States)

ASN26558 (FREEWHEEL, US)

7468.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 54.195.23.91 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

xfinitydigital.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:6c00:295::2c06 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dl.cws.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:299::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.24.128 (Orlando, United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.129.254 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

comcast-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.228.36.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-36-34.eu-west-1.compute.amazonaws.com

comcast.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.237.136.106 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

comcastcom.d1.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.89 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.10.56 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-56.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.51.9.18 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-18.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
crcdn01.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ams1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.248.2 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-248-2.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.114.167 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)

match.rundsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:b538:d7a2:ecd1:cf51 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.45.184 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

synchroscript.deliveryengine.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.70.9 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-70-9.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	xfinity.com login.xfinity.com dl.cws.xfinity.com	154 KB
14	demdex.net 1 redirects xfinitydigital.demdex.net dpm.demdex.net comcast.demdex.net	16 KB
9	adnxs.com 1 redirects acdn.adnxs.com ib.adnxs.com cdn.adnxs.com crcdn01.adnxs.com ams1-ib.adnxs.com	111 KB
5	cimcontent.net static.cimcontent.net	322 KB
4	adobedtm.com assets.adobedtm.com	84 KB
3	rlcdn.com 2 redirects idsync.rlcdn.com	1 KB
3	doubleclick.net 3 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	1 KB
3	openx.net 1 redirects comcast-d.openx.net eu-u.openx.net us-u.openx.net	1011 B
3	amazon-adsystem.com c.amazon-adsystem.com	35 KB
2	criteo.net static.criteo.net	51 KB
2	bidr.io 2 redirects match.prod.bidr.io	999 B
2	adsrvr.org 2 redirects match.adsrvr.org	935 B
2	omtrdc.net comcastcom.d1.sc.omtrdc.net	4 KB
2	criteo.com bidder.criteo.com gum.criteo.com	292 B
1	adswizz.com 1 redirects synchroscript.deliveryengine.adswizz.com	519 B
1	innovid.com 1 redirects ag.innovid.com	246 B
1	rundsp.com match.rundsp.com	41 B
1	flashtalking.com servedby.flashtalking.com
1	bing.com 1 redirects c.bing.com	390 B
1	twitter.com analytics.twitter.com	574 B
1	turn.com 1 redirects d.turn.com	402 B
1	agkn.com 1 redirects aa.agkn.com	330 B
1	google.de www.google.de	108 B
1	google.com 1 redirects www.google.com	142 B
1	moatads.com z.moatads.com	253 B
1	rubiconproject.com fastlane.rubiconproject.com	2 KB
1	serverbid.com e.serverbid.com	166 B
1	fwmrm.net 7468.v.fwmrm.net	361 B
1	webcontentassessor.com scripts.webcontentassessor.com	32 KB
1	bsaero.space bsaero.space	14 KB
70	30

	Domain	Requested by
12	dl.cws.xfinity.com	login.xfinity.com
11	dpm.demdex.net	login.xfinity.com
6	login.xfinity.com	bsaero.space
5	static.cimcontent.net	bsaero.space login.xfinity.com
4	ams1-ib.adnxs.com	scripts.webcontentassessor.com cdn.adnxs.com
4	assets.adobedtm.com	static.cimcontent.net assets.adobedtm.com
3	idsync.rlcdn.com	2 redirects comcast.demdex.net
3	c.amazon-adsystem.com	login.xfinity.com
2	static.criteo.net	static.cimcontent.net login.xfinity.com
2	match.prod.bidr.io	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	ib.adnxs.com	1 redirects login.xfinity.com
2	comcastcom.d1.sc.omtrdc.net	login.xfinity.com assets.adobedtm.com
2	xfinitydigital.demdex.net	1 redirects bsaero.space
1	us-u.openx.net
1	eu-u.openx.net	1 redirects
1	gum.criteo.com	static.criteo.net
1	synchroscript.deliveryengine.adswizz.com	1 redirects
1	ag.innovid.com	1 redirects
1	match.rundsp.com
1	servedby.flashtalking.com
1	c.bing.com	1 redirects
1	analytics.twitter.com
1	d.turn.com	1 redirects
1	aa.agkn.com	1 redirects
1	www.google.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	crcdn01.adnxs.com	scripts.webcontentassessor.com
1	cdn.adnxs.com	scripts.webcontentassessor.com
1	z.moatads.com	scripts.webcontentassessor.com
1	comcast.demdex.net	assets.adobedtm.com
1	fastlane.rubiconproject.com	login.xfinity.com
1	bidder.criteo.com	login.xfinity.com
1	comcast-d.openx.net	login.xfinity.com
1	e.serverbid.com	login.xfinity.com
1	acdn.adnxs.com	login.xfinity.com
1	7468.v.fwmrm.net	bsaero.space
1	scripts.webcontentassessor.com	bsaero.space
1	bsaero.space
70	41

This site contains links to these domains. Also see Links.

Domain
www.comcast.net
www.surveymonkey.com
idm.xfinity.com
customer.xfinity.com
my.xfinity.com
xfinity.comcast.net
www.xfinity.com

Subject Issuer	Validity	Valid
bsaero.space cPanel, Inc. Certification Authority	`2021-02-01` - `2021-05-02`	3 months	crt.sh
*.identity.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2020-10-02` - `2021-10-02`	a year	crt.sh
static.cimcontent.net COMODO RSA Organization Validation Secure Server CA	`2020-04-16` - `2022-04-16`	2 years	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-01-27` - `2022-02-28`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-08` - `2021-09-30`	9 months	crt.sh
*.cws.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2020-05-04` - `2022-05-04`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-29` - `2021-04-14`	5 months	crt.sh
e.serverbid.com R3	`2020-12-17` - `2021-03-17`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.d1.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2020-02-28` - `2022-03-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-03` - `2022-02-19`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-04` - `2022-02-22`	a year	crt.sh
*.rundsp.com Go Daddy Secure Certificate Authority - G2	`2020-03-07` - `2021-05-06`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-01-30` - `2021-04-28`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://bsaero.space/cq/cas/login.php?r=comcast.net&s=oauth&continue=https://oauth.xfinity.com/oauth/authorize?client_id=my-account-web&prompt=login&redirect_uri=https://customer.xfinity.com/oauth/callback&response_type=code&state=https://customer.xfinity.com/
Frame ID: 0A8770BCE9784A217A76D4FC254BC9CB
Requests: 43 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: 9BDB0392CB4797D422A2EA2770A658D6
Requests: 16 HTTP requests in this frame

Frame: https://z.moatads.com/comcastappnexusdisplay765226596515/moatad.js
Frame ID: 6EA1100DFCC7CE999B204D4970317A4F
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=bsaero.space
Frame ID: 5E7BC0190A899765225BAE0EE4EEB0E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

70
Requests

100 %
HTTPS

35 %
IPv6

30
Domains

41
Subdomains

28
IPs

8
Countries

824 kB
Transfer

1627 kB
Size

1
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.comcast.net/adinformation
Title: Ad Info

Search URL Search Domain Scan URL

URL: https://www.surveymonkey.com/s.aspx?sm=FyNNVDhj_2f2FNc2KVOHQ4eg_3d_3d
Title: Ad Feedback

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/lookup?continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26client_id%3Dxcp-prod%26reqId%3D48600c8e-5b28-4b73-8196-2a92a2c92e03%26r%3Dcomcast.net%26s%3Doauth%26deviceAuthn%3Dfalse%26continue%3Dhttps%253A%252F%252Foauth.xfinity.com%252Foauth%252Fauthorize%253Fclient_id%253Dxcp-prod%2526response_type%253Dcode%2526redirect_uri%253Dhttps%253A%252F%252Fxfinityconnect.email.comcast.net%252FxcPreAuth%252Fui%252Fweb%2526state%253D0%2526response%253D1%26forceAuthn%3D0%26lang%3Den%26rm%3D2%26ui_style%3Dlight&lang=en&ui_style=light
Title: Xfinity ID

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/reset?continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26client_id%3Dxcp-prod%26reqId%3D48600c8e-5b28-4b73-8196-2a92a2c92e03%26r%3Dcomcast.net%26s%3Doauth%26deviceAuthn%3Dfalse%26continue%3Dhttps%253A%252F%252Foauth.xfinity.com%252Foauth%252Fauthorize%253Fclient_id%253Dxcp-prod%2526response_type%253Dcode%2526redirect_uri%253Dhttps%253A%252F%252Fxfinityconnect.email.comcast.net%252FxcPreAuth%252Fui%252Fweb%2526state%253D0%2526response%253D1%26forceAuthn%3D0%26lang%3Den%26rm%3D2%26ui_style%3Dlight&lang=en&ui_style=light
Title: password

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/create-uid?continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26client_id%3Dxcp-prod%26reqId%3D48600c8e-5b28-4b73-8196-2a92a2c92e03%26r%3Dcomcast.net%26s%3Doauth%26deviceAuthn%3Dfalse%26continue%3Dhttps%253A%252F%252Foauth.xfinity.com%252Foauth%252Fauthorize%253Fclient_id%253Dxcp-prod%2526response_type%253Dcode%2526redirect_uri%253Dhttps%253A%252F%252Fxfinityconnect.email.comcast.net%252FxcPreAuth%252Fui%252Fweb%2526state%253D0%2526response%253D1%26forceAuthn%3D0%26lang%3Den%26rm%3D2%26ui_style%3Dlight&lang=en&ui_style=light
Title: Create one

Search URL Search Domain Scan URL

URL: https://customer.xfinity.com/lite
Title: Pay any balance

Search URL Search Domain Scan URL

URL: http://my.xfinity.com/terms/web/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://xfinity.comcast.net/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/privacy/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/privacy/manage-preference
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://xfinitydigital.demdex.net/event?d_sid=4702129 HTTP 302
https://xfinitydigital.demdex.net/firstevent?d_sid=4702129

Request Chain 49

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0 HTTP 302
https://www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3486188918 HTTP 302
https://www.google.de/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3486188918&ipr=y

Request Chain 50

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=46096594887608423583515443151252247124 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=164980803717000674817

Request Chain 51

https://idsync.rlcdn.com/365868.gif?partner_uid=46096594887608423583515443151252247124 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNDYwOTY1OTQ4ODc2MDg0MjM1ODM1MTU0NDMxNTEyNTIyNDcxMjQQABoNCL6MjoIGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=cd52dddd1d56b2458ecf66d122940aa9ab1633cd2c098070fab24e90c032fdf7b0da87c991749652

Request Chain 52

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6163002938552443595

Request Chain 53

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2490802063860164749

Request Chain 55

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDYwOTY1OTQ4ODc2MDg0MjM1ODM1MTU0NDMxNTEyNTIyNDcxMjQ= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBQu1Yvi7A3g8Z6bTbQCqNw&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 57

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=9bb54e74-a98e-4490-a48b-bb2d1a5396bb

Request Chain 58

https://c.bing.com/c.gif?uid=46096594887608423583515443151252247124&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0339427A00D96CC623E74D88010B6D10

Request Chain 61

https://ag.innovid.com/dv/sync?tid=6 HTTP 302
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=9ac67c1a-721e-4a09-b1bd-03af30f7e879

Request Chain 62

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=61f832f72650e2e3d08f886c6ef90295

Request Chain 63

https://match.prod.bidr.io/cookie-sync/adobe HTTP 303
https://match.prod.bidr.io/cookie-sync/adobe?_bee_ppp=1 HTTP 303
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAB5Uk7Ahw0AAEcUW2eI1w

Request Chain 69

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPuOcJUzP40IEyAm910tYU8&google_cver=1

70 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request login.php Show response
bsaero.space/cq/cas/ 14 KB
14 KB 1963ms
1262ms Document
text/html 103.118.32.38
TECHPATH-AS-AP Te...

General

Check archive.org

Show headers Download Go to

Full URL: https://bsaero.space/cq/cas/login.php?r=comcast.net&s=oauth&continue=https://oauth.xfinity.com/oauth/authorize?client_id=my-account-web&prompt=login&redirect_uri=https://customer.xfinity.com/oauth/callback&response_type=code&state=https://customer.xfinity.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.118.32.38 Brisbane, Australia, ASN58868 (TECHPATH-AS-AP TechPath Pty Ltd, AU),
Reverse DNS
Software: Apache /
Resource Hash: 148ee4240d077a2371cd8fc27848d1f27562fa043f42db42c869cc5be8cfa4d4

Request headers

Host: bsaero.space
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 13:40:10 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK comcast-common.js Show response
login.xfinity.com/static/js/ 181 KB
102 KB 611ms
157ms Script
application/javascript 2001:558:fe21:38:162:150:57:167
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xfinity.com/static/js/comcast-common.js

Requested by

Host: bsaero.space
URL: https://bsaero.space/cq/cas/login.php?r=comcast.net&s=oauth&continue=https://oauth.xfinity.com/oauth/authorize?client_id=my-account-web&prompt=login&redirect_uri=https://customer.xfinity.com/oauth/callback&response_type=code&state=https://customer.xfinity.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:558:fe21:38:162:150:57:167 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Resource Hash

782ff732b417b260c47bc69bc87d8dee4936b7cbe509ca212a4d22bbd0060be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 13:40:12 GMT
Content-Encoding: gzip
Alt-Svc: clear
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 google, 1.1 login.xfinity.com
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=500
X-Ion-Hop: test
Expires: 0

GET
H2 200 / Show response
static.cimcontent.net/data-layer/ 82 KB
24 KB 82ms
66ms Script
application/javascript 2a02:26f0:6c00:2be::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/data-layer/?appID=login
Requested by: Host: bsaero.space
URL: https://bsaero.space/cq/cas/login.php?r=comcast.net&s=oauth&continue=https://oauth.xfinity.com/oauth/authorize?client_id=my-account-web&prompt=login&redirect_uri=https://customer.xfinity.com/oauth/callback&response_type=code&state=https://customer.xfinity.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13384993553d5a56d4a48570a24717126172f1259029a5469a18b0bdac824176

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8MKZBM.mzR2RdA4_8HFAvvfByLfJvrH0
content-encoding: gzip
last-modified: Mon, 22 Feb 2021 16:10:29 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "faa9af42a87adb15a3df992067d5460a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
date: Sat, 06 Mar 2021 13:40:12 GMT
accept-ranges: bytes
content-length: 23713
x-amz-cf-id: h8yswRUBMOPDYQw5Tn1zc5vDexHY9XcI5UMX9w60USobrFucP2vSYQ==

GET
H/1.1 200
OK fonts-remote.min.css
login.xfinity.com/static/css/junket/ 3 KB
889 B 565ms
113ms Stylesheet
text/css 2001:558:fe21:38:162:150:57:167
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xfinity.com/static/css/junket/fonts-remote.min.css?v=0016b0b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:558:fe21:38:162:150:57:167 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 13:40:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Feb 2021 20:55:26 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/css
Cache-Control: max-age=157014913
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 307
Expires: Wed, 25 Feb 2026 20:55:26 GMT

GET
H/1.1 200
OK styles-light.min.css
login.xfinity.com/static/css/junket/ 45 KB
11 KB 567ms
115ms Stylesheet
text/css 2001:558:fe21:38:162:150:57:167
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xfinity.com/static/css/junket/styles-light.min.css?v=0016b0b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:558:fe21:38:162:150:57:167 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

785532d6bc98e37d9a9152013f9b0874d32fb92fbfc594431d6c9c142ba686f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 13:40:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Feb 2021 20:55:25 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/css
Cache-Control: max-age=157014912
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=500
Content-Length: 11160
Expires: Wed, 25 Feb 2026 20:55:25 GMT

GET
H2 200 e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367 Show response
scripts.webcontentassessor.com/scripts/ 120 KB
32 KB 126ms
42ms Script
application/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367
Requested by: Host: bsaero.space
URL: https://bsaero.space/cq/cas/login.php?r=comcast.net&s=oauth&continue=https://oauth.xfinity.com/oauth/authorize?client_id=my-account-web&prompt=login&redirect_uri=https://customer.xfinity.com/oauth/callback&response_type=code&state=https://customer.xfinity.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 14affb21ba40bd35064caa4735704a9c8e2bf8debcbdcf7a0f2a9f520839d2f0

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:12 GMT
content-encoding: gzip
age: 2684
x-cache: HIT
content-length: 32182
x-amz-id-2: OqRj4qVXyMrSdDUIVSN0I2jfzCibHWd3znm56cl1Htyj9CI5YAbvs8O/dN/jgVLWDfUH10hRbng=
x-served-by: cache-fra19140-FRA
last-modified: Sat, 06 Mar 2021 12:48:47 GMT
server: AmazonS3
x-timer: S1615038013.531207,VS0,VE1
etag: "ac44542641902c735596e77985d654b5"
vary: Accept-Encoding
x-amz-request-id: K5HGF4ZB0HNRJF8S
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H/1.1 200
OK vm-login-form-ad.js Show response
login.xfinity.com/static/js/ 9 KB
4 KB 355ms
113ms Script
text/javascript 2001:558:fe21:38:162:150:57:167
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xfinity.com/static/js/vm-login-form-ad.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:558:fe21:38:162:150:57:167 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

ab31816aa0fa561765323e1ffee2f48db4c5c406282a68416b1264c18fa629c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 13:40:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Feb 2021 20:49:12 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/javascript
Cache-Control: max-age=157014538
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=499
Content-Length: 3292
Expires: Wed, 25 Feb 2026 20:49:12 GMT

GET
H/1.1 200
OK u
7468.v.fwmrm.net/ad/ 0
361 B 289ms
95ms Image
text/html 2607:ae80:5::49
FREEWHEEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://7468.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid=%23%7Buser.id%7D
Requested by: Host: bsaero.space
URL: https://bsaero.space/cq/cas/login.php?r=comcast.net&s=oauth&continue=https://oauth.xfinity.com/oauth/authorize?client_id=my-account-web&prompt=login&redirect_uri=https://customer.xfinity.com/oauth/callback&response_type=code&state=https://customer.xfinity.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2607:ae80:5::49 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 13:40:13 GMT
Cache-Control: no-store
Expires: 0
Content-Type: text/html
Content-Length: 0
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"

GET
H/1.1

200
OK

firstevent
xfinitydigital.demdex.net/
Redirect Chain

https://xfinitydigital.demdex.net/event?d_sid=4702129
https://xfinitydigital.demdex.net/firstevent?d_sid=4702129

42 B
937 B

65ms
65ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://xfinitydigital.demdex.net/firstevent?d_sid=4702129

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-04aa08dae.edge-irl1.demdex.com 5.80.6.20210202104731 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: SnBEDD3cSTI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 8y0VeHfBRKM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://xfinitydigital.demdex.net/firstevent?d_sid=4702129
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK jquery-3.3.1.min.js Show response
login.xfinity.com/static/js/libs/ 85 KB
30 KB 117ms
117ms Script
text/javascript 2001:558:fe21:38:162:150:57:167
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xfinity.com/static/js/libs/jquery-3.3.1.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:558:fe21:38:162:150:57:167 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 13:40:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Feb 2021 20:49:12 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/javascript
Cache-Control: max-age=157014538
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=498
Content-Length: 30307
Expires: Wed, 25 Feb 2026 20:49:12 GMT

GET
H/1.1 200
OK scripts-responsive.min.js Show response
login.xfinity.com/static/js/ 7 KB
3 KB 113ms
113ms Script
text/javascript 2001:558:fe21:38:162:150:57:167
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://login.xfinity.com/static/js/scripts-responsive.min.js?v=0016b0b

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:558:fe21:38:162:150:57:167 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

Software

Apache /

Resource Hash

a242719ced92c4a9873915f0d97859ce735dc8e7ccc65d99a37ebc3d6128c77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 13:40:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Feb 2021 20:55:27 GMT
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: text/javascript
Cache-Control: max-age=157014913
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=497
Content-Length: 2883
Expires: Wed, 25 Feb 2026 20:55:27 GMT

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 125ms
103ms Preflight
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://bsaero.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: 9554ba3a-bda0-4db2-b529-33e43b3d1e08
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: bxHpqHYSIAMFmbw=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: srQ8nYBUoKlJ-mBNAZ05lNC0T-ZjMgDrzlK_K6_WBp7qFwQYJ1HYIQ==
date: Sat, 06 Mar 2021 13:40:13 GMT

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 298ms
278ms Preflight
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://bsaero.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: 529f60c8-9a0f-4bef-8801-222dac62fb93
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: bxHprFS3oAMFY9w=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: lJoCM5rRgSZU1avidDyF0wsNBH-DcGei2sbPT0SwzHtBa0QHsRaJHQ==
date: Sat, 06 Mar 2021 13:40:13 GMT

GET
H2 200 launch-46f715e51bac.min.js Show response
assets.adobedtm.com/331fbea29f79/fdd77923e2da/ 142 KB
44 KB 21ms
8ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: ac423d0aedd7fd40cd41a1b15c2f8a4eb02fba9feadb1dde8d3055dde2f8034c

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:13 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 19:09:38 GMT
server: AkamaiNetStorage
etag: "175b743c46a8770e143db6565f0ec922:1604516978.270368"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://bsaero.space
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 44826
expires: Sat, 06 Mar 2021 14:40:13 GMT

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
491 B 301ms
301ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5c099d3b0ccaa9a2282d327e023db481387a12f9b6c6c5cc1d7471c0a4d6122e

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 13:40:14 GMT
x-amz-cf-pop: FRA56-C2
x-amz-apigw-id: bxHptF_6oAMFvOA=
x-amzn-requestid: b32375cf-5b52-43f9-b481-e3acd6b5d7dd
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6043863d-068cd53f3b4214313a8e3b2d
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: y0jimVzTPza6GocWL815FFQtG3hfDIOYTfezssR0vy4eXTEExpCi5Q==

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
491 B 299ms
299ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: c3825d81f88364e57fd1a44b477546b389451e44fd59e8c85b7af6568cb2a308

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 13:40:14 GMT
x-amz-cf-pop: FRA56-C2
x-amz-apigw-id: bxHpuFfsIAMFRyg=
x-amzn-requestid: 66709b56-cea5-4e80-8ab8-7d2c660f4d68
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6043863e-78de90ce6deb71d92367b2f3
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: 0xSQyzCcPNVkbdRvjuGaE6a1QoF4doJRZwlfvXnW6Zh6IVHRBe8nng==

GET
H2 200 prebid.js Show response
static.cimcontent.net/common-web-assets/ad-assets/prebid/ 217 KB
218 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2be::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/vm-login-form-ad.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b453aee00d7c7c9e33e2897b911e9295f343a60f33283fd1fe6a9c084a18c51

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .8DCVy59pgK0saO.5YXbgxrHVBEHLifu
last-modified: Thu, 14 Jan 2021 17:06:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "7a495d9002d89d3c5e63ac7e274dbd44"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
date: Sat, 06 Mar 2021 13:40:13 GMT
accept-ranges: bytes
content-length: 222561
x-amz-cf-id: 7dHBbW-0jJWHhLN4TreX0BmNvyo9lWFxjciyvcHxtkI7l70XkJJing==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 197ms
69ms Script
application/javascript 65.9.24.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/vm-login-form-ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:35:14 GMT
content-encoding: gzip
server: Server
age: 298
etag: d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 eea0826c9064fc2d08f21b43b4a26011.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: ZAG50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id: xFMw6uz4OMimsxhZ0d1JJLshBZkzmvpE0gY2sKSWpYjObSnWb6aDqw==

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 87 KB
31 KB 132ms
45ms Script
application/javascript 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/vm-login-form-ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 13:40:13 GMT
Content-Encoding: gzip
Age: 81823
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 30966
X-Served-By: cache-lga21922-LGA, cache-hhn4067-HHN
Access-Control-Allow-Origin: *
Last-Modified: Tue, 09 Feb 2021 14:55:39 GMT
Server: nginx/1.13.10
X-Timer: S1615038014.769994,VS0,VE0
ETag: W/"6022a26b-15c8c"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 10 Feb 2021 14:55:43 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 90129

GET
H2 200 XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 26 KB
26 KB 19ms
6ms Font
font/woff2 2a02:26f0:6c00:2be::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/css/junket/fonts-remote.min.css?v=0016b0b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Origin: https://bsaero.space
Referer: https://login.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "e3e79cd377b28c1e7ffea64b194136cf"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1570098
date: Sat, 06 Mar 2021 13:40:13 GMT
accept-ranges: bytes
content-length: 26768
x-amz-cf-id: JxslSHTV_FRD0OYWoPLXvgr7dnTI7FGo_Sxi1cgB9cEA_TJDAjUmUg==

GET
DATA 200
OK truncated
/ 933 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 XfinityStandard-Light.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 27 KB
27 KB 10ms
9ms Font
font/woff2 2a02:26f0:6c00:2be::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/css/junket/fonts-remote.min.css?v=0016b0b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

Request headers

Origin: https://bsaero.space
Referer: https://login.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: wnCwOacXycelzt78IMkr55wWB9WkMd2W
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "f05d3ebe80809d82ab14d62a79da544e"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1570006
date: Sat, 06 Mar 2021 13:40:13 GMT
accept-ranges: bytes
content-length: 27420
x-amz-cf-id: qhreX0ubhP3k1UJdTh4Sjc54nwKQpRj6ga-aXa8bIHCU5wD1Nwd5qA==

GET
H2 200 XfinityStandard-Medium.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 27 KB
27 KB 10ms
9ms Font
font/woff2 2a02:26f0:6c00:2be::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/css/junket/fonts-remote.min.css?v=0016b0b
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2be::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228

Request headers

Origin: https://bsaero.space
Referer: https://login.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "13709eac065721ba8cd0e2d1b6fa8026"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=1619342
date: Sat, 06 Mar 2021 13:40:13 GMT
accept-ranges: bytes
content-length: 27152
x-amz-cf-id: oSxqG3HpJBwtibY9XyXw-ftWpn2_LnzNrEkPSUFX5N13MNDLL1MQSQ==

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 288ms
287ms Preflight
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://bsaero.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: d4a3e6d3-af19-4d6f-b26e-6ead55fa7065
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: bxHpsFbkoAMFesA=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: s5h6xB-iIZQBQW0MN5x-bvmDxP6Ll_R-wEgZZu0zDh4HfcPnrUZyrQ==
date: Sat, 06 Mar 2021 13:40:14 GMT

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
490 B 336ms
335ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: d3b9b46ba6194c784e0f6e4501b26305b7f277003e1e17523efb7e6211878726

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 13:40:14 GMT
x-amz-cf-pop: FRA56-C2
x-amz-apigw-id: bxHpvEPXoAMFUzA=
x-amzn-requestid: 93a623c2-1567-49bd-a544-75f0a281d4d6
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6043863e-235a46be4fb947601dab518a
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: WO2370h3APi57sOq4CkqzX85co1N2Fnvhml-3KIjYA7GVAdST1PexA==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 3 KB
2 KB 242ms
63ms XHR
application/json 54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1615038013758

Requested by

Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

376ba32d3f2861f83bcd7b33c6d4d17760193fe575d2140f619262ef6e38f06c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v089-0bac4842d.edge-irl1.demdex.com 5.80.6.20210202104731 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: zTuILvbYS1A=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://bsaero.space
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 974
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 EX42af35e02f37445ba43641984da760ce-libraryCode_source.min.js Show response
assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/ 85 KB
30 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/EX42af35e02f37445ba43641984da760ce-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0bd5fcba6dcf34771f5e3671e1c8956cc44e8f2bc5f98eb12c3eba27348fe963

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:13 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 19:09:38 GMT
server: AkamaiNetStorage
etag: "01222062c70687cd8aac20506b88b359:1604516978.963474"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://bsaero.space
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 30244
expires: Sat, 06 Mar 2021 14:40:13 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:13 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://bsaero.space
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Sat, 06 Mar 2021 14:40:13 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 16 B
166 B 356ms
118ms XHR
application/json 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: 903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bsaero.space
date: Sat, 06 Mar 2021 13:40:13 GMT
access-control-allow-credentials: true
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 arj Show response
comcast-d.openx.net/w/1.0/ 173 B
556 B 160ms
60ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comcast-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_2.1.7&dddid=431964e1-27ed-4b04-8da4-13735658a9e9&nocache=1615038013781&aus=300x600%2C300x250&divIds=ad-block&auid=540654279&
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 588a427ce0d20629db71cdf44933660548a69e4199ae18a22905b28e5ad5101a

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 13:40:13 GMT
content-encoding: gzip
server: OXGW/16.202.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bsaero.space
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
142 B 159ms
53ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=17&wv=2.26.0&cb=36576508344
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bsaero.space
date: Sat, 06 Mar 2021 13:40:13 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 283ms
156ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11648&site_id=248132&zone_id=1228140&size_id=15&alt_size_ids=10&p_pos=unknown&rf=https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2F&tk_flint=pbjs_lite_v2.26.0&x_source.tid=431964e1-27ed-4b04-8da4-13735658a9e9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.229613314102592
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b69441308f3d0e111637ef5aeec7467037df4f7aa1d7d89317f49560ac114399

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 13:40:14 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://bsaero.space
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
365 B 106ms
105ms XHR
text/javascript 65.9.24.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3338&u=https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2F&pid=i1LhALoyIiJQt&cb=0&ws=1600x1200&v=7.60.00&t=1500&slots=%5B%7B%22sd%22%3A%22ad-block%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:13 GMT
via: 1.1 eea0826c9064fc2d08f21b43b4a26011.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZAG50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://bsaero.space
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: yc2mmCQcwQ-2uGT4eLm-2WRfsqpMiMD9cimYYI3a45Jeqrjj9fco6A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 179ms
60ms XHR
application/javascript 65.9.24.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.24.128 Orlando, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:04 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 11
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Sat, 06 Mar 2021 01:32:40 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
via: 1.1 2646a167841368615f96564f373f8d21.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZAG50-C1
content-type: application/javascript
x-amz-cf-id: de59K1ceal7bOUSYzDHmWAyOwnq9Vc9z_HOES73hQCwv7ieBxemxLQ==

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 120ms
120ms Preflight
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://bsaero.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: df3773c7-226e-4d05-954f-e26ad2d144d0
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: bxHpsEzwIAMFVlw=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: sfADtrRt5GCuuuflunpw3MZhEyPZeCdaTSWMHpB7nBFNUi_F6tvJOQ==
date: Sat, 06 Mar 2021 13:40:14 GMT

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 292ms
292ms Preflight
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://bsaero.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: 3466e991-0a18-4f42-8350-0525407ee94d
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: bxHpuG6NoAMF4gg=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: zlqNDK9INnOqwu6qN3YaP7AYjZANhKT0xVerRrMs59mOQ0urt6XEyg==
date: Sat, 06 Mar 2021 13:40:14 GMT

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 291ms
291ms Preflight
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: PUT
Access-Control-Request-Headers: content-type
Origin: https://bsaero.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
x-amzn-requestid: 7f63c1d5-b28d-4d98-9c2e-af6906325b68
access-control-allow-origin: *
access-control-allow-headers: Content-Type
x-amz-apigw-id: bxHpuFtTIAMF1LA=
access-control-allow-methods: HEAD,OPTIONS,PUT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: BMQOVG149C8L6C4QWkxfi6ViTMjjE8NxbEc8s94BBQbU7hLdoLwkRQ==
date: Sat, 06 Mar 2021 13:40:14 GMT

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
490 B 303ms
302ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a16ff247c8123be8f1ae0b9ce1c22fa98cc8f7487c5b1503a455ddf942d3f61f

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 13:40:14 GMT
x-amz-cf-pop: FRA56-C2
x-amz-apigw-id: bxHpvExWoAMFsiw=
x-amzn-requestid: 92baa610-7f1e-49f4-afd8-8e78aca97d97
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6043863e-6759aee8633820996b99e3e2
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: tgwm6MY6b-zrTiIBPZc1RDHTlAKanr4bUf8Bf2ZGRRYSL9s1Do8D4A==

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
491 B 289ms
288ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a5dba2972b0bf2a2649de4cbc7b4085962a767e2320bf8b0d46203f2ac0997da

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 13:40:14 GMT
x-amz-cf-pop: FRA56-C2
x-amz-apigw-id: bxHpxGS1IAMFa8A=
x-amzn-requestid: ab6f2f3f-0e1b-4e36-ac03-b4ae83e6d761
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6043863e-14d624e817d4cdcf6dc941a3
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: xHG1DAaCZ_9Nfqa41PYADFT5FfzZzjL8FnEQVvoBDGGK5xZE8bMupA==

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
489 B 298ms
298ms XHR
application/json 2a02:26f0:6c00:295::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:295::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: bfdbf55e802cbc5f22aee3f70eef86733ca6adf40180e0a4218e261857b49b74

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 06 Mar 2021 13:40:14 GMT
x-amz-cf-pop: FRA56-C2
x-amz-apigw-id: bxHpxE78oAMFyUw=
x-amzn-requestid: 6509ae42-0109-4408-b2a0-4c395a65ace7
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6043863e-4fb65c25498118e9082159d1
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: BrZQuEc624vdzSzGBLQt3E56h2n40TAoztQrPFTP1HiXDnXVxuUlyA==

GET
H2 200 RC0203eaed7e334f4faf2d584bda1e9893-source.min.js Show response
assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/ 2 KB
978 B 15ms
14ms Script
application/x-javascript 2a02:26f0:6c00:299::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/RC0203eaed7e334f4faf2d584bda1e9893-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:299::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 03107b2706fe37dde4bf45439ef373f0b5b6e932a5220a347e7c6b3b2f93df95

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:13 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 19:09:38 GMT
server: AkamaiNetStorage
etag: "01222062c70687cd8aac20506b88b359:1604516978.963474"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://bsaero.space
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 716
expires: Sat, 06 Mar 2021 14:40:13 GMT

GET
H/1.1 200
OK Cookie set dest5.html Show response
comcast.demdex.net/ Frame 9BDB 7 KB
3 KB 247ms
60ms Document
text/html 54.228.36.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcast.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/launch-46f715e51bac.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.36.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-228-36-34.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: comcast.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://bsaero.space/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=46096594887608423583515443151252247124
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bsaero.space/

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 11 Feb 2021 14:59:27 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=46096594887608423583515443151252247124;Path=/;Domain=.demdex.net;Expires=Thu, 02-Sep-2021 13:40:14 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: Dp7LgsuPT/c=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
comcastcom.d1.sc.omtrdc.net/ 2 B
314 B 186ms
58ms XHR
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=5.0.1&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=45899307329810894893495679124416851699&ts=1615038014124

Requested by

Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 06 Mar 2021 13:40:14 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-5955cb7dcf-vs9pn
vary: Origin
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://bsaero.space
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 14 KB
7 KB 245ms
154ms XHR
application/json 185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

dfa98bd5b7021b1dbf9f8c331c75c36c770385af3489884790d6be7147afa14c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 06 Mar 2021 13:40:14 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.79:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 0db25a16-2e68-4293-8ed4-bc81ecee7656
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://bsaero.space
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 s09900502438453 Show response
comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-LAWA/ 3 KB
3 KB 85ms
85ms Script
application/x-javascript 15.237.136.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-2.3.0-LAWA/s09900502438453?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=6%2F2%2F2021%2014%3A40%3A14%206%20-60&d.&nsid=0&jsonv=1&.d&mid=45899307329810894893495679124416851699&aamlh=6&ce=UTF-8&pageName=resi%7Cselfservice%7Clogin%7C%7Csign%20in&g=https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity&cc=USD&ch=login&events=event125%3D27%2Cevent36%3D30&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c25=resi%7Cselfservice%7Clogin%7C%7Csign%20in%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1600x1200&v37=D%3DpageName&c44=responsive%7Ccima%20login&v44=responsive%7Ccima%20login&v46=First%20Visit&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c69=xcp-prod&c72=30&c73=Adobe%20Launch%20Hosted%20%7C09252020&v86=unauthenticated%7Cunrecognized&v99=comcast%7Cweb&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=.com%2F&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/EX42af35e02f37445ba43641984da760ce-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.136.106 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-136-106.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

42a06f6fbd16b8e8cb04ee52a19d06ee69ec328dfa29509af1e8e8370a7ee097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-aam-tid: oshiIf2vSvI=
date: Sat, 06 Mar 2021 13:40:14 GMT
x-content-type-options: nosniff
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
content-length: 3206
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-v089-08c30b5af.edge-irl1.demdex.com 5.80.6.20210202104731 6ms (+1ms)
pragma: no-cache
last-modified: Sun, 07 Mar 2021 13:40:14 GMT
server: jag
xserver: anedge-5955cb7dcf-n6h6k
etag: 3468267726571405312-4621918073440141435
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Fri, 05 Mar 2021 13:40:14 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/comcastappnexusdisplay765226596515/ Frame 6EA1 0
253 B 2122ms
1010ms Script
application/x-javascript 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/comcastappnexusdisplay765226596515/moatad.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:16 GMT
last-modified: Wed, 06 May 2020 16:15:19 GMT
server: AmazonS3
x-amz-request-id: 06A33782BC07839C
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/x-javascript
cache-control: max-age=38445
accept-ranges: bytes
content-length: 0
x-amz-id-2: 1t63LKJrUCd1El6eADLvobeZ7NHq+IK1S5jmbXS7cUhMwuc+fILKtYbhFmOzd5iQHh75G3ewofk=

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/203/ Frame 6EA1 89 KB
30 KB 172ms
69ms Script
application/x-javascript 184.51.9.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/203/trk.js
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-18.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 34fa21a78a608446a1d572b553d64b076cc6a6c1884fa9fdc9d7411025f3f9b7

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 13:40:14 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Mar 2021 08:37:09 GMT
Server: AkamaiNetStorage
ETag: "e9d693d83e56dfb5c25a3024010d789b:1614847029.166641"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *, *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30620
Expires: Sun, 06 Mar 2022 13:40:14 GMT

GET
H/1.1 200
OK 100c8794-c829-4f0b-9815-351c456446b1.jpg
crcdn01.adnxs.com/creative/p/7636/2021/3/4/24340949/ Frame 6EA1 38 KB
38 KB 161ms
57ms Image
image/jpeg 184.51.9.18
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs.com/creative/p/7636/2021/3/4/24340949/100c8794-c829-4f0b-9815-351c456446b1.jpg
Requested by: Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.18 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-18.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: 40f015a0ae2ee26fa88ae77b5c943365bcceb61b66ebc579000dda5c9a569441

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 06 Mar 2021 13:40:14 GMT
Last-Modified: Thu, 04 Mar 2021 16:52:10 GMT
Server: nginx/1.19.0
x-amz-request-id: 885c28a8-33a2-4921-a9ca-6c832426e19d
X-Clv-Request-Id: 885c28a8-33a2-4921-a9ca-6c832426e19d
ETag: "565af8e74edc48a0f36b9ec61ff4822e"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38748
Expires: Tue, 20 Apr 2021 13:40:14 GMT

GET
H/1.1 200
OK it
ams1-ib.adnxs.com/ 0
817 B 153ms
52ms Image
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2F&e=wqT_3QLWC3zWBQAAAwDWAAUBCL6MjoIGEJLwhern-Pq1YBgAKjYJAA0BABENCCgAGQAAAMAeBSBAIRESACkRCQAxARvA9Sj4PzD-x5MHONQ7QNQ7SAJQtZGHhAFYmZxuYABozIiOAXiPkAWAAQGKAQNVU0SSAQEG8FWYAawCoAH6AagBAbABALgBAcABBMgBAtABANgBAOABAPABAIoCWXVmKCdhJywgMzQ1ODExNiwgMTYxNTAzODAxNCk7dWYoJ2knLCAxNDIxNTQxLCAxNjYdADByJywgMjc2OTQwOTgxNjwA8GmSAvkDIWJrdmFSUWlqN1pjUkVMV1JoNFFCR0FBZ21aeHVNQVE0QUVBRVNOUTdVUDdIa3dkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkVxZ0JBN0FCQUxrQkFBQUFBBQQMREJBUQUJBQE8eVFFTzZQMk9Ub1ByUDlrQgUVNEFBQThEX2dBZVhoVnZVCRQoSmdDQUtBQ0FMVUMBIAhBTDAJCPBMTUFDQWNnQ0FkQUNBZGdDQWVBQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6RTZNemszT2VBRDlpcUFCQUNJQkFDUUJBQ1lCQUhCQkEFWgUBBHlRHaUYTmdFQVBFRQUZBQEgQ0lCWXNmcVFVBQ4cQUFEd1A3RUYNDQEQBEJCHT8AeRUoDEFBQU4yKAAAWi4oAKg0QVVBOEFXa2xPOEUtQVhFaU5NQmdnWURWVk5FaUFZQWtBWUJtQVlBb1FZAUoJASRLZ0dBYklHSkFrCRABAQBCHasEQmsBEgkBAEMdGERMZ0dCQS4umgKJASFldzdfMWc6_QEoSm1jYmlBRUtBQXgJPgUBADYySQEQVUQyS2sRYRBEd1AxRQUlBQEARhEYDEFBQUcdGABHHRgASB0Y8FVIZ0HYAu5j4AKRnDzqAoQCaHR0cHM6Ly9ic2Flcm8uc3BhY2UvY3EvY2FzL2xvZ2luLnBocD9yPWNvbWNhc3QubmV0JnM9b2F1dGgmY29udGludWU9aA1FAG8BFywueGZpbml0eS5jb20JEgAvAReYb3JpemU_Y2xpZW50X2lkPW15LWFjY291bnQtd2ViJnByb21wdD1sAXM0JnJlZGlyZWN0X3VyaT0RohxjdXN0b21lckpgAHxjYWxsYmFjayZyZXNwb25zZV90eXBlPWNvZGUmc3RhdBmiUkUA8H2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQNMTk0Ljk5LjEwNS45OagEALIEEAgAEAEY-AogoAYoADAAOAK4BADABADIBADSBA43NjM2I0FNUzE6Mzk3OdoEAggB4AQB8ASFuyCIBQGYBQCgBf8RARQBwAUAyQWJ9hDwP9IFCbUmaNgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBhEvINAGhyfaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOO4XQADIB4-QBdIHDRV0AThA2gcGCAAQABgA4AcA6gcCCAA.&s=d76430db7f62712a2125117d10dc1300f79f45a8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 13:40:14 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.241:80
AN-X-Request-Uuid: 720d29ca-8ba5-4313-ac4b-bfe8bc1c809c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1023869955/ Frame 9BDB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?label=cYj3CPPGqqsBEIOInOgD&guid=ON&script=0
https://www.google.com/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3486188918
https://www.google.de/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3486188918&ipr=y

42 B
108 B

18ms
17ms

Image
image/gif

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3486188918&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 13:40:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 13:40:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-user-list/1023869955/?label=cYj3CPPGqqsBEIOInOgD&is_vtc=1&random=3486188918&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=164980803717000674817
dpm.demdex.net/ Frame 9BDB
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=46096594887608423583515443151252247124
https://dpm.demdex.net/ibs:dpid=21&dpuuid=164980803717000674817

42 B
915 B

63ms
62ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=164980803717000674817

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0df8f7b71.edge-irl1.demdex.com 5.80.6.20210202104731 1ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: DF9UjKkaRMY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 13:40:14 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=164980803717000674817
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=cd52dddd1d56b2458ecf66d122940aa9ab1633cd2c098070fab24e90c032fdf7b0da87c991749652
dpm.demdex.net/ Frame 9BDB
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=46096594887608423583515443151252247124
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNDYwOTY1OTQ4ODc2MDg0MjM1ODM1MTU0NDMxNTEyNTIyNDcxMjQQABoNCL6MjoIGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=cd52dddd1d56b2458ecf66d122940aa9ab1633cd2c098070fab24e90c032fdf7b0da87c991749652

42 B
915 B

114ms
62ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=cd52dddd1d56b2458ecf66d122940aa9ab1633cd2c098070fab24e90c032fdf7b0da87c991749652

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0da00b492.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: N3AEDNe0TTQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 06 Mar 2021 13:40:14 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=cd52dddd1d56b2458ecf66d122940aa9ab1633cd2c098070fab24e90c032fdf7b0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=6163002938552443595
dpm.demdex.net/ Frame 9BDB
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6163002938552443595

42 B
915 B

61ms
60ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=6163002938552443595

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0af65bc10.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: Y505kpioSdc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 13:40:14 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 719.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.232:80
AN-X-Request-Uuid: a276b814-1c55-4b61-a3e3-42daa40688b5
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=6163002938552443595
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=2490802063860164749
dpm.demdex.net/ Frame 9BDB
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2490802063860164749

42 B
915 B

62ms
61ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=2490802063860164749

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-03c201161.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: SYGnsNSmQIw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=2490802063860164749
pragma: no-cache
date: Sat, 06 Mar 2021 13:40:14 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 365868.gif
idsync.rlcdn.com/ Frame 9BDB 42 B
317 B 49ms
49ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=46096594887608423583515443151252247124
Requested by: Host: comcast.demdex.net
URL: https://comcast.demdex.net/dest5.html?d_nsid=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Mar 2021 13:40:15 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEBQu1Yvi7A3g8Z6bTbQCqNw&google_cver=1
dpm.demdex.net/ Frame 9BDB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDYwOTY1OTQ4ODc2MDg0MjM1ODM1MTU0NDMxNTEyNTIyNDcxMjQ=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBQu1Yvi7A3g8Z6bTbQCqNw&google_cver=1?gdpr=0&gdpr_consent=

42 B
915 B

60ms
60ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBQu1Yvi7A3g8Z6bTbQCqNw&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-08e2d6dee.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: UXaigCjUQzU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 13:40:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEBQu1Yvi7A3g8Z6bTbQCqNw&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 9BDB 43 B
574 B 241ms
150ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=46096594887608423583515443151252247124&p_id=38594

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 105
pragma: no-cache
last-modified: Sat, 06 Mar 2021 13:40:15 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: abc0242195085c77efdcbffc685107c8
x-transaction: 00e28bd0002098b0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=9bb54e74-a98e-4490-a48b-bb2d1a5396bb
dpm.demdex.net/ Frame 9BDB
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=9bb54e74-a98e-4490-a48b-bb2d1a5396bb

42 B
915 B

61ms
61ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=9bb54e74-a98e-4490-a48b-bb2d1a5396bb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0bc0be24b.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: aRQQlfk+Qmg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 13:40:15 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=9bb54e74-a98e-4490-a48b-bb2d1a5396bb
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=0339427A00D96CC623E74D88010B6D10
dpm.demdex.net/ Frame 9BDB
Redirect Chain

https://c.bing.com/c.gif?uid=46096594887608423583515443151252247124&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0339427A00D96CC623E74D88010B6D10

42 B
915 B

61ms
61ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0339427A00D96CC623E74D88010B6D10

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0b885c983.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: gB5VWdUjTdw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 13:40:15 GMT
x-msedge-ref: Ref A: D9C5B4D3FDCD47CD8AF5B2D51F00CD5E Ref B: FRAEDGE1219 Ref C: 2021-03-06T13:40:15Z
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0339427A00D96CC623E74D88010B6D10
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1 404
Not Found /
servedby.flashtalking.com/map/ Frame 9BDB 0
0 233ms
59ms Image
text/html 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&url=https&gdpr=0&gdpr_consent=://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 204 match.gif
match.rundsp.com/ Frame 9BDB 0
41 B 88ms
62ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.rundsp.com/match.gif?id=46096594887608423583515443151252247124&partner=adobe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:15 GMT
server: nginx

GET
H/1.1

200
OK

ibs:dpid=80742&dpuuid=9ac67c1a-721e-4a09-b1bd-03af30f7e879
dpm.demdex.net/ Frame 9BDB
Redirect Chain

https://ag.innovid.com/dv/sync?tid=6
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=9ac67c1a-721e-4a09-b1bd-03af30f7e879

42 B
915 B

61ms
61ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=80742&dpuuid=9ac67c1a-721e-4a09-b1bd-03af30f7e879

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0d142d205.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 5zfW2ytlSj0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=80742&dpuuid=9ac67c1a-721e-4a09-b1bd-03af30f7e879
date: Sat, 06 Mar 2021 13:40:15 GMT
content-length: 0
request-time: 0

GET
H/1.1

200
OK

ibs:dpid=175765&dpuuid=61f832f72650e2e3d08f886c6ef90295
dpm.demdex.net/ Frame 9BDB
Redirect Chain

https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=61f832f72650e2e3d08f886c6ef90295

42 B
915 B

66ms
66ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=175765&dpuuid=61f832f72650e2e3d08f886c6ef90295

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-08e2d6dee.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+2ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: U2LVV+GVST0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Sat, 06 Mar 2021 13:40:15 GMT
X-Clacks-Overhead: GNU Terry Pratchett
Server: Apache-Coyote/1.1
X-Adswizz-request-id: 7bec0b40-7e81-11eb-b30c-0a9aa2d7cb35
Instance-id: i-030a67d463f93adac
Location: https://dpm.demdex.net/ibs:dpid=175765&dpuuid=61f832f72650e2e3d08f886c6ef90295
Connection: keep-alive
Content-Length: 0
X-Application-Context: application:production

GET
H/1.1

200
OK

ibs:dpid=275754&dpuuid=AAB5Uk7Ahw0AAEcUW2eI1w
dpm.demdex.net/ Frame 9BDB
Redirect Chain

https://match.prod.bidr.io/cookie-sync/adobe
https://match.prod.bidr.io/cookie-sync/adobe?_bee_ppp=1
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAB5Uk7Ahw0AAEcUW2eI1w

42 B
915 B

68ms
68ms

Image
image/gif

54.195.23.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAB5Uk7Ahw0AAEcUW2eI1w

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.195.23.91 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-195-23-91.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://comcast.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0e639e622.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: LOmdtHNYRAg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAB5Uk7Ahw0AAEcUW2eI1w
Date: Sat, 06 Mar 2021 13:40:16 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK rd_log Show response
ams1-ib.adnxs.com/ Frame 6EA1 0
816 B 45ms
44ms Script
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2F&e=wqT_3QKADnwABwAAAwDWAAUBCL6MjoIGEJLwhern-Pq1YBgAKjYJAA0BABENCCgAGQAAAMAeBSBAIRESACkRCQAxARvA9Sj4PzD-x5MHONQ7QNQ7SAJQtZGHhAFYmZxuYABozIiOAXiPkAWAAQGKAQNVU0SSAQEG8FWYAawCoAH6AagBAbABALgBAcABA8gBAtABANgBAOABAPABAIoCWXVmKCdhJywgMzQ1ODExNiwgMTYxNTAzODAxNCk7dWYoJ2knLCAxNDIxNTQxLCAxNjYdADByJywgMjc2OTQwOTgxNjwA8GmSAvkDIWJrdmFSUWlqN1pjUkVMV1JoNFFCR0FBZ21aeHVNQVE0QUVBRVNOUTdVUDdIa3dkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkVxZ0JBN0FCQUxrQkFBQUFBBQQMREJBUQUJBQE8eVFFTzZQMk9Ub1ByUDlrQgUVNEFBQThEX2dBZVhoVnZVCRQoSmdDQUtBQ0FMVUMBIAhBTDAJCPBMTUFDQWNnQ0FkQUNBZGdDQWVBQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6RTZNemszT2VBRDlpcUFCQUNJQkFDUUJBQ1lCQUhCQkEFWgUBBHlRHaUYTmdFQVBFRQUZBQEgQ0lCWXNmcVFVBQ4cQUFEd1A3RUYNDQEQBEJCHT8AeRUoDEFBQU4yKAAAWi4oAKg0QVVBOEFXa2xPOEUtQVhFaU5NQmdnWURWVk5FaUFZQWtBWUJtQVlBb1FZAUoJASRLZ0dBYklHSkFrCRABAQBCHasEQmsBEgkBAEMdGERMZ0dCQS4umgKJASFldzdfMWc6_QEoSm1jYmlBRUtBQXgJPgUBADYySQEQVUQyS2sRYRBEd1AxRQUlBQEARhEYDEFBQUcdGABHHRgASB0Y8FVIZ0HYAu5j4AKRnDzqAoQCaHR0cHM6Ly9ic2Flcm8uc3BhY2UvY3EvY2FzL2xvZ2luLnBocD9yPWNvbWNhc3QubmV0JnM9b2F1dGgmY29udGludWU9aA1FAG8BFywueGZpbml0eS5jb20JEgAvAReYb3JpemU_Y2xpZW50X2lkPW15LWFjY291bnQtd2ViJnByb21wdD1sAXM0JnJlZGlyZWN0X3VyaT0RohxjdXN0b21lckpgAHxjYWxsYmFjayZyZXNwb25zZV90eXBlPWNvZGUmc3RhdBmiUkUAPPICEQoGQURWX0lEEgczNDVh-RzyAhIKBkNQRwEUIAgxMDIwOTgyOAEpCAVDUAUUMDM2MDQyNDAz8gINCggBPRhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVgRDxALCgdDUBUOEBAKBUlPAWAIBzE0hWQA8gEhBElPFSE4EwoPQ1VTVE9NX01PREVMASsUAPICGgoWMhYAHExFQUZfTkFNBXEIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCqATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQNMTk0Ljk5LjEwNS45OagEALIEEAgAEAEY-AogoAYoADAAOAK4BADABADIBADSBA43NjM2I0FNUzE6Mzk3OdoEAggB4AQB8AS1kYeEAYgFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAxRNc2AUB4AUB6gUKCgVhbXpucBIBMuoFDAoHAQ1oYmlkEgEy8AUB-gUECAAQAJAGAJgGALgGAMEGBTwsAPA_0AaHJ9oGFgoQCREZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSEgYACAAMAA47hdAAMgHj5AF0gcN1cQBOEDaBwYIABAAGADgBwDqBwIIAA..&s=5cc1aa44de32ee395dca96c52afcc5754e31c27f&bdref=https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2F,https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2F&

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/e5d00e87ba3bf67af60bbc75377626fb1f0b0a10c2e83ca40b7a245ca2cd8367

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 13:40:16 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.56:80
AN-X-Request-Uuid: 96be1dcb-3654-4af4-ba52-f59ca931137b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 6EA1 0
836 B 48ms
48ms Other
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2F&e=wqT_3QLWC3zWBQAAAwDWAAUBCL6MjoIGEJLwhern-Pq1YBgAKjYJAA0BABENCCgAGQAAAMAeBSBAIRESACkRCQAxARvA9Sj4PzD-x5MHONQ7QNQ7SAJQtZGHhAFYmZxuYABozIiOAXiPkAWAAQGKAQNVU0SSAQEG8FWYAawCoAH6AagBAbABALgBAcABA8gBAtABANgBAOABAPABAIoCWXVmKCdhJywgMzQ1ODExNiwgMTYxNTAzODAxNCk7dWYoJ2knLCAxNDIxNTQxLCAxNjYdADByJywgMjc2OTQwOTgxNjwA8GmSAvkDIWJrdmFSUWlqN1pjUkVMV1JoNFFCR0FBZ21aeHVNQVE0QUVBRVNOUTdVUDdIa3dkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkVxZ0JBN0FCQUxrQkFBQUFBBQQMREJBUQUJBQE8eVFFTzZQMk9Ub1ByUDlrQgUVNEFBQThEX2dBZVhoVnZVCRQoSmdDQUtBQ0FMVUMBIAhBTDAJCPBMTUFDQWNnQ0FkQUNBZGdDQWVBQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6RTZNemszT2VBRDlpcUFCQUNJQkFDUUJBQ1lCQUhCQkEFWgUBBHlRHaUYTmdFQVBFRQUZBQEgQ0lCWXNmcVFVBQ4cQUFEd1A3RUYNDQEQBEJCHT8AeRUoDEFBQU4yKAAAWi4oAKg0QVVBOEFXa2xPOEUtQVhFaU5NQmdnWURWVk5FaUFZQWtBWUJtQVlBb1FZAUoJASRLZ0dBYklHSkFrCRABAQBCHasEQmsBEgkBAEMdGERMZ0dCQS4umgKJASFldzdfMWc6_QEoSm1jYmlBRUtBQXgJPgUBADYySQEQVUQyS2sRYRBEd1AxRQUlBQEARhEYDEFBQUcdGABHHRgASB0Y8FVIZ0HYAu5j4AKRnDzqAoQCaHR0cHM6Ly9ic2Flcm8uc3BhY2UvY3EvY2FzL2xvZ2luLnBocD9yPWNvbWNhc3QubmV0JnM9b2F1dGgmY29udGludWU9aA1FAG8BFywueGZpbml0eS5jb20JEgAvAReYb3JpemU_Y2xpZW50X2lkPW15LWFjY291bnQtd2ViJnByb21wdD1sAXM0JnJlZGlyZWN0X3VyaT0RohxjdXN0b21lckpgAHxjYWxsYmFjayZyZXNwb25zZV90eXBlPWNvZGUmc3RhdBmiUkUA8H2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQNMTk0Ljk5LjEwNS45OagEALIEEAgAEAEY-AogoAYoADAAOAK4BADABADIBADSBA43NjM2I0FNUzE6Mzk3OdoEAggB4AQB8ASFuyCIBQGYBQCgBf8RARQBwAUAyQWJ9hDwP9IFCbUmaNgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBhEvINAGhyfaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOO4XQADIB4-QBdIHDRV0AThA2gcGCAAQABgA4AcA6gcCCAA.&s=be33fe7825389eff0a02edcd62bc7c28e142e815&type=nv&nvt=5&jm=1003&px=595&py=248&bw=300&bh=250&sid=7563217771042156064&vd=ct~0|rr~0&sv=203&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15000574&sw=1600&sh=1200&pw=1600&ph=1200&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/203/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 13:40:16 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.147:80
AN-X-Request-Uuid: 8337a4a2-3ebc-441d-9c6b-8267ad54ebbc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bsaero.space
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 85ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.cimcontent.net
URL: https://static.cimcontent.net/common-web-assets/ad-assets/prebid/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:16 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 07 Mar 2021 13:40:16 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5E7B 0
150 B 44ms
15ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=bsaero.space

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=bsaero.space
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bsaero.space/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bsaero.space/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 1584
date: Sat, 06 Mar 2021 13:40:16 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 71ms
28ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: login.xfinity.com
URL: https://login.xfinity.com/static/js/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 06 Mar 2021 13:40:16 GMT
content-encoding: gzip
last-modified: Tue, 23 Feb 2021 11:00:28 GMT
server: nginx
etag: W/"6034e04c-14008"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Sun, 07 Mar 2021 13:40:16 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=1
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPuOcJUzP40IEyAm910tYU8&google_cver=1

43 B
114 B

53ms
51ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPuOcJUzP40IEyAm910tYU8&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Mar 2021 13:40:17 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Mar 2021 13:40:17 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPuOcJUzP40IEyAm910tYU8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
ams1-ib.adnxs.com/ Frame 6EA1 0
835 B 56ms
56ms Other
text/html 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fbsaero.space%2Fcq%2Fcas%2Flogin.php%3Fr%3Dcomcast.net%26s%3Doauth%26continue%3Dhttps%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26prompt%3Dlogin%26redirect_uri%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2Foauth%2Fcallback%26response_type%3Dcode%26state%3Dhttps%3A%2F%2Fcustomer.xfinity.com%2F&e=wqT_3QLWC3zWBQAAAwDWAAUBCL6MjoIGEJLwhern-Pq1YBgAKjYJAA0BABENCCgAGQAAAMAeBSBAIRESACkRCQAxARvA9Sj4PzD-x5MHONQ7QNQ7SAJQtZGHhAFYmZxuYABozIiOAXiPkAWAAQGKAQNVU0SSAQEG8FWYAawCoAH6AagBAbABALgBAcABA8gBAtABANgBAOABAPABAIoCWXVmKCdhJywgMzQ1ODExNiwgMTYxNTAzODAxNCk7dWYoJ2knLCAxNDIxNTQxLCAxNjYdADByJywgMjc2OTQwOTgxNjwA8GmSAvkDIWJrdmFSUWlqN1pjUkVMV1JoNFFCR0FBZ21aeHVNQVE0QUVBRVNOUTdVUDdIa3dkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkVxZ0JBN0FCQUxrQkFBQUFBBQQMREJBUQUJBQE8eVFFTzZQMk9Ub1ByUDlrQgUVNEFBQThEX2dBZVhoVnZVCRQoSmdDQUtBQ0FMVUMBIAhBTDAJCPBMTUFDQWNnQ0FkQUNBZGdDQWVBQ0FPZ0NBUGdDQUlBREFaZ0RBYm9EQ1VGTlV6RTZNemszT2VBRDlpcUFCQUNJQkFDUUJBQ1lCQUhCQkEFWgUBBHlRHaUYTmdFQVBFRQUZBQEgQ0lCWXNmcVFVBQ4cQUFEd1A3RUYNDQEQBEJCHT8AeRUoDEFBQU4yKAAAWi4oAKg0QVVBOEFXa2xPOEUtQVhFaU5NQmdnWURWVk5FaUFZQWtBWUJtQVlBb1FZAUoJASRLZ0dBYklHSkFrCRABAQBCHasEQmsBEgkBAEMdGERMZ0dCQS4umgKJASFldzdfMWc6_QEoSm1jYmlBRUtBQXgJPgUBADYySQEQVUQyS2sRYRBEd1AxRQUlBQEARhEYDEFBQUcdGABHHRgASB0Y8FVIZ0HYAu5j4AKRnDzqAoQCaHR0cHM6Ly9ic2Flcm8uc3BhY2UvY3EvY2FzL2xvZ2luLnBocD9yPWNvbWNhc3QubmV0JnM9b2F1dGgmY29udGludWU9aA1FAG8BFywueGZpbml0eS5jb20JEgAvAReYb3JpemU_Y2xpZW50X2lkPW15LWFjY291bnQtd2ViJnByb21wdD1sAXM0JnJlZGlyZWN0X3VyaT0RohxjdXN0b21lckpgAHxjYWxsYmFjayZyZXNwb25zZV90eXBlPWNvZGUmc3RhdBmiUkUA8H2AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQGL3V0L3YzmAQAogQNMTk0Ljk5LjEwNS45OagEALIEEAgAEAEY-AogoAYoADAAOAK4BADABADIBADSBA43NjM2I0FNUzE6Mzk3OdoEAggB4AQB8ASFuyCIBQGYBQCgBf8RARQBwAUAyQWJ9hDwP9IFCbUmaNgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBhEvINAGhyfaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUhIGAAgADAAOO4XQADIB4-QBdIHDRV0AThA2gcGCAAQABgA4AcA6gcCCAA.&s=be33fe7825389eff0a02edcd62bc7c28e142e815&type=pv&jm=1003|1030&px=595&py=248&bw=300&bh=250&sf=1&sid=7563217771042156064&vd=ct~0|rr~5&sv=203&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15000574&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/203/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bsaero.space/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Sat, 06 Mar 2021 13:40:17 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 721.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.83:80
AN-X-Request-Uuid: 1f3b691b-0f44-4828-9de5-ac62be8ad913
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bsaero.space
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bsaero.space/	1970-01-20 10:08:30	Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg Value: 359503849%7CMCIDTS%7C18693%7CvVersion%7C5.0.1

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://login.xfinity.com/static/js/comcast-common.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://assets.adobedtm.com/331fbea29f79/fdd77923e2da/52d5ba0fe5d1/EX42af35e02f37445ba43641984da760ce-libraryCode_source.min.js(Line 2) Message: Error, missing Report Suite ID in AppMeasurement initialization
console-api	info	URL: https://acdn.adnxs.com/ast/ast.js(Line 1) Message: AST library loaded: 0.36.0
console-api	log	URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js(Line 2) Message: visitor.publishDestinations() result: The destination publishing iframe is already attached and loaded.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7468.v.fwmrm.net
aa.agkn.com
acdn.adnxs.com
ag.innovid.com
ams1-ib.adnxs.com
analytics.twitter.com
assets.adobedtm.com
bidder.criteo.com
bsaero.space
c.amazon-adsystem.com
c.bing.com
cdn.adnxs.com
cm.g.doubleclick.net
comcast-d.openx.net
comcast.demdex.net
comcastcom.d1.sc.omtrdc.net
crcdn01.adnxs.com
d.turn.com
dl.cws.xfinity.com
dpm.demdex.net
e.serverbid.com
eu-u.openx.net
fastlane.rubiconproject.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
login.xfinity.com
match.adsrvr.org
match.prod.bidr.io
match.rundsp.com
scripts.webcontentassessor.com
servedby.flashtalking.com
static.cimcontent.net
static.criteo.net
synchroscript.deliveryengine.adswizz.com
us-u.openx.net
www.google.com
www.google.de
xfinitydigital.demdex.net
z.moatads.com
103.118.32.38
104.244.42.131
134.209.129.254
15.237.136.106
151.101.113.108
151.101.14.217
172.217.16.130
178.250.0.165
184.51.10.56
184.51.9.18
185.33.221.89
185.33.221.91
2001:558:fe21:38:162:150:57:167
205.185.216.42
2607:ae80:5::49
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:82b::2003
2a02:2638:1::13
2a02:2638::3
2a02:26f0:6c00:295::2c06
2a02:26f0:6c00:299::1e80
2a02:26f0:6c00:2be::30d4
2a02:fa8:8806:12::1370
2a05:d01c:1d8:8102:b538:d7a2:ecd1:cf51
34.246.45.184
34.98.64.218
35.244.174.68
46.228.164.13
52.214.70.9
52.49.114.167
52.58.248.2
54.195.23.91
54.228.36.34
65.9.24.128
69.173.144.141
03107b2706fe37dde4bf45439ef373f0b5b6e932a5220a347e7c6b3b2f93df95
032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0bd5fcba6dcf34771f5e3671e1c8956cc44e8f2bc5f98eb12c3eba27348fe963
13384993553d5a56d4a48570a24717126172f1259029a5469a18b0bdac824176
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
148ee4240d077a2371cd8fc27848d1f27562fa043f42db42c869cc5be8cfa4d4
14affb21ba40bd35064caa4735704a9c8e2bf8debcbdcf7a0f2a9f520839d2f0
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1b453aee00d7c7c9e33e2897b911e9295f343a60f33283fd1fe6a9c084a18c51
1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
34fa21a78a608446a1d572b553d64b076cc6a6c1884fa9fdc9d7411025f3f9b7
376ba32d3f2861f83bcd7b33c6d4d17760193fe575d2140f619262ef6e38f06c
40f015a0ae2ee26fa88ae77b5c943365bcceb61b66ebc579000dda5c9a569441
42a06f6fbd16b8e8cb04ee52a19d06ee69ec328dfa29509af1e8e8370a7ee097
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
588a427ce0d20629db71cdf44933660548a69e4199ae18a22905b28e5ad5101a
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5
5c099d3b0ccaa9a2282d327e023db481387a12f9b6c6c5cc1d7471c0a4d6122e
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
782ff732b417b260c47bc69bc87d8dee4936b7cbe509ca212a4d22bbd0060be5
785532d6bc98e37d9a9152013f9b0874d32fb92fbfc594431d6c9c142ba686f4
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
83bcdfa5df8e5f84aa8715b0aefb06e9909b30290843475a0ecc6887650f811f
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
a16ff247c8123be8f1ae0b9ce1c22fa98cc8f7487c5b1503a455ddf942d3f61f
a242719ced92c4a9873915f0d97859ce735dc8e7ccc65d99a37ebc3d6128c77d
a5dba2972b0bf2a2649de4cbc7b4085962a767e2320bf8b0d46203f2ac0997da
ab31816aa0fa561765323e1ffee2f48db4c5c406282a68416b1264c18fa629c8
ac423d0aedd7fd40cd41a1b15c2f8a4eb02fba9feadb1dde8d3055dde2f8034c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b69441308f3d0e111637ef5aeec7467037df4f7aa1d7d89317f49560ac114399
bfdbf55e802cbc5f22aee3f70eef86733ca6adf40180e0a4218e261857b49b74
c3825d81f88364e57fd1a44b477546b389451e44fd59e8c85b7af6568cb2a308
d3b9b46ba6194c784e0f6e4501b26305b7f277003e1e17523efb7e6211878726
dfa98bd5b7021b1dbf9f8c331c75c36c770385af3489884790d6be7147afa14c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

bsaero.space Open in urlscan Pro 103.118.32.38 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

70 Requests

100 %HTTPS

35 %IPv6

30 Domains

41 Subdomains

28 IPs

8 Countries

824 kBTransfer

1627 kBSize

1 Cookies

10 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bsaero.space Open in urlscan Pro
103.118.32.38 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

100 %
HTTPS

35 %
IPv6

30
Domains

41
Subdomains

28
IPs

8
Countries

824 kB
Transfer

1627 kB
Size

1
Cookies

70 HTTP transactions
2 data transactions