xfinityoffers.xyz Open in urlscan Pro
2606:4700:3031::ac43:b88a  Malicious Activity! Public Scan

Submitted URL: http://xfinityoffers.xyz/?entity=1073444
Effective URL: https://xfinityoffers.xyz/overview?entity=1073444
Submission: On August 03 via manual from IN — Scanned from DE

Summary

This website contacted 58 IPs in 11 countries across 68 domains to perform 279 HTTP transactions. The main IP is 2606:4700:3031::ac43:b88a, located in United States and belongs to CLOUDFLARENET, US. The main domain is xfinityoffers.xyz.
TLS certificate: Issued by E1 on June 21st 2022. Valid for: 3 months.
This is the only time xfinityoffers.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 15 2606:4700:303... 13335 (CLOUDFLAR...)
9 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
3 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
21 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
42 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
25 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
3 2001:558:fe02::a 7922 (COMCAST-7922)
2 17 52.19.192.193 16509 (AMAZON-02)
1 3 142.250.185.230 15169 (GOOGLE)
2 13.36.218.177 16509 (AMAZON-02)
2 2 54.229.168.160 16509 (AMAZON-02)
2 2 3.120.80.21 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
3 3 185.89.210.20 29990 (ASN-APPNEX)
1 1 2001:678:cb4:... 56396 (AMOBEE)
3 3 142.250.181.226 15169 (GOOGLE)
2 104.244.42.3 13414 (TWITTER)
1 3.33.220.150 16509 (AMAZON-02)
1 4 2620:1ec:c11:... 8068 (MICROSOFT...)
1 5 209.197.3.19 20446 (STACKPATH...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 212.82.100.182 34010 (YAHOO-IRD)
1 1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 1 13.32.110.73 16509 (AMAZON-02)
1 1 18.235.187.108 14618 (AMAZON-AES)
1 1 63.33.97.13 16509 (AMAZON-02)
2 2 52.19.186.186 16509 (AMAZON-02)
2 32 209.54.182.161 16509 (AMAZON-02)
32 108.138.7.9 16509 (AMAZON-02)
1 52.49.242.9 16509 (AMAZON-02)
1 15.236.176.210 16509 (AMAZON-02)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 4 2a00:1450:400... 15169 (GOOGLE)
2 5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.138.17.67 16509 (AMAZON-02)
1 34.120.253.250 15169 (GOOGLE)
1 18.195.201.66 16509 (AMAZON-02)
4 2a03:2880:f10... 32934 (FACEBOOK)
2 2600:9000:225... 16509 (AMAZON-02)
1 199.232.16.157 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
2 3 63.215.202.137 41041 (VCLK-EU-SE)
2 2 108.128.62.116 16509 (AMAZON-02)
3 6 35.227.248.159 15169 (GOOGLE)
1 1 34.254.114.204 16509 (AMAZON-02)
1 34.105.198.99 396982 (GOOGLE-CL...)
3 142.250.185.194 15169 (GOOGLE)
1 104.244.42.133 13414 (TWITTER)
5 34.98.72.95 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 104.18.18.126 13335 (CLOUDFLAR...)
2 2 104.18.19.126 13335 (CLOUDFLAR...)
2 2 18.185.150.148 16509 (AMAZON-02)
1 1 23.7.201.234 16625 (AKAMAI-AS)
1 1 3.126.56.137 16509 (AMAZON-02)
2 2 3.127.124.165 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 2.18.79.139 20940 (AKAMAI-ASN1)
1 1 52.222.237.72 16509 (AMAZON-02)
1 52.214.253.121 16509 (AMAZON-02)
1 54.163.85.219 14618 (AMAZON-AES)
1 188.65.124.66 41690 (DAILYMOTI...)
1 1 3.209.91.249 14618 (AMAZON-AES)
1 1 69.173.144.138 26667 (RUBICONPR...)
1 1 34.98.67.61 15169 (GOOGLE)
2 2 37.157.4.29 198622 (ADFORM)
2 2 185.94.180.126 35220 (SPOTX-AMS)
1 1 18.198.200.35 16509 (AMAZON-02)
1 1 3.74.200.12 16509 (AMAZON-02)
1 1 54.166.21.101 14618 (AMAZON-AES)
2 2 13.32.99.21 16509 (AMAZON-02)
1 35.244.159.8 15169 (GOOGLE)
2 2 77.243.60.138 42697 (NETIC-AS)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 54.78.254.47 16509 (AMAZON-02)
1 1 45.79.188.190 63949 (LINODE-AP...)
1 1 151.101.130.132 54113 (FASTLY)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 1 141.226.228.48 200478 (TABOOLA-AS)
1 35.190.20.211 15169 (GOOGLE)
1 34.120.232.38 396982 (GOOGLE-CL...)
1 34.98.115.224 15169 (GOOGLE)
2 52.138.200.61 8075 (MICROSOFT...)
1 34.107.191.194 15169 (GOOGLE)
1 34.102.193.48 396982 (GOOGLE-CL...)
1 34.111.8.32 15169 (GOOGLE)
279 58
Apex Domain
Subdomains
Transfer
99 xfinity.com
assets.xfinity.com — Cisco Umbrella Rank: 63680
dl.cws.xfinity.com — Cisco Umbrella Rank: 29093
polaris.xfinity.com — Cisco Umbrella Rank: 34060
dss-dl-prod.aws-origin.xfinity.com — Cisco Umbrella Rank: 69673
metrics.xfinity.com — Cisco Umbrella Rank: 28085
2 MB
32 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 298
25 KB
25 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 414
180 KB
18 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 213
comcast.demdex.net — Cisco Umbrella Rank: 3886
adobedc.demdex.net — Cisco Umbrella Rank: 9940
20 KB
15 xfinityoffers.xyz
xfinityoffers.xyz
687 KB
11 doubleclick.net
fls.doubleclick.net — Cisco Umbrella Rank: 449
cm.g.doubleclick.net — Cisco Umbrella Rank: 223
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
4053494.fls.doubleclick.net — Cisco Umbrella Rank: 46253
stats.g.doubleclick.net — Cisco Umbrella Rank: 131
6 KB
9 cimcontent.net
static.cimcontent.net — Cisco Umbrella Rank: 22756
369 KB
7 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 3186
assets.bounceexchange.com — Cisco Umbrella Rank: 2679
api.bounceexchange.com — Cisco Umbrella Rank: 2960
154 KB
6 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 510
1 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 15
adservice.google.com — Cisco Umbrella Rank: 104
1 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 4674
803 B
5 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 763
5 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 61
21 KB
4 iperceptions.com
universal.iperceptions.com — Cisco Umbrella Rank: 8876
api.iperceptions.com — Cisco Umbrella Rank: 8500
5 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
564 B
4 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 4117
publicis-36-adswizz.attribution.adswizz.com — Cisco Umbrella Rank: 96808
publicis-37-adswizz.attribution.adswizz.com — Cisco Umbrella Rank: 96995
publicis-38-adswizz.attribution.adswizz.com — Cisco Umbrella Rank: 97031
978 B
4 bing.com
c.bing.com — Cisco Umbrella Rank: 231
bat.bing.com — Cisco Umbrella Rank: 396
12 KB
3 cdnbasket.net
data.cdnbasket.net — Cisco Umbrella Rank: 6286
page.cdnbasket.net — Cisco Umbrella Rank: 6280
view.cdnbasket.net — Cisco Umbrella Rank: 6293
1014 B
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 584
r.casalemedia.com — Cisco Umbrella Rank: 743
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480
3 KB
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 134
33 KB
3 quantummetric.com
cdn.quantummetric.com — Cisco Umbrella Rank: 2508
123 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 100
130 KB
3 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 887
ups.analytics.yahoo.com — Cisco Umbrella Rank: 291
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 254
3 KB
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 491
d.agkn.com — Cisco Umbrella Rank: 606
2 KB
3 comcast.com
cdn.comcast.com — Cisco Umbrella Rank: 52486
cdn.wcdc.comcast.com Failed
47 KB
2 cdnwidget.com
ids.cdnwidget.com — Cisco Umbrella Rank: 4747
e.cdnwidget.com — Cisco Umbrella Rank: 14348
302 B
2 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1039
image6.pubmatic.com — Cisco Umbrella Rank: 674
391 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1251
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 155
543 B
2 serving-sys.com
bs.serving-sys.com — Cisco Umbrella Rank: 1176
lm.serving-sys.com — Cisco Umbrella Rank: 1918
777 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 548
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 648
996 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 359
token.rubiconproject.com — Cisco Umbrella Rank: 773
674 B
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 546
usermatch.krxd.net — Cisco Umbrella Rank: 1322
496 B
2 myvisualiq.net
t.myvisualiq.net — Cisco Umbrella Rank: 1835
1 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 314
1 KB
2 dotomi.com
login.dotomi.com — Cisco Umbrella Rank: 1806
671 B
2 pulseinsights.com
js.pulseinsights.com — Cisco Umbrella Rank: 55847
survey.pulseinsights.com — Cisco Umbrella Rank: 50792
26 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 160
111 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 537
1 KB
2 undertone.com
ads.undertone.com — Cisco Umbrella Rank: 5810
evt.undertone.com — Cisco Umbrella Rank: 7009
1 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 555
456 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 333
107 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 857
1 KB
2 omtrdc.net
comcastcom.d1.sc.omtrdc.net — Cisco Umbrella Rank: 64576
comcastresidentialservices.tt.omtrdc.net — Cisco Umbrella Rank: 31409
1 KB
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1075
168 B
1 ispot.tv
pi.ispot.tv — Cisco Umbrella Rank: 2335
343 B
1 ninthdecimal.com
lciapi.ninthdecimal.com — Cisco Umbrella Rank: 3236
612 B
1 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1253
324 B
1 openx.net
us-u.openx.net — Cisco Umbrella Rank: 420
304 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1062
633 B
1 samba.tv
ads.samba.tv — Cisco Umbrella Rank: 5469
418 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com — Cisco Umbrella Rank: 2073
123 B
1 samplicio.us
usersync.samplicio.us — Cisco Umbrella Rank: 2517
263 B
1 imdb.com
www.imdb.com — Cisco Umbrella Rank: 2388
913 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 688
782 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 1623
392 B
1 tremorhub.com
amazon.partners.tremorhub.com — Cisco Umbrella Rank: 5379
183 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 574
459 B
1 t.co
t.co — Cisco Umbrella Rank: 460
338 B
1 consensu.org
core.conversant.mgr.consensu.org — Cisco Umbrella Rank: 143836
322 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 684
15 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1461
248 B
1 rundsp.com
match.rundsp.com — Cisco Umbrella Rank: 9473
41 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 402
265 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1138
402 B
0 survata.com Failed
px.surveywall-api.survata.com Failed
279 68
Domain Requested by
42 dl.cws.xfinity.com static.cimcontent.net
32 dss-dl-prod.aws-origin.xfinity.com static.cimcontent.net
32 s.amazon-adsystem.com 2 redirects cdn.comcast.com
s.amazon-adsystem.com
25 assets.adobedtm.com static.cimcontent.net
assets.adobedtm.com
cdn.comcast.com
21 assets.xfinity.com xfinityoffers.xyz
16 dpm.demdex.net 2 redirects static.cimcontent.net
xfinityoffers.xyz
servedby.flashtalking.com
15 xfinityoffers.xyz 2 redirects xfinityoffers.xyz
static.cimcontent.net
9 static.cimcontent.net xfinityoffers.xyz
6 pixel.tapad.com 3 redirects
5 assets.bounceexchange.com cdn.comcast.com
5 www.google.de 4053494.fls.doubleclick.net
5 www.google.com 2 redirects
5 servedby.flashtalking.com 1 redirects cdn.comcast.com
servedby.flashtalking.com
4 www.google-analytics.com cdn.comcast.com
static.cimcontent.net
4 www.facebook.com
4 googleads.g.doubleclick.net 2 redirects cdn.comcast.com
3 www.googleadservices.com cdn.comcast.com
4053494.fls.doubleclick.net
www.googleadservices.com
3 bat.bing.com cdn.comcast.com
3 cdn.quantummetric.com cdn.comcast.com
3 www.googletagmanager.com cdn.comcast.com
3 cm.g.doubleclick.net 3 redirects
3 ib.adnxs.com 3 redirects
3 polaris.xfinity.com xfinityoffers.xyz
cdn.comcast.com
3 cdn.comcast.com xfinityoffers.xyz
static.cimcontent.net
cdn.comcast.com
2 api.iperceptions.com static.cimcontent.net
2 uipglob.semasio.net 2 redirects
2 sb.scorecardresearch.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 c1.adform.net 2 redirects
2 t.myvisualiq.net 2 redirects
2 x.bidswitch.net 2 redirects
2 4053494.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 login.dotomi.com 1 redirects
2 universal.iperceptions.com cdn.comcast.com
2 connect.facebook.net cdn.comcast.com
2 match.prod.bidr.io 2 redirects
2 cms.analytics.yahoo.com 1 redirects s.amazon-adsystem.com
2 analytics.twitter.com xfinityoffers.xyz
2 idsync.rlcdn.com xfinityoffers.xyz
2 pm.w55c.net 2 redirects
2 aa.agkn.com 2 redirects
1 api.bounceexchange.com cdn.comcast.com
1 e.cdnwidget.com
1 ids.cdnwidget.com static.cimcontent.net
1 view.cdnbasket.net static.cimcontent.net
1 page.cdnbasket.net static.cimcontent.net
1 data.cdnbasket.net static.cimcontent.net
1 sync.taboola.com 1 redirects
1 image6.pubmatic.com s.amazon-adsystem.com
1 pi.ispot.tv 1 redirects
1 lciapi.ninthdecimal.com 1 redirects
1 loadus.exelator.com s.amazon-adsystem.com
1 token.rubiconproject.com 1 redirects
1 image2.pubmatic.com s.amazon-adsystem.com
1 ssum-sec.casalemedia.com 1 redirects
1 us-u.openx.net s.amazon-adsystem.com
1 usermatch.krxd.net 1 redirects
1 lm.serving-sys.com 1 redirects
1 bs.serving-sys.com 1 redirects
1 odr.mookie1.com 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 ads.samba.tv 1 redirects
1 public-prod-dspcookiematching.dmxleo.com s.amazon-adsystem.com
1 usersync.samplicio.us s.amazon-adsystem.com
1 beacon.krxd.net s.amazon-adsystem.com
1 www.imdb.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 mwzeom.zeotap.com 1 redirects
1 amazon.partners.tremorhub.com s.amazon-adsystem.com
1 ups.analytics.yahoo.com 1 redirects
1 tags.bluekai.com 1 redirects
1 r.casalemedia.com 1 redirects
1 dsum-sec.casalemedia.com 1 redirects
1 stats.g.doubleclick.net static.cimcontent.net
1 adservice.google.com 4053494.fls.doubleclick.net
1 t.co
1 survey.pulseinsights.com cdn.comcast.com
1 publicis-38-adswizz.attribution.adswizz.com 1 redirects
1 publicis-37-adswizz.attribution.adswizz.com 1 redirects
1 publicis-36-adswizz.attribution.adswizz.com 1 redirects
1 core.conversant.mgr.consensu.org 1 redirects
1 static.ads-twitter.com cdn.comcast.com
1 d.agkn.com
1 tag.bounceexchange.com cdn.comcast.com
1 js.pulseinsights.com cdn.comcast.com
1 adobedc.demdex.net static.cimcontent.net
1 metrics.xfinity.com static.cimcontent.net
1 comcastresidentialservices.tt.omtrdc.net static.cimcontent.net
1 synchroscript.deliveryengine.adswizz.com 1 redirects
1 evt.undertone.com 1 redirects
1 ads.undertone.com 1 redirects
1 ag.innovid.com 1 redirects
1 match.rundsp.com xfinityoffers.xyz
1 c.bing.com 1 redirects
1 match.adsrvr.org xfinityoffers.xyz
1 d.turn.com 1 redirects
1 comcastcom.d1.sc.omtrdc.net static.cimcontent.net
1 comcast.demdex.net assets.adobedtm.com
1 fls.doubleclick.net assets.adobedtm.com
0 px.surveywall-api.survata.com Failed s.amazon-adsystem.com
0 cdn.wcdc.comcast.com Failed static.cimcontent.net
279 101
Subject Issuer Validity Valid
*.xfinityoffers.xyz
E1
2022-06-21 -
2022-09-19
3 months crt.sh
static.cimcontent.net
COMODO RSA Organization Validation Secure Server CA
2022-04-06 -
2023-04-06
a year crt.sh
xapi.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2022-04-20 -
2023-04-20
a year crt.sh
t.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2022-04-20 -
2023-04-20
a year crt.sh
*.cws.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2022-04-21 -
2023-04-21
a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-19 -
2023-08-19
a year crt.sh
polaris.xfinity.com
Sectigo RSA Organization Validation Secure Server CA
2021-10-12 -
2022-10-12
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.d1.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2022-02-17 -
2023-03-07
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2022-03-31 -
2023-05-02
a year crt.sh
match.rundsp.com
GlobalSign RSA OV SSL CA 2018
2022-04-19 -
2023-05-21
a year crt.sh
*.aws-origin.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2021-08-24 -
2022-08-24
a year crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-11 -
2022-10-12
a year crt.sh
metrics.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2021-09-07 -
2022-09-07
a year crt.sh
adobedc.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2021-10-19 -
2022-11-19
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-05-12 -
2022-08-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-16 -
2023-06-16
a year crt.sh
s.amazon-adsystem.com
Amazon
2022-05-09 -
2023-04-21
a year crt.sh
js.pulseinsights.com
Amazon
2022-04-04 -
2023-05-02
a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01
2022-06-10 -
2022-12-10
6 months crt.sh
tag.bounceexchange.com
R3
2022-07-28 -
2022-10-26
3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018
2020-07-25 -
2022-09-18
2 years crt.sh
*.iperceptions.com
Amazon
2022-03-16 -
2023-04-13
a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2022-01-27 -
2023-02-24
a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2022-07-22 -
2023-08-22
a year crt.sh
*.pulseinsights.com
Sectigo RSA Domain Validation Secure Server CA
2020-06-01 -
2022-09-03
2 years crt.sh
www.googleadservices.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
assets.bounceexchange.com
GTS CA 1D4
2022-06-10 -
2022-09-08
3 months crt.sh
*.google.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.tremorhub.com
Amazon
2022-03-24 -
2023-04-22
a year crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-03-15 -
2022-09-07
6 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-11-03 -
2022-11-02
a year crt.sh
*.samplicio.us
Amazon
2022-03-18 -
2023-04-16
a year crt.sh
public-prod-dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA
2022-07-26 -
2022-10-24
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1
2022-06-08 -
2023-06-10
a year crt.sh
*.google.de
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.cdnbasket.net
Go Daddy Secure Certificate Authority - G2
2021-09-27 -
2022-09-27
a year crt.sh
ids.cdnwidget.com
R3
2022-06-06 -
2022-09-04
3 months crt.sh
e.cdnwidget.com
R3
2022-07-13 -
2022-10-11
3 months crt.sh
*.wunderkind.co
R3
2022-06-14 -
2022-09-12
3 months crt.sh

This page contains 10 frames:

Primary Page: https://xfinityoffers.xyz/overview?entity=1073444
Frame ID: 27AFFCF51F405839D506AB55B1662EFA
Requests: 167 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: C62F6E61F27B1EB825D07E2474FAB8D7
Requests: 20 HTTP requests in this frame

Frame: https://polaris.xfinity.com/orc.html?domain=xfinityoffers.xyz
Frame ID: 762EF225D1D2483F9C336740C631500A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9c6269e8-4641-e261-dd25-4fc3136dea37%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.xfinity.com/&ex-hargs=v%3D1.0%3Bc%3D8324316060801%3Bp%3D9C6269E8-4641-E261-DD25-4FC3136DEA37&cb=961634634924344600
Frame ID: 5E0B8559F87CD978F54D62A74B34B1C5
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//xfinityoffers.xyz/overview%3Fentity%3D1073444&ns=&cb=562283.8550527078
Frame ID: 00872902FB6387024CA8BC90B6D22A48
Requests: 5 HTTP requests in this frame

Frame: https://4053494.fls.doubleclick.net/activityi;dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444
Frame ID: F470D458EA89E234503500A11DB17A1B
Requests: 5 HTTP requests in this frame

Frame: https://cdn.quantummetric.com/workers/quantum-comcast-worker.html
Frame ID: 87A1B681FBC6349678F314A01FD98F63
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Frame ID: CB3D6DB0D4EADD927D1BF19D4BB4FF0D
Requests: 38 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 70F2881FF44B56A6314FA4D515434FD3
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 31698B241611FC7E09834E1E02BB6CA4
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Internet, TV, Phone, Smart Home and Security - Xfinity

Page URL History Show full URLs

  1. http://xfinityoffers.xyz/?entity=1073444 HTTP 301
    https://xfinityoffers.xyz/?entity=1073444 HTTP 302
    https://xfinityoffers.xyz/overview?entity=1073444 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react

Overall confidence: 100%
Detected patterns
  • adrum

Overall confidence: 100%
Detected patterns
  • https?://fls\.doubleclick\.net

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 10%
Detected patterns
  • basket.*\.js

Page Statistics

279
Requests

83 %
HTTPS

26 %
IPv6

68
Domains

101
Subdomains

58
IPs

11
Countries

3507 kB
Transfer

8328 kB
Size

74
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xfinityoffers.xyz/?entity=1073444 HTTP 301
    https://xfinityoffers.xyz/?entity=1073444 HTTP 302
    https://xfinityoffers.xyz/overview?entity=1073444 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=31912626428261994344514808420044100204 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=219333204232000482828
Request Chain 58
  • https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_ HTTP 302
  • https://dpm.demdex.net/ibs:dpid=359&dpuuid=TxdBkqpC1Oj7MU5
Request Chain 60
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=4349564117173850171
Request Chain 61
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4133073632306300903
Request Chain 63
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzE5MTI2MjY0MjgyNjE5OTQzNDQ1MTQ4MDg0MjAwNDQxMDAyMDQ= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENuF3BOYCtIwcisBXNql9uA&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 66
  • https://c.bing.com/c.gif?uid=31912626428261994344514808420044100204&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=298B16572CDA61330B0B07A22DB160E3
Request Chain 67
  • https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5328646D03601F&gdpr=0&gdpr_consent=
Request Chain 69
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=31912626428261994344514808420044100204&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-zGagtFJE2pGSUrozU3UsMlJnhRHxIMHGyzo-~A
Request Chain 70
  • https://ag.innovid.com/dv/sync?tid=6 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=80742&dpuuid=c4372f02-8861-4eaf-ae03-4d89395e15cf
Request Chain 71
  • https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 307
  • https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
Request Chain 72
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=421be44f68d35004e762997903ac4888
Request Chain 73
  • https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAA5A07F1CkAAA8LE-mjLw?gdpr=0
Request Chain 78
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=rEGi2QYVRk-LbDWA0USLHA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=31912626428261994344514808420044100204
Request Chain 127
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?value=1.00&currency_code=USD&label=dAmVCKnhr2wQg4ic6AM&guid=ON&script=0 HTTP 302
  • https://www.google.com/pagead/1p-user-list/1023869955/?value=1.00&currency_code=USD&label=dAmVCKnhr2wQg4ic6AM&guid=ON&script=0&is_vtc=1&random=1803075685 HTTP 302
  • https://www.google.de/pagead/1p-user-list/1023869955/?value=1.00&currency_code=USD&label=dAmVCKnhr2wQg4ic6AM&guid=ON&script=0&is_vtc=1&random=1803075685&ipr=y
Request Chain 152
  • https://login.dotomi.com/profile/visit/js/1_0?dtm_cid=80315&dtm_cmagic=97cdaa&dtm_fid=3427&cachebuster=221023256190519650__;W10!!CQl3mcHX2A!RvPfnS4563TGC5ursn2TGQA7pM2_okxeUAzUAMW_iXdiqOKUj4CoiVYHNcZvR7gCuQ$ HTTP 302
  • https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fprofile%2Fvisit%2Fdisco%2Fjs%3Fdtm_cid%3D80315%26dtm_fid%3D3427%26dtm_cmagic%3D97cdaa%26cachebuster%3D221023256190519650__%253BW10%2521%2521CQl3mcHX2A%2521RvPfnS4563TGC5ursn2TGQA7pM2_okxeUAzUAMW_iXdiqOKUj4CoiVYHNcZvR7gCuQ%2524%26dtm_form_uid%3D477406634062374383%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://login.dotomi.com/profile/visit/disco/js?dtm_cid=80315&dtm_fid=3427&dtm_cmagic=97cdaa&cachebuster=221023256190519650__%3BW10%21%21CQl3mcHX2A%21RvPfnS4563TGC5ursn2TGQA7pM2_okxeUAzUAMW_iXdiqOKUj4CoiVYHNcZvR7gCuQ%24&dtm_form_uid=477406634062374383&gdpr=1&gdpr_consent=
Request Chain 153
  • https://publicis-36-adswizz.attribution.adswizz.com/fire?pixelId=9f535f6f-a45d-4b55-a7fc-c75ab94a925e&type=sitevisit&subtype=PageVisit1&aw_0_req.gdpr=true&redirectURL=aHR0cHM6Ly9waXhlbC50YXBhZC5jb20vaWRzeW5jL2V4L3JlY2VpdmU_cGFydG5lcl9pZD0yOTk0JjwjaWYgcmVxdWVzdC5saXN0ZW5lcklkP21hdGNoZXMoJ1swLTlhLWZdezh9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezEyfScpPnBhcnRuZXJfdHlwZWRfZGlkPSU3QiUyMkhBUkRXQVJFX0FORFJPSURfQURfSUQlMjIlM0ElMjIke3JlcXVlc3QubGlzdGVuZXJJZH0lMjIlN0Q8I2Vsc2VpZiByZXF1ZXN0Lmxpc3RlbmVySWQ_bWF0Y2hlcygnWzAtOUEtRl17OH0tWzAtOUEtRl17NH0tWzAtOUEtRl17NH0tWzAtOUEtRl17NH0tWzAtOUEtRl17MTJ9Jyk-cGFydG5lcl90eXBlZF9kaWQ9JTdCJTIySEFSRFdBUkVfSURGQSUyMiUzQSUyMiR7cmVxdWVzdC5saXN0ZW5lcklkfSUyMiU3RDwjZWxzZT5wYXJ0bmVyX2RldmljZV9pZD0ke3JlcXVlc3QubGlzdGVuZXJJZCF9PC8jaWY-Cg HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
Request Chain 154
  • https://publicis-37-adswizz.attribution.adswizz.com/fire?pixelId=92e737d2-b421-4f21-b907-95d97f00b515&type=sitevisit&subtype=PageVisit1&aw_0_req.gdpr=true&redirectURL=aHR0cHM6Ly9waXhlbC50YXBhZC5jb20vaWRzeW5jL2V4L3JlY2VpdmU_cGFydG5lcl9pZD0yOTk0JjwjaWYgcmVxdWVzdC5saXN0ZW5lcklkP21hdGNoZXMoJ1swLTlhLWZdezh9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezEyfScpPnBhcnRuZXJfdHlwZWRfZGlkPSU3QiUyMkhBUkRXQVJFX0FORFJPSURfQURfSUQlMjIlM0ElMjIke3JlcXVlc3QubGlzdGVuZXJJZH0lMjIlN0Q8I2Vsc2VpZiByZXF1ZXN0Lmxpc3RlbmVySWQ_bWF0Y2hlcygnWzAtOUEtRl17OH0tWzAtOUEtRl17NH0tWzAtOUEtRl17NH0tWzAtOUEtRl17NH0tWzAtOUEtRl17MTJ9Jyk-cGFydG5lcl90eXBlZF9kaWQ9JTdCJTIySEFSRFdBUkVfSURGQSUyMiUzQSUyMiR7cmVxdWVzdC5saXN0ZW5lcklkfSUyMiU3RDwjZWxzZT5wYXJ0bmVyX2RldmljZV9pZD0ke3JlcXVlc3QubGlzdGVuZXJJZCF9PC8jaWY-Cg HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
Request Chain 155
  • https://publicis-38-adswizz.attribution.adswizz.com/fire?pixelId=c13c743e-c94a-4bfd-a542-5fca5892e8ba&type=sitevisit&subtype=PageVisit1&aw_0_req.gdpr=true&redirectURL=aHR0cHM6Ly9waXhlbC50YXBhZC5jb20vaWRzeW5jL2V4L3JlY2VpdmU_cGFydG5lcl9pZD0yOTk0JjwjaWYgcmVxdWVzdC5saXN0ZW5lcklkP21hdGNoZXMoJ1swLTlhLWZdezh9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezEyfScpPnBhcnRuZXJfdHlwZWRfZGlkPSU3QiUyMkhBUkRXQVJFX0FORFJPSURfQURfSUQlMjIlM0ElMjIke3JlcXVlc3QubGlzdGVuZXJJZH0lMjIlN0Q8I2Vsc2VpZiByZXF1ZXN0Lmxpc3RlbmVySWQ_bWF0Y2hlcygnWzAtOUEtRl17OH0tWzAtOUEtRl17NH0tWzAtOUEtRl17NH0tWzAtOUEtRl17NH0tWzAtOUEtRl17MTJ9Jyk-cGFydG5lcl90eXBlZF9kaWQ9JTdCJTIySEFSRFdBUkVfSURGQSUyMiUzQSUyMiR7cmVxdWVzdC5saXN0ZW5lcklkfSUyMiU3RDwjZWxzZT5wYXJ0bmVyX2RldmljZV9pZD0ke3JlcXVlc3QubGlzdGVuZXJJZCF9PC8jaWY-Cg HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
Request Chain 157
  • https://4053494.fls.doubleclick.net/activityi;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444 HTTP 302
  • https://4053494.fls.doubleclick.net/activityi;dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444
Request Chain 195
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=219333204232000482828&ex=neustar.biz
Request Chain 196
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=vp-7D_yJS-CYvghkmXBDjA&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
  • https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=vp-7D_yJS-CYvghkmXBDjA&C=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YuoUXgGIJbDk-yIZA1wzrAAA
Request Chain 197
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=b894dcf16770954e707e7a9622c7acaf
Request Chain 198
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Request Chain 199
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=shBPNd1oTzmz10OU5jwecA HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=shBPNd1oTzmz10OU5jwecA
Request Chain 200
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a7b94421-3efa-4efb-b711-d60fe1098fd3
Request Chain 203
  • https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=bb2b2a43-d5be-449b-5821-a94528ed09ff
Request Chain 204
  • https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=87336826fc401dbe76619e70ee4db4f0&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 205
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Request Chain 209
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fc5d183f059ca776
Request Chain 210
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=m6aKc5zbST-CoDYR444uRA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=m6aKc5zbST-CoDYR444uRA
Request Chain 211
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=rEGi2QYVRk-LbDWA0USLHA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=31912626428261994344514808420044100204
Request Chain 212
  • https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=Ziu7s7nsTmGyzh6YAlIfEA HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818983312030411295&gdpr=&gdpr_consent=
Request Chain 214
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=877566848683660962
Request Chain 215
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=c8e8d860-12f4-11ed-9efd-192cb16e0206 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=c8e8d81d-12f4-11ed-9efd-192cb16e0206
Request Chain 216
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22c8f02d25-9fca-4217-8840-fa569e49c11d%22,%22Time%22:%2220220803T062327.067628%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=c8f02d25-9fca-4217-8840-fa569e49c11d
Request Chain 217
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEF0Kn2C7zOuTzndlqmabh1M&google_cver=1
Request Chain 218
  • https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=O_tc2w8Z
Request Chain 219
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1ecfb3c58ecaad131cad0411b9af672f
Request Chain 221
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=K7gjblG8b8iUrWEtejldmTc4dKY4ZgAC
Request Chain 222
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=43C7A6D397EA83CF
Request Chain 223
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=4349564117173850171&ex=appnexus.com
Request Chain 225
  • https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=IW2S5KgDS8KkHYSqciLxUcWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Request Chain 226
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=LdWvo18uSaaNFgLqe3SUGA& HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Request Chain 228
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2D5F14EA62B80419B20233C319
Request Chain 229
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=392ef88c4967ac2da67ea6f687fb54dadb7a10846034d0b115733a59d343ac56
Request Chain 231
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c3759d88-e9e6-4678-a111-d112ad183a21-tuct9e399df
Request Chain 242
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475828178/?random=2068174472&cv=9&fst=1659507806498&num=1&npa=1&label=R_euCJHu8r8DENKf8uIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOvBr6qEqvkCFYew7QodkHwDOw%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini00h%3Bord%3D9004507046157%3Bgtm%3D2od811%3Bauiddc%3D793358232.1659507806%3B~oref%3Dhttps%253A%252F%252Fxfinityoffers.xyz%252Foverview%253Fentity%253D1073444%3F&ref=https%3A%2F%2Fxfinityoffers.xyz%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=XhTqYsz8IpzImLAPmcy9aA&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/475828178/?random=2068174472&cv=9&fst=1659507806498&num=1&npa=1&label=R_euCJHu8r8DENKf8uIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOvBr6qEqvkCFYew7QodkHwDOw%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini00h%3Bord%3D9004507046157%3Bgtm%3D2od811%3Bauiddc%3D793358232.1659507806%3B~oref%3Dhttps%253A%252F%252Fxfinityoffers.xyz%252Foverview%253Fentity%253D1073444%3F&ref=https%3A%2F%2Fxfinityoffers.xyz%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XhTqYsz8IpzImLAPmcy9aA&cid=CAQSKQCsnQUx5_0tQ2FhkH5L9_znhpkYs8OKZqo_gfpXjl6Uwjd0dkMNI_zf&random=2117933683&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/475828178/?random=2068174472&cv=9&fst=1659507806498&num=1&npa=1&label=R_euCJHu8r8DENKf8uIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOvBr6qEqvkCFYew7QodkHwDOw%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini00h%3Bord%3D9004507046157%3Bgtm%3D2od811%3Bauiddc%3D793358232.1659507806%3B~oref%3Dhttps%253A%252F%252Fxfinityoffers.xyz%252Foverview%253Fentity%253D1073444%3F&ref=https%3A%2F%2Fxfinityoffers.xyz%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XhTqYsz8IpzImLAPmcy9aA&cid=CAQSKQCsnQUx5_0tQ2FhkH5L9_znhpkYs8OKZqo_gfpXjl6Uwjd0dkMNI_zf&random=2117933683&resp=GooglemKTybQhCsO&ipr=y&prhg=0

279 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request overview
xfinityoffers.xyz/
Redirect Chain
  • http://xfinityoffers.xyz/?entity=1073444
  • https://xfinityoffers.xyz/?entity=1073444
  • https://xfinityoffers.xyz/overview?entity=1073444
212 KB
30 KB
Document
General
Full URL
https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea7f199abca09f4732b8d82aaa8f7b3d7c2a3fa30c2343618e8e9e3ecc6dd7ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
734cf6d3ac7f9b3a-FRA
cloner
CfSiteCloner; www.xfinity.com
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 03 Aug 2022 06:23:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 03 Aug 2022 06:23:22 GMT
link
<https://assets.xfinity.com>;rel="preconnect",<https://assets.adobedtm.com>;rel="preconnect",<https://cdn.comcast.com>;rel="preconnect",<https://static.cimcontent.net>;rel="preconnect",<https://polaris.xfinity.com>;rel="preconnect",<https://comcast.demdex.net>;rel="preconnect"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FggczUGKWTcPnDcpFMUtnWKvmJEWrWvtoS1kC3P7LB7w6tT79tws0%2Bwg9L1wsRRhWXbG4%2FWaLkkbQt%2F5wm081Mk%2B70OdHneiHJ7f9bIHN5NUe3X7Z%2BUDPIhOJLA4NrLFJ79CVANsjClRl%2B7wEyfqw%3D%3D"}],"group":"cf-nel","max_age":604800}
request-context
appId=cid-v1:b4894a1a-4a8d-4275-b50a-7c11b179065d
server
cloudflare
vary
Accept-Encoding
x-akamai-transformed
9 31284 0 pmb=mTOE,3
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=0, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
734cf6d099139b3a-FRA
cloner
CfSiteCloner; www.xfinity.com
content-length
299
content-type
text/html; charset=utf-8
date
Wed, 03 Aug 2022 06:23:22 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 03 Aug 2022 06:23:22 GMT
location
https://xfinityoffers.xyz/overview?entity=1073444
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWt3ef%2Bjb85YyURVQXPnFftU9GXiwGOCEkUUuhLhzYi%2FV4ZWxuob9qtrM27TybotHizpSAGApLC%2BvWHcAGE297DZKbwoeMUGP%2Bt1Nd3fBX7NC6GIFfRO0X8hFESLdPgfQCG4jWqiOS%2BRpf6BOQjnzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xfnlog-site
XDS
fgvcvcDXWNp-288ETvUthNvDuwM.js
xfinityoffers.xyz/cdn-cgi/apps/head/
4 KB
2 KB
Script
General
Full URL
https://xfinityoffers.xyz/cdn-cgi/apps/head/fgvcvcDXWNp-288ETvUthNvDuwM.js
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da11fa2945a854c33772418178a05db0320f00ef941a8e4e7abca4e135ab8519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/overview?entity=1073444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y2EEWFRPSJRZHR7G
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-version-id
sUn8k0OtD0rc5WutUv8qwHrCWwBYLL0H
x-amz-id-2
zZyFUJJuFhN8XEHNQ5d+uKMCgiI4zYrOYCMN3F1QIOW3ZYJwUcecFVOHHN/JbDZ5bVu56IvNOT8=
last-modified
Sat, 23 Apr 2022 10:42:09 GMT
server
cloudflare
etag
W/"4610dfca4b1dfa3ce24b517de537ab1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oXgr2S8k08CkiYDWu2AW3aeoeRE%2FEJmC7mkgxuyi5PjuO8cS4PPwfWhDBjviG7kKzR8Pv7JcoMXeL5ICr5mBtVL%2BYci9MJQD9a8zwaF0yjyBRokUu8lPZiRINrwWP4GdBqs%2BFfU4s2FBwDa%2BzrMlvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
734cf6d7bd6191db-FRA
834.4b6a56d29295f81675d0.js
xfinityoffers.xyz/xfinity-learn-ui/
1 MB
343 KB
Script
General
Full URL
https://xfinityoffers.xyz/xfinity-learn-ui/834.4b6a56d29295f81675d0.js
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc7651714c6246c9f7495fa9e5c52486730483360c49d4119e18ce41e04d6d67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/overview?entity=1073444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:22 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:21d14044-92df-44ae-b28a-8813d6428f63
last-modified
Fri, 08 Jul 2022 10:10:18 GMT
server
cloudflare
etag
W/"13c034-181dd49eb10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5OgWcjSFoyyr7nzNx7RAc9M%2F3Mw1HHfr3COggj1GKWpuAck5vWjcvxRehnKv1xSIAz6as%2BodVY2lnvW3N9RPlgKz3lvZ8jZQSq%2B%2BHdvJ3DLPQ7BVJZD9Au5Kgfrx1PojE9Sgrd%2BJx0r91zcDoSlaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31397731
cf-ray
734cf6d7bd6291db-FRA
cloner
CfSiteCloner; www.xfinity.com
main.f88ddb7113628410f24d.js
xfinityoffers.xyz/xfinity-learn-ui/
1 MB
225 KB
Script
General
Full URL
https://xfinityoffers.xyz/xfinity-learn-ui/main.f88ddb7113628410f24d.js
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96adde4f65e0389a8d2949b7c1fe631e7cb2dae7b24b35c28ed5d6d66465ed03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/overview?entity=1073444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:21d14044-92df-44ae-b28a-8813d6428f63
last-modified
Thu, 28 Jul 2022 10:11:50 GMT
server
cloudflare
etag
W/"12d2f3-182444a8270"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5bSPHmvX1Hc0%2BGG%2Ffxcfxi0CvKW7KSooEN2jM6Bv3RDMjlyv1MFRq9RVyt98%2BTJ0O2KIbDC8P%2FbWlsQENy4gtebeKWiPgD90C6m7F9kpzXsj%2BOOMF2a4JEcnjqhNvMSr7ZAcsih7lTNteomfJPo1Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31511033
cf-ray
734cf6da180791db-FRA
cloner
CfSiteCloner; www.xfinity.com
834.6333e56cbad3c8f78992.css
xfinityoffers.xyz/xfinity-learn-ui/
215 KB
33 KB
Stylesheet
General
Full URL
https://xfinityoffers.xyz/xfinity-learn-ui/834.6333e56cbad3c8f78992.css
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce1af9b55a97fa21cbe40947a9268541647539de76dd8061669cd989cc07e8ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/overview?entity=1073444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:22 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:21d14044-92df-44ae-b28a-8813d6428f63
last-modified
Thu, 28 Jul 2022 10:11:50 GMT
server
cloudflare
etag
W/"35ad2-182444a8270"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IICFKfS2GpdLi16TvTBg23w1iMoNr7BJiPmrUqFHzqiMM%2Fy9L6akaVWVInx4jP1e%2B82o%2BPeAkXC3YiqVB3dVEG6P00ZOW18ESdXi11oTHGQrSLNOgPEMUD3nO0M54rJjc4AXKT5q5Jj0qbS9uz%2B1sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31510977
cf-ray
734cf6d7bd6391db-FRA
cloner
CfSiteCloner; www.xfinity.com
main.6333e56cbad3c8f78992.css
xfinityoffers.xyz/xfinity-learn-ui/
111 KB
18 KB
Stylesheet
General
Full URL
https://xfinityoffers.xyz/xfinity-learn-ui/main.6333e56cbad3c8f78992.css
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc84bb4115d3c1b5b1fa8f659849d92e6b38a67d968e8f8043e6cd6df983852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/overview?entity=1073444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:22 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
request-context
appId=cid-v1:21d14044-92df-44ae-b28a-8813d6428f63
last-modified
Thu, 28 Jul 2022 10:11:50 GMT
server
cloudflare
etag
W/"1bac4-182444a8270"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0mOXlDvW%2BAJrNs2yDlALBmvPgaaGS4ug2lIURQ4A0AImuEthjmuu0N8SFhufUx3ppZP%2B0ie7DZ%2F1msNEMLPNmUsQFhfHV57N1rczQK%2B0RHK0GqqcWK2jV1akIQ1NxHmluoumLvKMC%2FAAQtLfwHRNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31511034
cf-ray
734cf6d7bd6591db-FRA
cloner
CfSiteCloner; www.xfinity.com
/
static.cimcontent.net/data-layer/
96 KB
28 KB
Script
General
Full URL
https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:499::30d4 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a3e285118ddd861d723135af4b7837e9103f9266f71874074f38c8c312a4658

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
fKplV5kH3bl433O0oewEGI0jTKxiinHW
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 18:41:24 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
etag
"623d77ad12a7998f05713fb491fdef9d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
date
Wed, 03 Aug 2022 06:23:23 GMT
accept-ranges
bytes
content-length
28479
x-amz-cf-id
Kis1oVwHxPYlvwGz-jcHb0_tfWZKjlKfL2jFXag1E4oOV29doADdhw==
6e5ad451
xfinityoffers.xyz/akam/13/
0
0
Script
General
Full URL
https://xfinityoffers.xyz/akam/13/6e5ad451
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/overview?entity=1073444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OPrLJ86LbXD0ipDN7hp3h6Mc5kzbqiFK8x2yvxmcN5jnGIoGvnRaoAC%2BXCO65F61M8gzSNRqO6%2FH%2BtmvZBCghWHSkvO0s9Oj35V7D9YMfNPV93nFuLbn9m3vazPhb95bSpYa37uDokFK%2Fk5yVk0GNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
expires
Wed, 03 Aug 2022 06:23:23 GMT
cache-control
max-age=0, no-cache, no-store
cf-ray
734cf6da482f91db-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
cloner
CfSiteCloner; www.xfinity.com
E020F7373720426891AC068F01DA5A2A
cdn.comcast.com/-/media/
944 B
821 B
Image
General
Full URL
https://cdn.comcast.com/-/media/E020F7373720426891AC068F01DA5A2A
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:2bc::2af2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8f6e1abd2d0c7965b33e2520eb20b841fd3ed6a39c9292808e8d192e86e5b359
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-xfnlog-site
XDS
content-disposition
inline; filename="xfinity-dark.svg"
content-length
531
etag
last-modified
Tue, 27 Feb 2018 18:19:40 GMT
x-frame-options
SAMEORIGIN
date
Wed, 03 Aug 2022 06:23:23 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
private, max-age=31531515
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Thu, 03 Aug 2023 05:08:38 GMT
Icon_Internet_Check_outline_White.svg
assets.xfinity.com/assets/dotcom/projects/cix-3020_black_friday/
523 B
884 B
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-3020_black_friday/Icon_Internet_Check_outline_White.svg
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91d9994900a38f268727efc8c744ced60d79daed04a0d9c5bc1a6bd79f7402c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Mon, 22 Nov 2021 22:24:13 GMT
server
AmazonS3
x-amz-request-id
WBDQ38ZD4T7MKJRS
etag
"8ab83592219fe5a6f8f03f7705f30cd3"
content-type
image/svg+xml
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=18
accept-ranges
bytes
content-length
523
x-amz-id-2
G6jz40mDL544aPwIltLpo5bUayCTenEsI/qnoLO9Duv+fpUVzGLsURx0xYCPWWiNubIBGMZCYdw=
expires
Wed, 03 Aug 2022 06:38:23 GMT
HP_XB8_Left_2Up-Desktop.jpg
assets.xfinity.com/assets/dotcom/projects/cix-3560_unbeatable-internet-xb8-launch/
110 KB
110 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-3560_unbeatable-internet-xb8-launch/HP_XB8_Left_2Up-Desktop.jpg
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a354154fcbe0c2ad727613039555d0ff7a863377978d069e08f34d0d395ed9b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Wed, 30 Mar 2022 15:46:46 GMT
server
AmazonS3
x-amz-request-id
187YP7N6BYH12Z89
etag
"f4cab9e8a58d31d8c5ab70087e8a8ee9"
content-type
image/jpeg
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=20
accept-ranges
bytes
content-length
112324
x-amz-id-2
GcM6bkTZk5OTKmrDwXC6QxJ588iRhq+7gJ7GVPW0ricSkmDQI+2xxtNjtzHQrAuQhnorx1HndAI=
expires
Wed, 03 Aug 2022 06:38:23 GMT
SamsungGalaxy_Tile02_Desktop.jpg
assets.xfinity.com/assets/dotcom/projects/cix-3570_xm--xb8-placements-super-bowl-response/
172 KB
173 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-3570_xm--xb8-placements-super-bowl-response/SamsungGalaxy_Tile02_Desktop.jpg
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f404d909d502fda9b4ec39c2786563ebb6fbb62eef10d8db84c7525be4cab927

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
unused62
8096267
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 10 Feb 2022 16:12:58 GMT
server
AmazonS3
x-amz-request-id
RFDKRJQJ2K2F716Y
etag
"69deb27269989a4ef584cb1882a37b7e"
content-type
image/jpeg
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=20
accept-ranges
bytes
content-length
176444
x-amz-id-2
mvbWbQyK42k/Qkbw+kY+L9WiwRAFVVKddI2J5xj8JoW6YWGVa4/DSXi2tdV13VtWGhlUZYJn7qseaQfKwTh0Hw==
expires
Wed, 03 Aug 2022 06:38:23 GMT
Icon_wayfinding_green50_88x88.svg
assets.xfinity.com/assets/dotcom/icons/
2 KB
1 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/icons/Icon_wayfinding_green50_88x88.svg
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0eca03827c6c63a6efa3ac3f1f7b63a2fcc2d2d393689abe918f7ea093d36e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 14:30:01 GMT
server
AmazonS3
x-amz-request-id
WCAQXE517D4A6GR1
etag
"1e9ec4838c01ed2fa4abbc1d3592ba52"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=13
accept-ranges
bytes
content-length
686
x-amz-id-2
lZ/m7mgMAJ+aLMVNlJi1Jxl7oQjiKPegIznGpcyitTfx2vADfFbion65bsP38zLZ9WVpNrFeLEc=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Width-spacer.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
3 KB
3 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/Width-spacer.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
059f933e15d14cba472d1e97aad97febb895c1c25e77b6a80a79e75ec48d0292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Wed, 23 Jun 2021 23:10:33 GMT
server
AmazonS3
x-amz-request-id
ZA92Y810V00G6XAF
etag
"044f5e131e0783352934e446578854f2"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=14
accept-ranges
bytes
content-length
3101
x-amz-id-2
nmqPaiV0/7KE72rWw9uq6UJFBk1Zj3IAaeQ9kn/aB8Fvkbl/XTlJZVl84dSRtyUChDH83RGrLfc=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Icon_pricetag_red40_88x88.svg
assets.xfinity.com/assets/dotcom/icons/
690 B
1 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/icons/Icon_pricetag_red40_88x88.svg
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28ec916479431a2358c6ba22b78d8796dac76ebbd2e322cddfc8fdf76dbe2852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Mon, 21 Jun 2021 14:30:00 GMT
server
AmazonS3
x-amz-request-id
8Y0NQD2DB6GNEAT4
etag
"f6b89104d749a9440193eaa29a3d1fc1"
content-type
image/svg+xml
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=12
accept-ranges
bytes
content-length
690
x-amz-id-2
BCJ4iVmR8oliWB8t/eXuaB5KsWFWZJ1B5Cu5dC5AuYoF0dxSGZkcOM+yUOq+F1f/USODZhmolCw=
expires
Wed, 03 Aug 2022 06:38:23 GMT
icon_person_purple_outline.svg
assets.xfinity.com/assets/dotcom/icons/
2 KB
1 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/icons/icon_person_purple_outline.svg
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae6d4ea51b966b37eb69310012c3f6ab6af0779be264b8a1aa36a2b8aacdb819

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
gzip
last-modified
Tue, 22 Jun 2021 19:32:38 GMT
server
AmazonS3
x-amz-request-id
NATXR1WGZSG6NYJ8
etag
"fbd88d043246677dc267d20602b7963c"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=14
accept-ranges
bytes
content-length
962
x-amz-id-2
erPV4IIUGcvttj4eCXTKXJcGm1va7B4rUe33ggIcfx/cK976oNufIGN1jJWx+NDmXdSsO/cj2t0y2KtbehR5jw==
expires
Wed, 03 Aug 2022 06:38:23 GMT
Image_HoverTiles_InternetDevice.png
assets.xfinity.com/assets/dotcom/projects/cix-3560_unbeatable-internet-xb8-launch/
13 KB
14 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-3560_unbeatable-internet-xb8-launch/Image_HoverTiles_InternetDevice.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b598e066ae346807f7f6309fd72eaa6e0bca4947a8aef6ba6a326b7554abdd86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Wed, 30 Mar 2022 15:44:01 GMT
server
AmazonS3
x-amz-request-id
K3KAWPTGGXDSVQX9
etag
"4da3b54be04f147c8c420974f94c6f9a"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=7
accept-ranges
bytes
content-length
13503
x-amz-id-2
3nzYzBtctKSUUWjtOwRXLxdZY1cAYvN9lYl/Pi1JwmSN2JPRxCxx6H+zTWlmkOGhqHYw21rm+uw=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Image_HoverTiles_VideoDevice_Desktop.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
16 KB
16 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/Image_HoverTiles_VideoDevice_Desktop.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b45807ad2e5ece54afa5297bdf4c52b351766106ad3e6f280a2a1f87105ede6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 17 Jun 2021 13:11:33 GMT
server
AmazonS3
x-amz-request-id
8Y0J69G8QH800JQF
etag
"8a10de9e1472c3e34dcc8e91d390768e"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=6
accept-ranges
bytes
content-length
15973
x-amz-id-2
qpJQZxNq4ETnHVxgfFTVMvwiDTk+J7cr5p8dn2daHPfs/v2KnQJqb+uNmeByAhzv8beLDmDC98M=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Image_HoverTiles_MobileDevice_Desktop.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
8 KB
8 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/Image_HoverTiles_MobileDevice_Desktop.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00442a6f990774ff26d567029c9abc41e597890804a111b9f150a3aac14f3cd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 17 Jun 2021 13:11:34 GMT
server
AmazonS3
x-amz-request-id
64GQFK4EEV8M1EFC
etag
"636e4ebadba9c8fdd879f8c701c593ef"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=6
accept-ranges
bytes
content-length
8233
x-amz-id-2
Bd8A7anQphHgkgBGx5N5hkg0h9gDFwDd/VqnsUof9w/WfXKXOuJqBOReGhAHTHP8eryW4tfK7TQ=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Image_HoverTiles_CameraDevice_Desktop.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
8 KB
8 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/Image_HoverTiles_CameraDevice_Desktop.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7cdb5caa6c8bf6ff863c2005db15f84f428634e51969a95b48f57fa05da7804

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 17 Jun 2021 13:11:34 GMT
server
AmazonS3
x-amz-request-id
XDDMYW4H88NK83N1
etag
"b0ec7fa2ee1c2f534f84346c3ebfb654"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=6
accept-ranges
bytes
content-length
7848
x-amz-id-2
8juAvxip8bZUP1ev85o0MiSLaSB0aicZZmBBYFlnpo5oN2pcAoZXaM/hO/C4Z3dugZMqhP7xawY=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Image_HoverTiles_PhoneDevice_Desktop.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
20 KB
20 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/Image_HoverTiles_PhoneDevice_Desktop.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2f04a059ac4b6cc886a06d5c2d4b2ae4644fb56d04bcc36c40f8364785c72400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 17 Jun 2021 13:11:34 GMT
server
AmazonS3
x-amz-request-id
6HJEZX0643PQ70KR
etag
"91ed37df7e1e8614c2c70b8976ebcd08"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=5
accept-ranges
bytes
content-length
20324
x-amz-id-2
bfqFjKYM4cU3rTzAXCIvU8foRn7r8voo5sSns2K2xCQEGL/fmbpOhjWcZAlGkZ24D12KT3MJFC0=
expires
Wed, 03 Aug 2022 06:38:23 GMT
GFWY
xfinityoffers.xyz/2lQX/Tz_R/k8/2G34/VhnQ/EYm5mtLz/MRg4WlVeUwU/FCImEhd/
84 KB
23 KB
Script
General
Full URL
https://xfinityoffers.xyz/2lQX/Tz_R/k8/2G34/VhnQ/EYm5mtLz/MRg4WlVeUwU/FCImEhd/GFWY
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/overview?entity=1073444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Mon, 28 Feb 2022 19:29:24 GMT
server
cloudflare
etag
W/"a7a61709860c0c57ec0c92584ae4f1bc214dfc71043ea43843572e55d14841f6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lR1vunW4JZKsq8qVpV4z9m4zfmulDXECiuML%2FuKmCuRd42GC7zxgtIzLB9P3l3GuH3RIrw7%2BiUz89gRuAW0u92PjjMK70sdQeSMjtSp9um5AfWzVlG46TzxHPpuO33Su9stgl3l0qRPtcuPhnMlT3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=21600
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
734cf6d9bf8691db-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cloner
CfSiteCloner; www.xfinity.com
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:24 GMT
x-amz-apigw-id
WRgebG3BoAMFq9g=
x-amz-cf-id
695zBtvbHgRd5Xy5DvtYg9NvqHqDMoIRAto6cKUs8246Fl4qnscGkw==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
420ad5ea-f06e-430f-bfd2-6d1f3da723fe
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:24 GMT
x-amz-apigw-id
WRgeZHUqIAMFy5w=
x-amz-cf-id
MMhFYycNNSWc-i1WOQEdRe6Y7uKHFzAT3lvvMPb8dpTpNvcgyUH2ZQ==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
19e20d5b-3d48-4919-95fe-0d8528e77609
launch-e80baf9c0255.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/
558 KB
141 KB
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/launch-e80baf9c0255.min.js
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1284c73727db10782c02d61166e1aeaae8beae688c94f181953baf3ccee7b9de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:17 GMT
server
AkamaiNetStorage
etag
"e822ad850526a7cc18c717d4550cb712:1659034697.740538"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
143339
expires
Wed, 03 Aug 2022 07:23:23 GMT
adrum45162845.js
cdn.comcast.com/-/media/Common/adrum/
102 KB
32 KB
Script
General
Full URL
https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:2bc::2af2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3f872b7c1ea83bc597822ad8cef76084cf3e036a94d8dffa6d0f1a37c4a5b795
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-xfnlog-site
XDS
content-disposition
inline; filename="adrum45162845.js"
content-length
32024
etag
last-modified
Tue, 18 May 2021 17:46:51 GMT
x-frame-options
SAMEORIGIN
date
Wed, 03 Aug 2022 06:23:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
private, max-age=488
accept-ranges
bytes
x-robots-tag
noindex, nofollow
expires
Wed, 03 Aug 2022 06:31:32 GMT
/
dl.cws.xfinity.com/event/
110 B
488 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
162cdddbc2239f23aae42e21113ee39e9623fd02149b43d1179499d57c96a9d7

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:24 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgefGI2IAMFpvw=
x-amzn-requestid
cc1de4a8-3354-48f8-8802-c392c624d82e
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145c-3e6072732792f1a644b72862
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
06KQEAZdq_Tbcdl5gqLInEZBN0b-22Sa3Y0I9TRhP5Ca7ahAW7Dokg==
/
dl.cws.xfinity.com/event/
110 B
491 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2b3a473bd31d3f8ab2e05fcfc4e109222b92460e0331db9c52bfe894c1688de5

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:24 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgedE4bIAMFxLg=
x-amzn-requestid
43c28243-eff0-4e93-b5ba-a3a4011581c5
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145c-0d5b63f71cb44b7e25e27d1b
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
MQA5pfQTQxx_LPQmp2CnBuVwN7NbxkWrWE0eZBFRPkRYZ-L9vyy5UA==
xfinitystandard-light.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/
27 KB
27 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/xfinitystandard-light.woff2
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/xfinity-learn-ui/834.6333e56cbad3c8f78992.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:499::30d4 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

Request headers

Referer
https://xfinityoffers.xyz/
Origin
https://xfinityoffers.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
RfHwnaHuRDNOH6o9ymrRbEDWu18br5qz
last-modified
Wed, 01 Sep 2021 16:24:42 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
etag
"f05d3ebe80809d82ab14d62a79da544e"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 03 Aug 2022 06:23:23 GMT
accept-ranges
bytes
content-length
27420
x-amz-cf-id
9V2IQPO2jIDhYW49qVu5_drg-ohUZ1zQI619mcqpaXwRdFbnoNbfmA==
/
dl.cws.xfinity.com/event/
110 B
490 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
683eb61a7c4d2f159a57f01b3ef838451d8046f8986c7c407600d5ec3739a50f

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:24 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgefEjvoAMFgcQ=
x-amzn-requestid
0125cfe5-2bc6-4061-b38a-ab9fc80df6c6
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145c-5c2d2a84416421fd4c2b7108
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
LEp4fr5zH6OB9ZnVhf7p8yVkA5syyXMDErUwGx4sNBMINUHFLqrggw==
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:24 GMT
x-amz-apigw-id
WRgebEefIAMF7Aw=
x-amz-cf-id
C0ADlfHXqmCNiZtw1Hx3JrI1OIF-4b8v3UpN-MI4Ukc9E-Qx7fHMMQ==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
b0dbdaa1-e4da-4c04-94d5-2d508319095f
GFWY
xfinityoffers.xyz/2lQX/Tz_R/k8/2G34/VhnQ/EYm5mtLz/MRg4WlVeUwU/FCImEhd/
18 B
1 KB
XHR
General
Full URL
https://xfinityoffers.xyz/2lQX/Tz_R/k8/2G34/VhnQ/EYm5mtLz/MRg4WlVeUwU/FCImEhd/GFWY
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer
https://xfinityoffers.xyz/overview?entity=1073444
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 03 Aug 2022 06:23:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b4Z56vZDxxtaFsvfWJD2kC2V%2BjfnHU%2FF2qy9Tx4yG4XuViS25oPQHBMTHtjo%2BgpJXmbtWul67mcWgAxyKvNVl4oneh3B02Ynpp0ccWldso8y6s3HCYEUGFiLAY2GzUB7X9fBBLXXL4GCBu%2BZGPKxaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
734cf6dac8cf91db-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18
cloner
CfSiteCloner; www.xfinity.com
3for1_Hero_fullimage_Desktop.jpg
assets.xfinity.com/assets/dotcom/projects/cix-3902_xfinity-3-for-1-landing-page/
138 KB
139 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-3902_xfinity-3-for-1-landing-page/3for1_Hero_fullimage_Desktop.jpg
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29d9cf405c2a0b560bc167610274b7c9beb0c1613ca2381c0996c0caba9aa578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Wed, 04 May 2022 23:01:45 GMT
server
AmazonS3
x-amz-request-id
WBDP0PA9GYB3ZQG5
etag
"b4d4bfd9a7de6a1147f26763aeeef735"
content-type
image/jpeg
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=20
accept-ranges
bytes
content-length
141179
x-amz-id-2
o9UT3KTCXtpAW1rzvAl6Mi4VY+2bxC/DwU+j0U484nFsgCxKnzDP91KZRyUc8BaduX+cC9Y87IA=
expires
Wed, 03 Aug 2022 06:38:23 GMT
CIX-3382_HomePage-ACP-Badge-Full-Image_Desktop.jpg
assets.xfinity.com/assets/dotcom/projects/cix-3382_ebb_badge_updates/
58 KB
59 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-3382_ebb_badge_updates/CIX-3382_HomePage-ACP-Badge-Full-Image_Desktop.jpg
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
512d9082e95ad6923a81a811d1dcf9839a8d889954a18f00c32366f89507655e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Mon, 20 Dec 2021 23:05:13 GMT
server
AmazonS3
x-amz-request-id
FWVPM30FMY98DZ4C
etag
"a7a45d4c73d15a751283368d7f64ddcb"
content-type
image/jpeg
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=5
accept-ranges
bytes
content-length
59589
x-amz-id-2
1SXXRDUU8QCJkXgWqNXNloHj0aUbPvZCftBI8/PvAJ69xDhc2oEJkvhT5CpWKcc+l3AVGV+cSbo=
expires
Wed, 03 Aug 2022 06:38:23 GMT
HP_JulyMVE_FullImage_XfinityApp_ImageRight_Desktop.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
188 KB
188 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/HP_JulyMVE_FullImage_XfinityApp_ImageRight_Desktop.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b979e8e81ec5918de3bd3a54a5a1f7c4354761275d665b7891bbf48b81d094d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 24 Jun 2021 14:10:12 GMT
server
AmazonS3
x-amz-request-id
7329FD4K88GSQZEP
etag
"9db9d209411da55bfaf88fa1df92d932"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=6
accept-ranges
bytes
content-length
192144
x-amz-id-2
nr/ZDLB9y67g5pCYFOJc/89WNNutwflShQzQ6mQ0tkPnT5pyfiABnzofYGdb4A4N2to2eaER1/w=
expires
Wed, 03 Aug 2022 06:38:23 GMT
HP_JulyMVE_FullImage_Rewards_ImageLeft_Desktop.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
41 KB
41 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/HP_JulyMVE_FullImage_Rewards_ImageLeft_Desktop.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f54a753a60b9ca12da6deadda4c7a94b2e5ba1e5fc36d84a38ad972452ed1597

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 17 Jun 2021 13:09:09 GMT
server
AmazonS3
x-amz-request-id
10CAB9BQXWNTMP5V
etag
"904a48c4e412380d34d01c6fee7af9ef"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=5
accept-ranges
bytes
content-length
41932
x-amz-id-2
Eglu8cYoUwqL379ZUK+dI33n5WIRZOykPUgEwQQrtnhk3zWXP2LVrXhiiEVKus6Xh36uevg6XS8=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Image_HoverTiles_InternetBackground.png
assets.xfinity.com/assets/dotcom/projects/cix-3560_unbeatable-internet-xb8-launch/
92 KB
92 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-3560_unbeatable-internet-xb8-launch/Image_HoverTiles_InternetBackground.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cb9678da466c4a2dbef477f6b6217fa99c6448ecaefa1c05feb32567652f81f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Wed, 30 Mar 2022 15:44:01 GMT
server
AmazonS3
x-amz-request-id
K3KDYZK7ENR6NT79
etag
"7f5f75c2b7dfc7ad3b91c7d3fe3476ef"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=5
accept-ranges
bytes
content-length
94118
x-amz-id-2
auysDJBliNunhbcdi75CKZ3ndxpYTjCGlWxryKFmIVgpQ3v79jjYUHijXW36ICqT5IGbTXJ8SYQ=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Image_HoverTiles_VideoBackground_Desktop.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
147 KB
147 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/Image_HoverTiles_VideoBackground_Desktop.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ceb11e3b78aaa7ceb817f5814fc972862699fc6ecadce18d148676d85235817d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 17 Jun 2021 13:11:33 GMT
server
AmazonS3
x-amz-request-id
YDG1N6YMV6GH222V
etag
"d292ee06262e94a56a3d55d999fde865"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=9
accept-ranges
bytes
content-length
150319
x-amz-id-2
RnjnU8IDBhE5SC0ioy5t0kyq8MVMLPPXalA+C0x6W85w92jRpwEjZV6YtJHqo6Y7g6wxX538SHI=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Image_HoverTiles_MobileBackground_Desktop.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
153 KB
154 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/Image_HoverTiles_MobileBackground_Desktop.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
47ae953e563096176354dbbb9da550fbb1aa2b7adb9ae5daa9a55d245f71e854

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 17 Jun 2021 13:11:34 GMT
server
AmazonS3
x-amz-request-id
8RXKGQJEMWREKSZN
etag
"eef73c1c5d34f7b5caef0310d8fb1ee0"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=10
accept-ranges
bytes
content-length
156811
x-amz-id-2
Ihe/B1+ZE1F2D2W/FxaGrY6ytBcuQYDoJ3cdQwf43hLw9DXrsW0Vh/XPw4dESPauIi2tHj7kYVI=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Image_HoverTiles_CameraBackground_Desktop.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
119 KB
119 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/Image_HoverTiles_CameraBackground_Desktop.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f580a18028aefc450677d115b637d758461a8068cd22062e6a86640fa353b1ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 17 Jun 2021 13:11:36 GMT
server
AmazonS3
x-amz-request-id
ACVTPXV8ZVHVE8S9
etag
"1c751e055fe7074d40df9f144367bad5"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=9
accept-ranges
bytes
content-length
121583
x-amz-id-2
4EdrXmvw0+1cUz3jyWrM/ffoqO2POoXD7D5WzqeTKrwucoNpvVMdA/k2oKvFh11tsh2q2Av7mNg=
expires
Wed, 03 Aug 2022 06:38:23 GMT
Image_HoverTiles_PhoneBackground_Desktop.png
assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/
180 KB
181 KB
Image
General
Full URL
https://assets.xfinity.com/assets/dotcom/projects/cix-1976-learn-july-launch/Image_HoverTiles_PhoneBackground_Desktop.png
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:488::20b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3fac3c7275cc0616c4d1f5717b76cb8e1d488840f080b48489ad1f1c5717d8d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 03 Aug 2022 06:23:23 GMT
last-modified
Thu, 17 Jun 2021 13:11:33 GMT
server
AmazonS3
x-amz-request-id
X1DHDYN1NG5JF2HN
etag
"3b44e03a75ec1e7997a474e8e819d579"
content-type
image/png
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=5
accept-ranges
bytes
content-length
184812
x-amz-id-2
7Pkj8FLZdyA3iLwCNdS5J1Hee0xR1LRZ4bv0m2GDGP1lVgcut3Sy6rOQB3pbs96bfidiTb5X3fw=
expires
Wed, 03 Aug 2022 06:38:23 GMT
dmsans-bold.woff2
static.cimcontent.net/common-web-assets/fonts/dm-sans/
29 KB
30 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/dm-sans/dmsans-bold.woff2
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/xfinity-learn-ui/834.6333e56cbad3c8f78992.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:499::30d4 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4fc8ea1d0db62d19b2320e0299afe1c60abc0aacb7ba34d4169d56bcc828fe2

Request headers

Referer
https://xfinityoffers.xyz/
Origin
https://xfinityoffers.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
VlEEW_IstBdLzPa7r8nHikIZe4UbnKFZ
last-modified
Wed, 01 Sep 2021 16:24:41 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
etag
"5f8fa708197e8666b28fecf16ab5c7f9"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 03 Aug 2022 06:23:23 GMT
accept-ranges
bytes
content-length
29872
x-amz-cf-id
-JVfWDL0MJ6QiWY0uaSMmZpQH97bsYAUiugnM1TRlJMLhbNukdF5hQ==
dmsans-regular.woff2
static.cimcontent.net/common-web-assets/fonts/dm-sans/
29 KB
30 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/dm-sans/dmsans-regular.woff2
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/xfinity-learn-ui/834.6333e56cbad3c8f78992.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:499::30d4 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40aefc09f33205666c2c42f20d54285147ae9434ef5f8018481950fd67ddcb68

Request headers

Referer
https://xfinityoffers.xyz/
Origin
https://xfinityoffers.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
GkqzN0jRZwlG3tiAqTt8UWrj_xYnyr1Z
last-modified
Wed, 01 Sep 2021 16:24:41 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
etag
"b9d5e5cad821648da76e2fedb6c6a680"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 03 Aug 2022 06:23:23 GMT
accept-ranges
bytes
content-length
29920
x-amz-cf-id
0Csal0wpGoZsYzIEqlEpQl2R0cVF9robcybD3Gi3wElN87qrNjYNTw==
xfinitybrown-bold.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-brown-optimized/
87 KB
87 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-brown-optimized/xfinitybrown-bold.woff2
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/xfinity-learn-ui/834.6333e56cbad3c8f78992.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:499::30d4 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69420c9db91c689c4ea04655f57a0bcea09b71003f21cd5e56afa71b80f049f0

Request headers

Referer
https://xfinityoffers.xyz/
Origin
https://xfinityoffers.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
CZ_MLxzcZL3hhcinvciJrKax9c7YK2xt
last-modified
Wed, 01 Sep 2021 16:24:41 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
etag
"ee9034e40cbca864ab03bdfab7ea3f8f"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 03 Aug 2022 06:23:23 GMT
accept-ranges
bytes
content-length
88920
x-amz-cf-id
mByg0uMv3Q-goPCXwfNuPAKcL0XU7LNurC7oVpgM8Zt9k4tVnJAYeA==
dmsans-medium.woff2
static.cimcontent.net/common-web-assets/fonts/dm-sans/
29 KB
30 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/dm-sans/dmsans-medium.woff2
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/xfinity-learn-ui/834.6333e56cbad3c8f78992.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:499::30d4 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da319dcae9d21873bf2ad8b146767e023772a8f0a4fd7446156b3d61b9c83098

Request headers

Referer
https://xfinityoffers.xyz/
Origin
https://xfinityoffers.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
4PsddOg8bLvjHdiYBm2tGDXlNVaJeelo
last-modified
Wed, 01 Sep 2021 16:24:41 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
etag
"935dd4c230fc4105c9c5bca40e99f815"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 03 Aug 2022 06:23:23 GMT
accept-ranges
bytes
content-length
29896
x-amz-cf-id
B0tDUkXuV2Hubc4W1zyQaplZ6L7zrGXvPVqgfz9ZbrszsKe-kn50nQ==
xfinitystandard-regular.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/
26 KB
26 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-standard-optimized/xfinitystandard-regular.woff2
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/xfinity-learn-ui/834.6333e56cbad3c8f78992.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:499::30d4 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Referer
https://xfinityoffers.xyz/
Origin
https://xfinityoffers.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

unused62
8096267
x-amz-version-id
ZBU8KNT9JUCA7eb.DldcdEvNgbvGR.6L
last-modified
Wed, 01 Sep 2021 16:24:42 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
etag
"e3e79cd377b28c1e7ffea64b194136cf"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 03 Aug 2022 06:23:23 GMT
accept-ranges
bytes
content-length
26768
x-amz-cf-id
4D8D1fjbiWbhMFMmskB6z-mYAw940mxygodBQNRljIf-qVvRSERWxQ==
VisitorIdentification.js
xfinityoffers.xyz/layouts/system/
2 KB
2 KB
Script
General
Full URL
https://xfinityoffers.xyz/layouts/system/VisitorIdentification.js
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/xfinity-learn-ui/834.4b6a56d29295f81675d0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
126b381f32f601d12e517bff52589bd007f815ec05a422e22c118f6497a2abfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/overview?entity=1073444
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
br
x-xfnlog-site
XDS
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cloner
CfSiteCloner; www.xfinity.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
last-modified
Wed, 29 Sep 2021 21:09:40 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"042f95076b5d71:0",
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofwaQUR%2FV940CfQWsKr1rgnLff9Bt2kULZGmTS%2FGyykiz3ZYWoAOiH2bpFO4XyYaIKIA13ZOHgD0zx85FqSip5OZi4Ja4JK3XEOJs7bgK4FbiEgLVlahpGzAaYVYU7R6M7HsT1miNCAhSCP75ZXpxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store
cf-ray
734cf6db89a191db-FRA
expires
Wed, 03 Aug 2022 06:23:23 GMT
polaris.learnnav.wc.js
polaris.xfinity.com/
123 KB
27 KB
Script
General
Full URL
https://polaris.xfinity.com/polaris.learnnav.wc.js
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/xfinity-learn-ui/main.f88ddb7113628410f24d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:558:fe02::a , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
20.8fb60fa.el7 /
Resource Hash
d8c792745b52b0c5d43b56081e1570582ffc3d7a8f37e26d63f3e41f5a82d8eb
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 06:23:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
20.8fb60fa.el7
Age
0
X-MoneyTrace
trace-id=d6eac46c-5515-4f9c-a277-4abc30feadaa;parent-id=0;span-id=6437352453
Vary
accept-language
Strict-Transport-Security
max-age=31540000
Content-Type
application/javascript
Via
http/1.1 cdn-mid-bos-315.chelmsfdrdc2.ma.boston.comcast.net (20.8fb60fa.el7 [uScMsSfWpSeN:t cCMpSs ]), http/1.1 cdn-ec-har-313.bloomfield.ct.hartford.comcast.net (20.8fb60fa.el7 [uScMsSfWpSeN:t cCMpSs ])
X-Vcap-Request-Id
cb7e1a82-adb6-43e1-480b-a0586e509163
Cache-Control
max-age=86400, s-maxage=1800, stale-if-error=3600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Aug 2022 06:23:25 GMT
cartindicator
xfinityoffers.xyz/sitecore/api/learn/neptune/carts/
211 B
3 KB
XHR
General
Full URL
https://xfinityoffers.xyz/sitecore/api/learn/neptune/carts/cartindicator
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2812ab8e952fa1e7cb64dcef5539482f99eb581cc551db7317848baf25f42a69
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://apps.sitecore.net; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://xfinityoffers.xyz/overview?entity=1073444
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cloner
CfSiteCloner; www.xfinity.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b4894a1a-4a8d-4275-b50a-7c11b179065d
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZSL08Y%2B4f3N5qwmjedFwVZFtjYRu2R%2BUR5c93crlmIBwdgma2LUs5yUv%2FOU9BhNGIyDcFZnRxOUtX2RBNyuv5CIgt4Hi0AUMBHViZwu6qAgBeUNCGfKTQNZg0aicE6m0Nwzh6jOopFkTWWuwAXRPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
max-age=0, no-cache, no-store
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://apps.sitecore.net; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
cf-ray
734cf6dbf9f591db-FRA
expires
Wed, 03 Aug 2022 06:23:24 GMT
usercontext
xfinityoffers.xyz/sitecore/api/learn/neptune/persistencelayer/
952 B
3 KB
XHR
General
Full URL
https://xfinityoffers.xyz/sitecore/api/learn/neptune/persistencelayer/usercontext
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98b6c4dd7cac7bc07b7f997f8f5b8763fb8493b7dadd3d92fba11cb26f09f2c7
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' https://apps.sitecore.net; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://xfinityoffers.xyz/overview?entity=1073444
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cloner
CfSiteCloner; www.xfinity.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
request-context
appId=cid-v1:b4894a1a-4a8d-4275-b50a-7c11b179065d
pragma
no-cache
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvcfSoHpCciqEBbtUdZ7tlEZ%2BBhyxadbLMdPut8zcgFdGqLqjGfysCdjjD%2BjpKPXfuQiecUTA2xexfNUMv2V4ZU4aEnXeM91V5kr3udWa%2Fvn%2B4y4bxd7RBf3XQXZ5hFWitXuVoQ6kHm2w7iP3Pk19A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
max-age=0, no-cache, no-store
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' https://apps.sitecore.net; img-src 'self' data:; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' 'unsafe-inline' https://fonts.gstatic.com; upgrade-insecure-requests; block-all-mixed-content;
cf-ray
734cf6dbf9f791db-FRA
expires
Wed, 03 Aug 2022 06:23:24 GMT
id
dpm.demdex.net/
3 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1659507803560
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37fac18953e6cebec2c5bb3899194d76d0b46ae40f1e531f107c8f55fe73b845
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v037-0cd612d85.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
d4YD4DmzQ/8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://xfinityoffers.xyz
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1143
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/a5b25a446515/launch-e80baf9c0255.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

unused62
8096267
date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Wed, 03 Aug 2022 07:23:23 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/a5b25a446515/launch-e80baf9c0255.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

unused62
8096267
date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Wed, 03 Aug 2022 07:23:23 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/a5b25a446515/launch-e80baf9c0255.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

unused62
8096267
date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:53 GMT
server
AkamaiNetStorage
etag
"c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Wed, 03 Aug 2022 07:23:23 GMT
json
fls.doubleclick.net/
40 B
719 B
Script
General
Full URL
https://fls.doubleclick.net/json?spot=4053494&src=1516422&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=1327277637287
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/a5b25a446515/launch-e80baf9c0255.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60
x-xss-protection
0
pragma
no-cache
server
cafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dest5.html
comcast.demdex.net/ Frame C62F
7 KB
3 KB
Document
General
Full URL
https://comcast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/a5b25a446515/launch-e80baf9c0255.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://xfinityoffers.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v037-04e16de74.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
phvuL0nqRzo=
content-encoding
gzip
date
Wed, 3 Aug 2022 06:23:23 GMT
last-modified
Fri, 29 Jul 2022 21:34:00 GMT
vary
accept-encoding
id
comcastcom.d1.sc.omtrdc.net/
2 B
319 B
XHR
General
Full URL
https://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=31716217956443415494534468524773404363&ts=1659507803721
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 03 Aug 2022 06:23:23 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-69c8d8cc76-68ktg
vary
Origin
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
GFWY
xfinityoffers.xyz/2lQX/Tz_R/k8/2G34/VhnQ/EYm5mtLz/MRg4WlVeUwU/FCImEhd/
18 B
1 KB
XHR
General
Full URL
https://xfinityoffers.xyz/2lQX/Tz_R/k8/2G34/VhnQ/EYm5mtLz/MRg4WlVeUwU/FCImEhd/GFWY
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b88a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d

Request headers

Referer
https://xfinityoffers.xyz/overview?entity=1073444
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 03 Aug 2022 06:23:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nyQB7Z57lwC83C4PfakqbVkzQgv3uWLS9eorZMIfJ%2FF06bbSfNA6nYvOQTVzhr4kul6kIslE2I5HsQhFwG7LxP1Xzxn3CGeSZnma3kV5QDVDo2B9j37zkbH6I8rT3ceZeo%2BDPG9CJvsRtjaMqUm1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
734cf6de1cae91db-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18
cloner
CfSiteCloner; www.xfinity.com
ibs:dpid=21&dpuuid=219333204232000482828
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=31912626428261994344514808420044100204
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=219333204232000482828
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=219333204232000482828
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-0e003942f.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0LzzoJYGSg0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:24 GMT
server
AAWebServer
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=219333204232000482828
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
ibs:dpid=359&dpuuid=TxdBkqpC1Oj7MU5
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=dmx&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D359%26dpuuid%3D_wfivefivec_
  • https://dpm.demdex.net/ibs:dpid=359&dpuuid=TxdBkqpC1Oj7MU5
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=359&dpuuid=TxdBkqpC1Oj7MU5
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-0e6597c91.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BrxHJbdiRa4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:23 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0aa046f85b99a54d2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dpm.demdex.net/ibs:dpid=359&dpuuid=TxdBkqpC1Oj7MU5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
365868.gif
idsync.rlcdn.com/ Frame C62F
0
98 B
Image
General
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=31912626428261994344514808420044100204
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ibs:dpid=358&dpuuid=4349564117173850171
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=4349564117173850171
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4349564117173850171
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-0e003942f.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
h9PRx+LgQMw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:24 GMT
X-Proxy-Origin
178.162.209.139; 178.162.209.139; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
983c0013-fb27-41b8-b740-37e412d76bae
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=4349564117173850171
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=470&dpuuid=4133073632306300903
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4133073632306300903
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4133073632306300903
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-09817ee55.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
AXLsUQ0RSls=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4133073632306300903
pragma
no-cache
date
Wed, 03 Aug 2022 06:23:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
365868.gif
idsync.rlcdn.com/ Frame C62F
0
9 B
Image
General
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=31912626428261994344514808420044100204
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ibs:dpid=771&dpuuid=CAESENuF3BOYCtIwcisBXNql9uA&google_cver=1
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzE5MTI2MjY0MjgyNjE5OTQzNDQ1MTQ4MDg0MjAwNDQxMDAyMDQ=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENuF3BOYCtIwcisBXNql9uA&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENuF3BOYCtIwcisBXNql9uA&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-051bef4a7.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6k0YuxnXRX0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:24 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESENuF3BOYCtIwcisBXNql9uA&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ Frame C62F
43 B
355 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=31912626428261994344514808420044100204&p_id=38594
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time
104
date
Wed, 03 Aug 2022 06:23:24 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
9fee73ac83a9fa904df54197abb4e22409e37b07f89ed64c9b1771d2882396e1
content-length
43
generic
match.adsrvr.org/track/cmf/ Frame C62F
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ibs:dpid=1957&dpuuid=298B16572CDA61330B0B07A22DB160E3
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://c.bing.com/c.gif?uid=31912626428261994344514808420044100204&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1957&dpuuid=298B16572CDA61330B0B07A22DB160E3
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=298B16572CDA61330B0B07A22DB160E3
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-0f0dc6292.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
srh3EBBsSfw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:24 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7FADE3850CEC40CCA45A78AA8ADBA921 Ref B: FRAEDGE1415 Ref C: 2022-08-03T06:23:24Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=298B16572CDA61330B0B07A22DB160E3
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
ibs:dpid=3047&dpuuid=5328646D03601F&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5328646D03601F&gdpr=0&gdpr_consent=
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5328646D03601F&gdpr=0&gdpr_consent=
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-064d2bafa.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ANRGmpS0QcE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5328646D03601F&gdpr=0&gdpr_consent=
Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:25 GMT
Cache-Control
no-cache, no-store
Server
prod-xre-app10.frk11
Connection
close
X-HW
1659507804.dop168.fr8.t,1659507805.cds166.fr8.shn,1659507805.dop168.fr8.t,1659507805.cds231.fr8.sc,1659507805.cds231.fr8.p
match.gif
match.rundsp.com/ Frame C62F
0
41 B
Image
General
Full URL
https://match.rundsp.com/match.gif?id=31912626428261994344514808420044100204&partner=adobe
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:25 GMT
server
nginx
ibs:dpid=30646
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=31912626428261994344514808420044100204&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-zGagtFJE2pGSUrozU3UsMlJnhRHxIMHGyzo-~A
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-zGagtFJE2pGSUrozU3UsMlJnhRHxIMHGyzo-~A
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-00f7157d7.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mXaKkq+TR18=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Wed, 03 Aug 2022 06:23:25 GMT
via
http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-zGagtFJE2pGSUrozU3UsMlJnhRHxIMHGyzo-~A
content-length
0
ibs:dpid=80742&dpuuid=c4372f02-8861-4eaf-ae03-4d89395e15cf
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://ag.innovid.com/dv/sync?tid=6
  • https://dpm.demdex.net/ibs:dpid=80742&dpuuid=c4372f02-8861-4eaf-ae03-4d89395e15cf
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=c4372f02-8861-4eaf-ae03-4d89395e15cf
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v037-094d84bab.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
FzfYwCkAR6k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=80742&dpuuid=c4372f02-8861-4eaf-ae03-4d89395e15cf
date
Wed, 03 Aug 2022 06:23:25 GMT
content-length
0
request-time
1
ibs:dpid=152416&dpuuid=
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://ads.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
  • https://evt.undertone.com/u?dp=32&url=https%3A//dpm.demdex.net/ibs%3Adpid%3D152416%26dpuuid%3D
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
42 B
960 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-0bc4b5939.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300,104
X-TID
nHpyCfNvRr0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:25 GMT
server
istio-envoy
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
location
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=
cache-control
private, max-age=0, no-cache
x-envoy-upstream-service-time
0
Connection
keep-alive
Content-Length
0
expires
Mon, 26 Jul 1997 05:00:00 GMT
ibs:dpid=175765&dpuuid=421be44f68d35004e762997903ac4888
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://synchroscript.deliveryengine.adswizz.com/getUID?curl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D175765%26dpuuid%3D%24%7BUID%7D
  • https://dpm.demdex.net/ibs:dpid=175765&dpuuid=421be44f68d35004e762997903ac4888
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=421be44f68d35004e762997903ac4888
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-060c517b9.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
GARw8oALQBE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Wed, 03 Aug 2022 06:23:25 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
c81e69f0-12f4-11ed-b78b-02a5ecf763e3
Instance-id
i-04119cf50317a28b5
Location
https://dpm.demdex.net/ibs:dpid=175765&dpuuid=421be44f68d35004e762997903ac4888
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
ibs:dpid=275754&dpuuid=AAA5A07F1CkAAA8LE-mjLw
dpm.demdex.net/ Frame C62F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAA5A07F1CkAAA8LE-mjLw?gdpr=0
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAA5A07F1CkAAA8LE-mjLw?gdpr=0
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-056bbe808.edge-irl1.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
uAuUBOVCQ+c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAA5A07F1CkAAA8LE-mjLw?gdpr=0
Date
Wed, 03 Aug 2022 06:23:25 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/
26 KB
26 KB
Font
General
Full URL
https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:499::30d4 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Referer
https://xfinityoffers.xyz/
Origin
https://xfinityoffers.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

unused62
8096267
x-amz-version-id
kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C1
etag
"e3e79cd377b28c1e7ffea64b194136cf"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1498273
date
Wed, 03 Aug 2022 06:23:25 GMT
accept-ranges
bytes
content-length
26768
x-amz-cf-id
BtbTHPQYWJKoYlbM22EC7qtsyOBJLttqZLPD7psv-DEmY5aOcAnw8g==
orc.html
polaris.xfinity.com/ Frame 762E
20 KB
8 KB
Document
General
Full URL
https://polaris.xfinity.com/orc.html?domain=xfinityoffers.xyz
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:558:fe02::a , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
20.8fb60fa.el7 /
Resource Hash
a3e27ce8d07cbc5aa2936c2078c33b17238db5a5e8a0b1bb03fb6ad318e8673b
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options nosniff

Request headers

Referer
https://xfinityoffers.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
988
Cache-Control
max-age=86400 s-maxage=1800, stale-if-error=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
7506
Content-Type
text/html
Date
Wed, 03 Aug 2022 06:06:57 GMT
Expires
Thu, 04 Aug 2022 06:06:57 GMT
Server
20.8fb60fa.el7
Strict-Transport-Security
max-age=31540000
Via
http/1.1 cdn-mid-bos-311.needham.ma.boston.comcast.net (20.8fb60fa.el7 [uScHs f p eN:t cCHp s ]), http/1.1 cdn-ec-har-313.bloomfield.ct.hartford.comcast.net (20.8fb60fa.el7 [uScMsSfWpSeN:t cCMpSs ])
X-Content-Type-Options
nosniff
X-MoneyTrace
trace-id=bd5de711-14c4-4b0a-8236-f0da47379d20;parent-id=0;span-id=6437352588
X-Vcap-Request-Id
26281ef0-f302-47a6-4b74-0b1b0a46ef98
xfinity_logo.svg
polaris.xfinity.com/images/svgs/
2 KB
2 KB
Image
General
Full URL
https://polaris.xfinity.com/images/svgs/xfinity_logo.svg
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/overview?entity=1073444
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:558:fe02::a , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
20.8fb60fa.el7 /
Resource Hash
c7affb9d47b42dd36ced3ce81637c6e0a4db02f8c6f8b47fce040d991cc13515

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 06:07:54 GMT
Via
http/1.1 cdn-mid-bos-311.needham.ma.boston.comcast.net (20.8fb60fa.el7 [uIcRs f p eN:t cCNp s ]), http/1.1 cdn-ec-har-313.bloomfield.ct.hartford.comcast.net (20.8fb60fa.el7 [uScRs f p eN:t cCHp s ])
Last-Modified
Thu, 16 Jun 2022 15:20:52 GMT
Server
20.8fb60fa.el7
Age
931
Etag
"62ab4a54-622"
Content-Type
image/svg+xml
X-Vcap-Request-Id
409efe62-b3a9-4107-64eb-c7c865fbba2b
Cache-Control
max-age=2592000, s-maxage=1800, stale-if-error=604800
X-MoneyTrace
trace-id=d29a5449-a7c0-46f4-95b6-b3a2a3f57660;parent-id=0;span-id=6436896113
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1570
Expires
Fri, 02 Sep 2022 06:07:44 GMT
xfinitybrown-regular.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-brown-optimized/
84 KB
85 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-brown-optimized/xfinitybrown-regular.woff2
Requested by
Host: xfinityoffers.xyz
URL: https://xfinityoffers.xyz/xfinity-learn-ui/834.6333e56cbad3c8f78992.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ea:499::30d4 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac7ab1854db99c8278486132a7cef4a5d4f2992fd59488d02b4a5c5a071407d0

Request headers

Referer
https://xfinityoffers.xyz/
Origin
https://xfinityoffers.xyz
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id
bJw.Gpm03LZ4CcpJMWOow9cMGu2gTzPg
last-modified
Wed, 01 Sep 2021 16:24:41 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
etag
"7852867d778f90102ccdec973b475759"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
date
Wed, 03 Aug 2022 06:23:25 GMT
accept-ranges
bytes
content-length
86524
x-amz-cf-id
UyN9Sd-A-dlFiRm0YZQYDtlfPUkt4MzAmhDWC-f2nhdECPu1idX3Yg==
ecm3
s.amazon-adsystem.com/ Frame C62F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=rEGi2QYVRk-LbDWA0USLHA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=31912626428261994344514808420044100204
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=31912626428261994344514808420044100204
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
C46GMV3QR31193KZ1HWZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-1-v037-0aa1a8b08.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
JAMYC1sNQq4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=31912626428261994344514808420044100204
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-apigw-id
WRgeuE0LIAMFSVA=
x-amz-cf-id
b2T4uvLXOn7Hq8c2ZaEwK6O1xvpQqLAv2rQl15oZQN_Zb47eaVPIWQ==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
4c74d9a4-fa30-4ae1-a5d5-b2a31f343b4a
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-apigw-id
WRgevHKVoAMF8hA=
x-amz-cf-id
jeQIYMGfNHSMvqYd7CevhHQnMaFfXm9zw83hcN5y85EwcEBfjyvb2Q==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
93426012-de92-4dd0-8985-b8606b02d5a4
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRgeyGj-CYcF2qw=
x-amz-cf-id
YvnUtyGhI9cz9QN6f-KFf31rE8gCjYHqoscXI0Zij5QlWBF4nkl9og==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
4ae91def-ed32-4259-951a-2993f27d96e9
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-apigw-id
WRgevHaAIAMFa0Q=
x-amz-cf-id
2FGY5bfEID6V8iLqAO4rdho7tf0YrnOcG74RB9Nhe45bNMFKnmEAqQ==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
ea9dff50-c97c-42d4-a249-e0c7b985e027
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRgeyHfdiYcF7Iw=
x-amz-cf-id
g0oXxWhju6W4t1LiGDrLDBPSEkm9h3h0oDHiPqmO3ryXl3Y3qK9ztg==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
ad7d05b7-c91a-4356-8943-7987a2b4c22e
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-apigw-id
WRgevFProAMFi6A=
x-amz-cf-id
8nHtLAYkS8jjeom6CdZVaqNnENrePNx0of5hbtb6wp1ABmBmfjTTuA==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
ed6b253c-83aa-46f6-94d6-c1a70d339181
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRgeyHQsCYcFQLA=
x-amz-cf-id
niWEizkT-8YXBkIiGa0xBbO6Xg02XVoxMXPJBwmmMg_CY1XWi0SxGQ==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
12b21d22-4974-4088-a8b3-8e4222dcb242
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-apigw-id
WRgevEfTIAMFWYg=
x-amz-cf-id
x1DE8MkhijuP9cyntlcpjmPFyCx8ko565zvb3eUNKWHf3zSTM97eyg==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
895805ab-887b-441b-ab07-514917b9435f
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRgeyG_QCYcFgyQ=
x-amz-cf-id
P6DNHwz6-mpIC7SGSLYZZNq6T_9e7Zlr0tfsfWjpVGnCYJ2TUoewyg==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
2813db51-213d-4fa1-99d8-b461fb8ec382
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:25 GMT
x-amz-apigw-id
WRgetFxYoAMFTCg=
x-amz-cf-id
zFRpanKNb66J60WTjw15WRVCS_QJGYtEuGU0EZPOU79FEse_NmlGRg==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
0b5c0855-8fd9-4ad3-9477-b00c73ea1636
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRgeyFvmCYcFnyw=
x-amz-cf-id
nLgDOD1uV_BGURgsMB-ok1jw0CsU_izdribFhjuMawISPqSgXZHdLw==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
b3af0723-9877-4f02-801f-b7a8c7407844
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:25 GMT
x-amz-apigw-id
WRgetEd9IAMFlyQ=
x-amz-cf-id
O-pM5292Petlqz--TZMHSQ706tUY1-NHwKftacTDyYNje19xd9m31Q==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
1a947b15-51fa-4c4b-ad53-352d857a5b07
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRgeyGAiiYcFuJA=
x-amz-cf-id
rCARlQfMZQhdz3TXKkoWxQCx8_6R4q_tgrpFHj91iOFLonGPHn3pzQ==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
bd896720-843e-4e15-9915-8b0adeec048c
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:25 GMT
x-amz-apigw-id
WRgetHQNIAMF9-g=
x-amz-cf-id
qQCB06uXfC1rzT3hx6BSKEl0Fft5fzjZFNXb3heagPI5sHFt-Z_p4A==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
3b0d9c2c-69bc-4cad-a459-14009b736346
manifest.json
cdn.wcdc.comcast.com/buy/includes/dist/
0
0

/
dl.cws.xfinity.com/event/
110 B
491 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c00cb90efff4d2b5d526c7886fa06cc480dd01c8643815939c7bbbb14aa15643

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgeyFUqIAMFsQw=
x-amzn-requestid
4e46b06d-67da-49dd-a8ec-57df41466230
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-5053f7c822bcfd441088da80
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
Zw45zp4TMTD7IVaTKDdWvEhx5ayzm87nztD4b-Wnq_EzfX-7jhxzfA==
/
dl.cws.xfinity.com/event/
110 B
489 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
d43f22ea832346677963a708d0891262d3890ebcf5f0a2e5e35b1fa52d2f70c8

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgeyEItoAMFT7w=
x-amzn-requestid
c42f5e28-789d-419b-9126-c62042260665
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-333ce9326517b61f0a103e1c
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
tOTOEPIPmDAqqm7SDbFFxR3HePRne0PPAf6cB81lFsjTViR_7VVt2g==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
473 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
71ae00bd89b7768628f24b4c7466c68a77d23c4c84fba029649350837208cefc

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
9a9f5e8b-bcfc-4542-a423-bd833b34ff79
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-5d86b2d30ddba462614c5a37
x-amz-apigw-id
WRge3HyJCYcFWHQ=
content-length
110
x-amz-cf-id
Rv6MDy3tedYe_QPF9LSDUXpRWwPRgw4iOjK71Krq9JUPHE-Oqwj51w==
/
dl.cws.xfinity.com/event/
110 B
491 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6129aa661eb8bc3c924bd24f067eb70565fd8fb6e15eb73cdeea22a3ce46a2fd

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgeyEVKIAMF64A=
x-amzn-requestid
4e8f5836-b7fe-47b4-966f-a3bc658ad7eb
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-2b4179d336017e3e5f1d7fbe
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
WLL1oA4j7d1YImjRtwnLwRZtX9r3RykmzVipgLqi1J9DR9l6ZWZOpQ==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
470 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
cc748d8110eb91b117f5566a7f37332d782dd63aa2c3b0121fc1e75d98856b3d

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
a438c09f-3159-4d06-86b0-76743427e775
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-623521fa37c9997062e2fa2e
x-amz-apigw-id
WRge3FZGiYcFehg=
content-length
110
x-amz-cf-id
Ti_jqd0jvQWYTyYRjbVJK8rpmWoHP5xyX4Rkx9FsqP-56QQvuPgRrw==
/
dl.cws.xfinity.com/event/
110 B
490 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
767840ea3137292ccac8441683a618c453a00d3d924a78e177db69ef1231b3f5

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgewGuBoAMF8cQ=
x-amzn-requestid
634ae04d-800c-47fa-90b5-262176085fec
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-6728dcec76dc54b947f95fb9
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
ieojJJmVVIqv0J5BLKpsXPbcws8lxk0AII6adxIc-SRaT4SqL2AmTw==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
469 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
c8999d8e87d000fec02114645fbf2a662230cc175a99b7d38e9b6760d89a11ce

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
07cb34bb-a222-4819-af5c-ca4bd610a4bd
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-1715893752628ca516d4a821
x-amz-apigw-id
WRge2FFeCYcF7DQ=
content-length
110
x-amz-cf-id
mf-d5_wxvD_OqauLFvhvlTpExobJUaZ6l7P3JGsoJdMc7PENkZu7yw==
/
dl.cws.xfinity.com/event/
110 B
489 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e676d1e47c6ea9382fe38a2beca4a21daf8e774c370ba2e79248857d4d9737ea

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgeyH72IAMF1xw=
x-amzn-requestid
796c9749-8c8e-4399-b179-06e71a7e2841
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-4984823a3aaeec052e46c120
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
Ii8v3AHNa54VNCas5rUa3ZL3CiXgS1JwkkR6vZnT72rDjw1CS4ILEA==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
469 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
f1f11e70cf7f9b08300a8c9b186074d42fb79549f5c5ce659cd104154e430bb0

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
686e8ef3-13b4-4d7c-a5c8-bab25f4bb631
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-7821da282082151a518dd5f4
x-amz-apigw-id
WRge2Fv2iYcFnyw=
content-length
110
x-amz-cf-id
nKVqQZdiyNb1gy4gUd8MsUop1CG40Im5_6xJNyjSlgCe1RvCpBg6mg==
/
dl.cws.xfinity.com/event/
110 B
489 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2790c15466585751a14fabb1982970380f30398c2a4e01f76040e38405ce1a65

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgewE6xoAMF_8g=
x-amzn-requestid
b8805d34-d6e2-4634-ba0c-6e3e81241222
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-6a4aebd36aeb3ac235a9a4d3
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
OUjgmq9ngvk6xaG5WfcGTx1E9BkiqJvoI0RiE_sgM_-OWHpvqgJ76A==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
470 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
fbef6cfd9afd1c9ee0acde687916ad9d5d24617b16084c0e93b5286093d349bb

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
da897a88-170e-4dbe-896d-b471949e84ab
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-0404d39232887d5a0511fec2
x-amz-apigw-id
WRge2GZBiYcFlOQ=
content-length
110
x-amz-cf-id
z-GxqWjJCaL7rBUG452YAiHHLaJawDpxzTCGnTdOmTlJLan0sMzEIg==
/
dl.cws.xfinity.com/event/
110 B
489 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9a1448deb4a53c7c941ed4267cf7762c262504098d2f26e90a031c136fec46c6

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgewEuvoAMFZ0A=
x-amzn-requestid
b7fbc293-7503-4ca9-afc0-5d73e5fedecc
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-6e360d8e7753a68e71819231
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
VYpsjNN0kNGNUh-CSKc2fm3plcsZTvSqSRDeFYx9srFxwBfBF7Gq1g==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
469 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
0a534d9383599d9dfad819eb3d8cf68689dd2621539eb828dadc8fe67bac15e9

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
7ccc3f95-02d9-406c-8359-2f2cd9b13a29
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-080c1d722a8bb8194dd1596d
x-amz-apigw-id
WRge3GmZiYcFzfQ=
content-length
110
x-amz-cf-id
N5db9JHWb1UNLpkP5a6cPOhbCtplDm2xpme3xlSgrD1RokN3Ckxq_w==
/
dl.cws.xfinity.com/event/
110 B
489 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
734f7e23ad1f4214ccefbb5ea8cbc61bcc3c3bf7007b36abae22aeb8c74d1e68

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgeuE1noAMF5QQ=
x-amzn-requestid
0ce4b759-2271-4db3-be02-5c71f50915a3
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-7580242c6dd43caf53040439
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
kLPBMCgOYQcNvgMRH3nLE7foCqH3ZqDWqwMbAekij815s2iJdsUW3w==
RCcd7330ed47584cd388b974fce097dc55-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
502 B
604 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RCcd7330ed47584cd388b974fce097dc55-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
900a4cf20cd7006debe3da5033f73ed12f6abf896430718bf4deeb3d1ac8b2ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:25 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
336
expires
Wed, 03 Aug 2022 07:23:25 GMT
adrumext4a8dd0f950e3f613a821c330eb081cdc.js
cdn.comcast.com/-/media/Common/adrum/
51 KB
15 KB
Script
General
Full URL
https://cdn.comcast.com/-/media/Common/adrum/adrumext4a8dd0f950e3f613a821c330eb081cdc.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:2bc::2af2 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5346dfc0f18be96e38080c303c312d99867487d6078f5ce0f1c0ddaaf165c473
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-xfnlog-site
XDS
last-modified
Thu, 28 Jul 2022 16:07:36 GMT
etag
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
private, max-age=31527479
date
Wed, 03 Aug 2022 06:23:25 GMT
content-disposition
inline; filename="adrumext4a8dd0f950e3f613a821c330eb081cdc.js"
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
14935
expires
Thu, 03 Aug 2023 04:01:24 GMT
RC553cf5066ea94c158df8f8b1bdba99ad-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
341 B
480 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC553cf5066ea94c158df8f8b1bdba99ad-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
51fe75530a58625839754c70058fa2c43f0144611a424563fc7f7fdb5fe074b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:25 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
213
expires
Wed, 03 Aug 2022 07:23:25 GMT
delivery
comcastresidentialservices.tt.omtrdc.net/rest/v1/
369 B
730 B
XHR
General
Full URL
https://comcastresidentialservices.tt.omtrdc.net/rest/v1/delivery?client=comcastresidentialservices&sessionId=f863f1915061427691748ad000c80033&version=2.4.1
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.242.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-242-9.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
16b2f26953e4ad83955c72d86eae761a749635de542e9dc65ccf38858bb15a1a

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://xfinityoffers.xyz
access-control-allow-credentials
true
timing-allow-origin
*
x-request-id
24f3fc71d20c33eeaf5a42a821ad2dab
s82382967639841
metrics.xfinity.com/b/ss/comcastdotcomprod/10/JS-2.22.0-LCUM/
4 KB
4 KB
XHR
General
Full URL
https://metrics.xfinity.com/b/ss/comcastdotcomprod/10/JS-2.22.0-LCUM/s82382967639841
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
98b60d240232af077467cb18fc3dec37a70ec6a6ebaac379911fb9bb5a5213ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-aam-tid
wLRctbnNQw0=
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
x-c
main-1661.I2f39db.M0-585
p3p
CP="This is not a P3P policy"
vary
*
content-length
3798
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-1-v037-0bd82c48c.edge-irl1.demdex.com 6 ms
pragma
no-cache
last-modified
Thu, 04 Aug 2022 06:23:26 GMT
server
jag
xserver
anedge-69c8d8cc76-6wd7d
etag
3563765877928689664-4619622646178145035
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
expires
Tue, 02 Aug 2022 06:23:26 GMT
RC37c960ab9bab46fbbceb74a4f50b238f-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
387 B
508 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC37c960ab9bab46fbbceb74a4f50b238f-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
54a94e7637402e1971d68af38ec6cdbb7e6ea5f949f5480e8459480f97bdabd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:25 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
241
expires
Wed, 03 Aug 2022 07:23:25 GMT
interact
adobedc.demdex.net/ee/v1/
782 B
956 B
Fetch
General
Full URL
https://adobedc.demdex.net/ee/v1/interact?configId=6b9bd608-f739-4316-a67f-6797e37cc54a&requestId=7b521df4-30b3-426c-8ed7-73709b844616
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
f343501b0ca8c6f3f711b8a0642b7f2965536d5c17dcda7a81227f532bb37d91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Wed, 03 Aug 2022 06:23:25 GMT
content-encoding
deflate
x-content-type-options
nosniff
x-rate-limit-remaining
599
x-adobe-edge
IRL1;6
vary
Origin
x-xss-protection
1; mode=block
x-request-id
7b521df4-30b3-426c-8ed7-73709b844616
server
jag
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json;charset=utf-8
access-control-allow-origin
https://xfinityoffers.xyz
access-control-expose-headers
Retry-After, X-Adobe-Edge, X-Request-ID
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
x-konductor
22.8.1:99f91f62
RCb6a2864acd8d42d0b58f4f08890ee53c-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RCb6a2864acd8d42d0b58f4f08890ee53c-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a2d09e0ae23da94f42fee147c24ec010831d0f905583a55c32e18d821f58fdd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
892
expires
Wed, 03 Aug 2022 07:23:26 GMT
RC625569b919a64006aab80887af3359d2-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
6 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC625569b919a64006aab80887af3359d2-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
a3a86b0e098b59e3ba2436bf14b07d28d69a6a30a10727ef6d1b5efcaec894a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1133
expires
Wed, 03 Aug 2022 07:23:26 GMT
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRgeyGH7iYcF3pg=
x-amz-cf-id
zohZQ6bOglN7c8NK0IQtA72E3C5MhQByWBnqNoNgJzjk7Z36I9VBwg==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
900fa705-9a5b-449e-bfbe-251826f0d06d
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-apigw-id
WRgeyF0NIAMF6vg=
x-amz-cf-id
4NN-egIDWjiiA6JiJznzwX-1Y-nwgsokJMInJxTYTW44-M8vpdR0Ww==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
d05aa32d-bbc4-4619-a53a-21ffe121fd27
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
468 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
cc473e0ecb7548770c5126276073996407b55422b0e27b07e5d7d12c1ef01bb6

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
5dceccfa-a7e9-4156-b777-2b7581050d7a
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-5b93a6a44ef090454409940a
x-amz-apigw-id
WRge3Hl_CYcFtXg=
content-length
110
x-amz-cf-id
PAKSrtF7jZ6tu64_34beg-cMil6m6dsUVx4MDtGoWzSAm00niQZ8rg==
/
dl.cws.xfinity.com/event/
110 B
488 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
603458c9f36ee7f3dc08dd6c32a8c3e3344c4a784d6c5bd085a769b6ec0a69ae

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRge1FGLoAMF7og=
x-amzn-requestid
f93b7b12-3775-49be-8d8a-5ecb130aeb6b
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-6a6e758e5ab3b8ce2a4445f0
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
RzW1Q1tqtc_uAt7MPZZzbQ4AwVtZiFfdMt-Ut19vS47Ko7JgrZCo0w==
fbevents.js
connect.facebook.net/en_US/
98 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26222
x-xss-protection
0
pragma
public
x-fb-debug
FPFrZvUkdo0+HLMwJvS4I+H8bF4BRw+y310B/bkbOQ+J5cOMKHERCYcipbf/jGrI3KHWs/AzcEUXuUUqKcIrfg==
x-fb-trip-id
720026100
x-frame-options
DENY
date
Wed, 03 Aug 2022 06:23:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
RCcbc84982663d4533b6434bfa975f6925-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
740 B
705 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RCcbc84982663d4533b6434bfa975f6925-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9a21a4bbed8deaa5fdfebff47eae26c8ac6572c9cc5dd96cf7bcc9f49c68b50e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
437
expires
Wed, 03 Aug 2022 07:23:26 GMT
RCbd59c48c0b0440c5a9e0fba9bfb743c7-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
624 B
657 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RCbd59c48c0b0440c5a9e0fba9bfb743c7-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ef9083cd0add6d9f7c6f82dba352a8d7310e9b680782ca7d8f32ae0ff56438c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
389
expires
Wed, 03 Aug 2022 07:23:26 GMT
RC62ee81a4e76c456e84f4423cf4427b46-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
539 B
630 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC62ee81a4e76c456e84f4423cf4427b46-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f8ea57850cc6ac35997ced61f2f147c4aabbb314b7b3b4fa85aff836c089201b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
362
expires
Wed, 03 Aug 2022 07:23:26 GMT
RC402eed9b7a3a455db89157d76a282d72-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
936 B
811 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC402eed9b7a3a455db89157d76a282d72-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b026c0484c0b346e7d4fec20551ef3385107f4a23b791f3ec8ab8d91aa10722b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
543
expires
Wed, 03 Aug 2022 07:23:26 GMT
RCa943ba338121477a8922b2b6a49eae08-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
719 B
703 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RCa943ba338121477a8922b2b6a49eae08-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1977fe8907b52a32baed543e698bad3e0c743dc5a84477e4b616100ce98d3191

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
435
expires
Wed, 03 Aug 2022 07:23:26 GMT
/
www.google.de/pagead/1p-user-list/1023869955/ Frame C62F
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?value=1.00&currency_code=USD&label=dAmVCKnhr2wQg4ic6AM&guid=ON&script=0
  • https://www.google.com/pagead/1p-user-list/1023869955/?value=1.00&currency_code=USD&label=dAmVCKnhr2wQg4ic6AM&guid=ON&script=0&is_vtc=1&random=1803075685
  • https://www.google.de/pagead/1p-user-list/1023869955/?value=1.00&currency_code=USD&label=dAmVCKnhr2wQg4ic6AM&guid=ON&script=0&is_vtc=1&random=1803075685&ipr=y
42 B
548 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1023869955/?value=1.00&currency_code=USD&label=dAmVCKnhr2wQg4ic6AM&guid=ON&script=0&is_vtc=1&random=1803075685&ipr=y
Protocol
H2
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://comcast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/1023869955/?value=1.00&currency_code=USD&label=dAmVCKnhr2wQg4ic6AM&guid=ON&script=0&is_vtc=1&random=1803075685&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
105 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-4053494
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
082f4b0e6c639e4582ec2b24ae18729856afff8b9ebad0f6459f7d9ca6232902
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41600
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Aug 2022 06:23:26 GMT
quantum-comcast.js
cdn.quantummetric.com/qscripts/
530 KB
110 KB
Script
General
Full URL
https://cdn.quantummetric.com/qscripts/quantum-comcast.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:149e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07dd4594e5dee5763669fa3b1978255da05ebae9f6d85b0135007a6a41351325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
135
etag
W/"165947095041516594557054181659427203300"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
strict-transport-security
max-age=31536000
cf-ray
734cf6ecdabe91e7-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
iu3
s.amazon-adsystem.com/ Frame 5E0B
935 B
2 KB
Document
General
Full URL
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9c6269e8-4641-e261-dd25-4fc3136dea37%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.xfinity.com/&ex-hargs=v%3D1.0%3Bc%3D8324316060801%3Bp%3D9C6269E8-4641-E261-DD25-4FC3136DEA37&cb=961634634924344600
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cfc96c8fa85a02fa11161682617e004a76aad934f1b05c8f172bdf6ecfd2fed2
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://xfinityoffers.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
935
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 03 Aug 2022 06:23:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
4F42GZBZWC28VX92J7TX
surveys.js
js.pulseinsights.com/
131 KB
26 KB
Script
General
Full URL
https://js.pulseinsights.com/surveys.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-67.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bb16b92df7ef7932e416c3026429f60255bddefb6f36b73e0763aeb5e94f1dbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 05:36:47 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Fri, 29 Jul 2022 22:16:31 GMT
Server
AmazonS3
Age
6112
ETag
W/"4397e0e6570bd6b674f1427e159de2b3"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
Cache-Control
max-age=86400
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-P7
X-Amz-Cf-Id
1OSBUaFiaFWpC0RrEuXmX6SF1-NYFu0r4qVZnRr_K14uXtZbrqjNwQ==
RC115d0c0a77034a2392e239889ccd17ee-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
540 B
636 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC115d0c0a77034a2392e239889ccd17ee-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
18075060ba622aee5d8bdfa1cc1a3892f288f2727028692fcfe25a85e66d0505

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
368
expires
Wed, 03 Aug 2022 07:23:26 GMT
RCc700b8deef7645c5b0531694eb13b57f-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
800 B
763 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RCc700b8deef7645c5b0531694eb13b57f-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3aea02903ffd476e286f78a9445684f4e6e2f10339c7d2b3fafcccafa3f634cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
495
expires
Wed, 03 Aug 2022 07:23:26 GMT
RCfffe7992431a4e14a35ec6362598d352-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
534 B
615 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RCfffe7992431a4e14a35ec6362598d352-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4c867b57f0b2b2f76b1f449bbd890f302cc19d45a1d3b28a0e43074c6fe59e41

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
347
expires
Wed, 03 Aug 2022 07:23:26 GMT
RCd4fc8387391a4be1b89284d7c67c29dc-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
1 KB
805 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RCd4fc8387391a4be1b89284d7c67c29dc-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
ebc10b39925d1fe90f29fee71f7b7048916f123df2f94ec868c6aa19c033b9ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
537
expires
Wed, 03 Aug 2022 07:23:26 GMT
RC3de8b7fb312c492db0289a7b5193ccf0-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
619 B
662 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC3de8b7fb312c492db0289a7b5193ccf0-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7f9caac31580c23eeeabb17edd23ff7a05a176d858e43fc720f387160ea2215e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
394
expires
Wed, 03 Aug 2022 07:23:26 GMT
RCda369e40955b40eba2978b9a03e82a8a-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
2 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RCda369e40955b40eba2978b9a03e82a8a-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b8bc8c2a178d7440f4e68d08ea41bb6230298dcdf486ee05981d3d1347971677

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
890
expires
Wed, 03 Aug 2022 07:23:26 GMT
RC6499f7f09e114d8f8e05cc72f4e44d81-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
702 B
713 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC6499f7f09e114d8f8e05cc72f4e44d81-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b4fa88d874e84f5361f0fa66229b63e1dd7be7dbdf5f5ca70cdb063ab859db27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
445
expires
Wed, 03 Aug 2022 07:23:26 GMT
RC601a7b0be12c43ce8b4d4e57be2fcff0-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
4 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC601a7b0be12c43ce8b4d4e57be2fcff0-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0383c119d7a3f1fa0a82aec48a7d3bd90738f13613d07cd4944259fbc1309c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
1401
expires
Wed, 03 Aug 2022 07:23:26 GMT
RCd8229e603e2c4959a384d03289f5be25-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
714 B
734 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RCd8229e603e2c4959a384d03289f5be25-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
259890950189c9fbdb7b1a8138ecd14020c2d4b1aed3941e30c9ac020f0db40a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
466
expires
Wed, 03 Aug 2022 07:23:26 GMT
RC6ce9bb0844b745868e0104b228c0f2c2-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
4 KB
1 KB
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC6ce9bb0844b745868e0104b228c0f2c2-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
74ff52c8ec4a615e185da6d2d99c6e08dcec5e2104607c05ef0ee9698927001f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
996
expires
Wed, 03 Aug 2022 07:23:26 GMT
RC6727585e653049cc83a5229ce997b7e7-source.min.js
assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/
430 B
546 B
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/a5b25a446515/0e175f0eab3d/RC6727585e653049cc83a5229ce997b7e7-source.min.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:282::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d69e95c819d1278a4bdc40c49622efec8976515d80f9b2846efecc165955212e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 18:58:18 GMT
server
AkamaiNetStorage
etag
"9ceed94e228c8d967090be436a31ffaf:1659034698.788237"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
278
expires
Wed, 03 Aug 2022 07:23:26 GMT
bat.js
bat.bing.com/
38 KB
11 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 51EDC2B9E3CA472AAA35CAC326490B3A Ref B: FRAEDGE1415 Ref C: 2022-08-03T06:23:26Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
date
Wed, 03 Aug 2022 06:23:25 GMT
accept-ranges
bytes
content-length
11376
i.js
tag.bounceexchange.com/1369/
76 KB
20 KB
Script
General
Full URL
https://tag.bounceexchange.com/1369/i.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
c8965e8058f3c2b505a9bd679db4454d46736a977c1497729131f3c99a781e6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 04:06:22 GMT
content-encoding
gzip
age
8224
x-envoy-upstream-service-time
1
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20200
access-control-allow-origin
*
server
istio-envoy
etag
a1fa6da7e07aa0
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://data.cdnbasket.net>; rel=dns-prefetch, <https://page.cdnbasket.net>; rel=dns-prefetch, <https://view.cdnbasket.net>; rel=dns-prefetch, <https://ids.cdnwidget.com>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect, <https://pd.cdnwidget.com>; rel=preconnect
1576063789359472
connect.facebook.net/signals/config/
293 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1576063789359472?v=2.9.70&r=stable
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d391c103115c3201a5a4b6d97cdceec7dda2b421dd30f2ffd0c88c879e3b7a38
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
lBlSmt3VzdJi013Q1C37EtEI/HSYLHYfTMSWypYvSxLt/3SOm0vUaanD4G8DM/MgqpK482IiLcuyePsX8iGCwA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 03 Aug 2022 06:23:26 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1659507806509
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
d.agkn.com/pixel/10533/
43 B
595 B
Image
General
Full URL
https://d.agkn.com/pixel/10533/?che=3619791855354.3174&aauid=31716217956443415494534468524773404363
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.201.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-201-66.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
tr
www.facebook.com/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr?id=3570459783026493&ev=PageView&cd[order_id]=31716217956443415494534468524773404363
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 03 Aug 2022 06:23:26 GMT
wrapper.js
universal.iperceptions.com/
9 KB
4 KB
Script
General
Full URL
https://universal.iperceptions.com/wrapper.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Aug 2022 06:21:51 GMT
content-encoding
gzip
content-md5
d5YIeO59lrTqhttidyvULA==
age
115
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
access-control-allow-origin
*
last-modified
Mon, 22 Mar 2021 18:02:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-ms-request-id
1ebde1db-501e-0056-333c-a201b8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
RrLihU_IZdUkNKHIb3JC7iWE7-R7M7Xy3iUqWFaEwR4i7W45I6V0yQ==
/
servedby.flashtalking.com/container/12345;91797;9487;iframe/ Frame 0087
3 KB
3 KB
Document
General
Full URL
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//xfinityoffers.xyz/overview%3Fentity%3D1073444&ns=&cb=562283.8550527078
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app4.frk11 /
Resource Hash
ece4cb1b97a86177e1cddb6e25ae1d0f19cfcf7a2df428f2b92adcb8b1784527

Request headers

Referer
https://xfinityoffers.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, no-store
Connection
close
Content-Type
text/html
Date
Wed, 03 Aug 2022 06:23:26 GMT
Pragma
no-cache
Server
prod-xre-app4.frk11
X-HW
1659507806.dop212.fr8.shc,1659507806.dop212.fr8.t,1659507806.cds275.fr8.sc,1659507806.cds275.fr8.p
uwt.js
static.ads-twitter.com/
56 KB
15 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
last-modified
Thu, 28 Jul 2022 21:38:45 GMT
etag
"ca88912498e17137955859948f14e272+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15196
x-served-by
cache-iad-kcgs7200145-IAD, cache-vie6372-VIE
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4886
date
Wed, 03 Aug 2022 05:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 03 Aug 2022 07:02:00 GMT
js
login.dotomi.com/profile/visit/disco/
Redirect Chain
  • https://login.dotomi.com/profile/visit/js/1_0?dtm_cid=80315&dtm_cmagic=97cdaa&dtm_fid=3427&cachebuster=221023256190519650__;W10!!CQl3mcHX2A!RvPfnS4563TGC5ursn2TGQA7pM2_okxeUAzUAMW_iXdiqOKUj4CoiVYHN...
  • https://core.conversant.mgr.consensu.org/gdpr/iab/consent/current?rdct_url=https%3A%2F%2Flogin.dotomi.com%2Fprofile%2Fvisit%2Fdisco%2Fjs%3Fdtm_cid%3D80315%26dtm_fid%3D3427%26dtm_cmagic%3D97cdaa%26c...
  • https://login.dotomi.com/profile/visit/disco/js?dtm_cid=80315&dtm_fid=3427&dtm_cmagic=97cdaa&cachebuster=221023256190519650__%3BW10%21%21CQl3mcHX2A%21RvPfnS4563TGC5ursn2TGQA7pM2_okxeUAzUAMW_iXdiqOK...
19 B
210 B
Script
General
Full URL
https://login.dotomi.com/profile/visit/disco/js?dtm_cid=80315&dtm_fid=3427&dtm_cmagic=97cdaa&cachebuster=221023256190519650__%3BW10%21%21CQl3mcHX2A%21RvPfnS4563TGC5ursn2TGQA7pM2_okxeUAzUAMW_iXdiqOKUj4CoiVYHNcZvR7gCuQ%24&dtm_form_uid=477406634062374383&gdpr=1&gdpr_consent=
Protocol
H2
Server
63.215.202.137 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams01-usadmm.dotomi.com
Software
nginx /
Resource Hash
2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
cache-control
no-cache, private, max-age=0, no-store
content-type
application/javascript
content-length
19
expires
0

Redirect headers

location
https://login.dotomi.com/profile/visit/disco/js?dtm_cid=80315&dtm_fid=3427&dtm_cmagic=97cdaa&cachebuster=221023256190519650__%3BW10%21%21CQl3mcHX2A%21RvPfnS4563TGC5ursn2TGQA7pM2_okxeUAzUAMW_iXdiqOKUj4CoiVYHNcZvR7gCuQ%24&dtm_form_uid=477406634062374383&gdpr=1&gdpr_consent=
pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://publicis-36-adswizz.attribution.adswizz.com/fire?pixelId=9f535f6f-a45d-4b55-a7fc-c75ab94a925e&type=sitevisit&subtype=PageVisit1&aw_0_req.gdpr=true&redirectURL=aHR0cHM6Ly9waXhlbC50YXBhZC5jb2...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://publicis-37-adswizz.attribution.adswizz.com/fire?pixelId=92e737d2-b421-4f21-b907-95d97f00b515&type=sitevisit&subtype=PageVisit1&aw_0_req.gdpr=true&redirectURL=aHR0cHM6Ly9waXhlbC50YXBhZC5jb2...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://publicis-38-adswizz.attribution.adswizz.com/fire?pixelId=c13c743e-c94a-4bfd-a542-5fca5892e8ba&type=sitevisit&subtype=PageVisit1&aw_0_req.gdpr=true&redirectURL=aHR0cHM6Ly9waXhlbC50YXBhZC5jb2...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
95 B
113 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
Protocol
H3
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2994&partner_device_id=c13ddf13840f2315964fd39030cb85ea
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
js
www.googletagmanager.com/gtag/
114 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-1023869955&l=dataLayer&cx=c
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8af60accc157c3670b9e65ca4d68fc58fbd2bb8f033f63f6e3d53c70a9e4de3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45547
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Aug 2022 06:23:26 GMT
activityi;dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity...
4053494.fls.doubleclick.net/ Frame F470
Redirect Chain
  • https://4053494.fls.doubleclick.net/activityi;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fenti...
  • https://4053494.fls.doubleclick.net/activityi;dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fx...
1 KB
697 B
Document
General
Full URL
https://4053494.fls.doubleclick.net/activityi;dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4053494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f6.1e100.net
Software
cafe /
Resource Hash
87f1324380fc870e456d4af34885aa598e7379274b661eee31471ff901870aeb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
674
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 06:23:26 GMT
expires
Wed, 03 Aug 2022 06:23:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 06:23:26 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://4053494.fls.doubleclick.net/activityi;dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
destination
www.googletagmanager.com/gtag/
114 KB
45 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-1023869955&l=dataLayer&cx=c
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d9de41758ec132539394cc1e511396ebaaf81bab5c1f8df8b5f7edd63fb8521
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45599
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Aug 2022 06:23:26 GMT
quantum-comcast-worker.html
cdn.quantummetric.com/workers/ Frame 87A1
840 B
752 B
Document
General
Full URL
https://cdn.quantummetric.com/workers/quantum-comcast-worker.html
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:149e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23ba745e82026b117f83e8b3195f2b080ee6eef2110e0c5571361497825a429f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://xfinityoffers.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
cf-cache-status
EXPIRED
cf-ray
734cf6ed99aa9b3f-FRA
content-encoding
br
content-type
text/html
date
Wed, 03 Aug 2022 06:23:26 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRge1Ge3CYcF80A=
x-amz-cf-id
7sSX7pRclfSW_ijgY8xWG6dbZ17eQN3EUgADWMDi_c4Q414Sm_7qrg==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
baae3d61-aab8-46ab-aae3-408f5dfa8ad4
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-apigw-id
WRge0Gl3IAMFeRA=
x-amz-cf-id
FduUJPK81u0FWCksCP7iiGGAjC2OTvkpvTnsqTnPAaR0Ds1GVmmKIQ==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
037abda6-5dc3-44c5-98c0-4f2e836bba6f
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
469 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
b713af325c1a056dad17e07386d716de0fa8e6c13f78e29820c0a35eec32d081

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
5fdb4101-fc6e-4e66-af02-3a77450099ac
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-3f62cd411446747104c09a2b
x-amz-apigw-id
WRge5EUHiYcFqpA=
content-length
110
x-amz-cf-id
PHJeDyGZxafCmlHQcx8N0DrxujwtJXFv1A3kUuwtfWesQP8i1zlApw==
/
dl.cws.xfinity.com/event/
110 B
488 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1ad540422134da8dfd6bb3a48bf40c6e09a52efba28b02e3b35361c81762dee1

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRge3E_IoAMFkHA=
x-amzn-requestid
11e3d5b6-e1a2-4f8c-b138-01eaf05c4a33
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-0c18141b5b8ac6ed4fc21e2b
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
RLqNnekfCh6AUTpSUAmIAE7cpK1h1zZ4Ut7CHBlI21h6UmujqgfrKQ==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
469 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
e099569fb9739efc09e01524b45ba53cf847ed65fc2f40f480a1730e88c3016a

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
8f48e35e-0ce2-46d8-91fd-62569c847d7f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-1f25b56b48fd8c397e5c201d
x-amz-apigw-id
WRge5H0uCYcFSgg=
content-length
110
x-amz-cf-id
UCFd2xeixflvUnglFnhq3RH0VyrXf9xHBr5ht-ksyAtRJHB6tsB0VA==
/
dl.cws.xfinity.com/event/
110 B
489 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
eaae4123efcca745da90e8e7766668d1bb28e7b2415a75f8404d6a45c94a7c02

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRge3HKmoAMFoCw=
x-amzn-requestid
9cbd2458-36db-48a9-8bd2-ec7f360f6900
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145e-4fb1b3fa277fa4a679653c9d
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
ma9Y4jueD2kOz_hKlXfoAzA43OW_autg6A4fmv4cadjbuXlm_RpIVA==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRge1HfeCYcFUBA=
x-amz-cf-id
DJvVue0OzxixgWX6PTs6RKJNbEqXl1n5eUqudtRAeQtdl-byCk7esg==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
6097e5f0-85ff-48f0-945b-04baaf8c67e5
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-apigw-id
WRge0HS-oAMFkjg=
x-amz-cf-id
K5P7T53H-I7weL-5p8KD3tgiGxT6q3oK7EvCXV3WnQpxnmZlR-3deA==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
3c6656ad-456d-4e23-8cf6-36e9e43df75f
5280004.js
bat.bing.com/p/action/
0
118 B
Script
General
Full URL
https://bat.bing.com/p/action/5280004.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 42D5B8AEB0C342D6990C71510F56FFE0 Ref B: FRAEDGE1415 Ref C: 2022-08-03T06:23:26Z
date
Wed, 03 Aug 2022 06:23:26 GMT
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/
0
162 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5280004&Ver=2&mid=1095c2b3-2590-4dfa-8aac-09539e66f63c&sid=c881a61012f411ed8dc71b877e5c42da&vid=c881d14012f411edafcca59031f4f571&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Internet,%20TV,%20Phone,%20Smart%20Home%20and%20Security%20-%20Xfinity&p=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&r=&lt=4244&evt=pageLoad&sv=1&rn=958161
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 07CFDD05270E4D9691BDC87A04726A14 Ref B: FRAEDGE1415 Ref C: 2022-08-03T06:23:26Z
date
Wed, 03 Aug 2022 06:23:25 GMT
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=3047&dpuuid=5328646D03601F&
dpm.demdex.net/ Frame 0087
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5328646D03601F&
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//xfinityoffers.xyz/overview%3Fentity%3D1073444&ns=&cb=562283.8550527078
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.192.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-192-193.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v037-0147c925b.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dzqh6UcRT+A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
servedby.flashtalking.com/spot/1/12345;108289;11135/ Frame 0087
42 B
354 B
Image
General
Full URL
https://servedby.flashtalking.com/spot/1/12345;108289;11135/?spotName=Comcast_SiteVisit&ftXRef=&U7=https%253A//xfinityoffers.xyz/overview%253Fentity%253D1073444&cachebuster=202120.02171381837
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//xfinityoffers.xyz/overview%3Fentity%3D1073444&ns=&cb=562283.8550527078
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app7.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//xfinityoffers.xyz/overview%3Fentity%3D1073444&ns=&cb=562283.8550527078
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Server
prod-xre-app7.frk11
X-HW
1659507806.dop229.fr8.shc,1659507806.dop229.fr8.t,1659507806.cds138.fr8.sc,1659507806.cds138.fr8.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
/
servedby.flashtalking.com/segment/modify/y41_;;pixel/ Frame 0087
42 B
556 B
Image
General
Full URL
https://servedby.flashtalking.com/segment/modify/y41_;;pixel/?valuePairs=c_SV_12345
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//xfinityoffers.xyz/overview%3Fentity%3D1073444&ns=&cb=562283.8550527078
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app11.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//xfinityoffers.xyz/overview%3Fentity%3D1073444&ns=&cb=562283.8550527078
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Server
prod-xre-app11.frk11
X-HW
1659507806.dop244.fr8.shc,1659507806.dop244.fr8.t,1659507806.cds259.fr8.sc,1659507806.cds259.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
/
servedby.flashtalking.com/segment/2/read/a;;pixel/ Frame 0087
42 B
355 B
Image
General
Full URL
https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=9487&d=xfinityoffers.xyz&r=overview
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//xfinityoffers.xyz/overview%3Fentity%3D1073444&ns=&cb=562283.8550527078
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app9.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//xfinityoffers.xyz/overview%3Fentity%3D1073444&ns=&cb=562283.8550527078
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Server
prod-xre-app9.frk11
X-HW
1659507806.dop129.fr8.shc,1659507806.dop129.fr8.t,1659507806.cds120.fr8.sc,1659507806.cds120.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
ec.js
www.google-analytics.com/plugins/ua/
3 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 05:24:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
3557
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 03 Aug 2022 06:24:09 GMT
serve
survey.pulseinsights.com/
56 B
359 B
Script
General
Full URL
https://survey.pulseinsights.com/serve?udid=bb7a1edb-e72d-427c-87ce-03514cb0fed0&device_type=desktop&identifier=PI-43371140&visit_count=1&pageview_count=1&url=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&callback=window.PulseInsightsObject.jsonpCallbacks.request_0
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.105.198.99 London, United Kingdom, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.198.105.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
16c302e91b03812a5843a7f87021e370f178e72811586afd656e5966b0a70cb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 06:23:26 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
pr
s.amazon-adsystem.com/v3/ Frame CB3D
6 KB
6 KB
Document
General
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9c6269e8-4641-e261-dd25-4fc3136dea37%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.xfinity.com/&ex-hargs=v%3D1.0%3Bc%3D8324316060801%3Bp%3D9C6269E8-4641-E261-DD25-4FC3136DEA37&cb=961634634924344600
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
a4b3bd16f7e2b5129499b55e8a9d5839a8d41851d267c4dd52d28c6e302551de
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D9c6269e8-4641-e261-dd25-4fc3136dea37%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.xfinity.com/&ex-hargs=v%3D1.0%3Bc%3D8324316060801%3Bp%3D9C6269E8-4641-E261-DD25-4FC3136DEA37&cb=961634634924344600
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
5648
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 03 Aug 2022 06:23:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
JRJ0VCXGWMVWAA3S62EM
conversion_async.js
www.googleadservices.com/pagead/
40 KB
15 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15160
x-xss-protection
0
server
cafe
etag
9823212955285023900
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 06:23:26 GMT
adsct
t.co/i/
43 B
338 B
Image
General
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=6327125f-793e-4473-a43b-1222c9314d92&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=1e884079-858b-423f-bf45-1b46849d97fb&tw_document_href=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuptm&type=javascript&version=2.4.15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time
106
date
Wed, 03 Aug 2022 06:23:26 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
0dc717ed46763466b6f18b45e90316ef516d39104d2b4788a212c836a6d683a3
content-length
43
adsct
analytics.twitter.com/i/
43 B
101 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6327125f-793e-4473-a43b-1222c9314d92&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=1e884079-858b-423f-bf45-1b46849d97fb&tw_document_href=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nuptm&type=javascript&version=2.4.15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time
110
date
Wed, 03 Aug 2022 06:23:26 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
9fee73ac83a9fa904df54197abb4e22409e37b07f89ed64c9b1771d2882396e1
content-length
43
iFrame.html
universal.iperceptions.com/ Frame 70F2
2 KB
1 KB
Document
General
Full URL
https://universal.iperceptions.com/iFrame.html
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9600:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb

Request headers

Referer
https://xfinityoffers.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age
219
cache-control
public,max-age=7200
content-encoding
gzip
content-md5
Vmg/mBwwVR6Kl52r4KoGqg==
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 06:19:57 GMT
last-modified
Tue, 28 Jan 2020 16:03:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-cf-id
-JgTE_EUlpPkX8iCG6UyOKaIFmhe-4d1S6oceu_6bHJ0UZjtgjueLQ==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
cc7fc91b-701e-000e-7c92-a105c3000000
x-ms-version
2009-09-19
main_1080e508aac30f7e5e5056d4839fe10b.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
331 KB
66 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main_1080e508aac30f7e5e5056d4839fe10b.br.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c5d986a24bd987df580198c58ee4ab383b89d879633c400c76d1e8d279c592e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 12:13:56 GMT
content-encoding
br
age
65370
x-guploader-uploadid
ADPycdtSwDVyUU23Pf68KmXIhXDie8BoKW9oX3_dWYxYNowp5a858UU56MWVI3QNDO8e70r3H1FcXItU9fEGGWesqj_j5Rwq6NNl
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67401
last-modified
Tue, 02 Aug 2022 12:13:42 GMT
server
UploadServer
etag
"32a3066246fb4e721b7b05dc119e9453"
x-goog-hash
crc32c=p5wJag==, md5=MqMGYkb7TnIbewXcEZ6UUw==
x-goog-generation
1659442422150970
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
67401
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 02 Aug 2023 12:13:56 GMT
cjs_min_3a85b9078cc2b2612e2b408184788df2.js
assets.bounceexchange.com/assets/smart-tag/versioned/
45 KB
15 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/cjs_min_3a85b9078cc2b2612e2b408184788df2.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a6f2535b2625b5f0830c5b3fe1dee50feb879d4f4f58241c0a7e8718dba7fe81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 06 Jul 2022 20:24:24 GMT
content-encoding
gzip
age
2368742
x-guploader-uploadid
ADPycds29aNrVrpfs9zmuotj-JGc6R0mtEE-a-CDvdKOA3aHseLnDOzu89fJ_klVMTwN7YqKPWnDvIrrPi0ayx_6OEx4
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14825
last-modified
Wed, 06 Jul 2022 20:24:03 GMT
server
UploadServer
etag
"7a1ac0ae034b56c39ba8265237a008b4"
x-goog-hash
crc32c=dQE7VA==, md5=ehrArgNLVsObqCZSN6AItA==
x-goog-generation
1657139043633989
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000,no-transform
x-goog-stored-content-length
14825
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Thu, 06 Jul 2023 20:24:24 GMT
collect
www.google-analytics.com/j/
4 B
24 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=700144599&t=pageview&_s=1&dl=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&dp=%2Foverview%3Fentity%3D1073444&ul=en-us&de=UTF-8&dt=Internet%2C%20TV%2C%20Phone%2C%20Smart%20Home%20and%20Security%20-%20Xfinity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEIJAAAAAC~&jid=492064637&gjid=654716767&cid=637578086.1659507806&tid=UA-22837032-7&_gid=1686091899.1659507806&_r=1&_slc=1&cd1=unauthenticated%7Cip%20recognized&cd2=&cd3=new&cd7=&cd8=&cd9=&cd10=637578086.1659507806&cd11=&z=457551205
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=700144599&t=event&ni=1&_s=2&dl=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&dp=%2Foverview%3Fentity%3D1073444&ul=en-us&de=UTF-8&dt=Internet%2C%20TV%2C%20Phone%2C%20Smart%20Home%20and%20Security%20-%20Xfinity&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Page%20Name&ea=resi%7Csales%7Cshop%7C%7Chome&_u=aGBAAEIJAAAAAC~&jid=&gjid=&cid=637578086.1659507806&tid=UA-22837032-7&_gid=1686091899.1659507806&z=1227360447
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Aug 2022 19:16:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40012
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
conversion.js
www.googleadservices.com/pagead/ Frame F470
44 KB
17 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 4053494.fls.doubleclick.net
URL: https://4053494.fls.doubleclick.net/activityi;dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
169654a2040e9f83c46d4cd65600c3dc9db6db042904c22cc97645fb4323c362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4053494.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17001
x-xss-protection
0
server
cafe
etag
6464440653375776403
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 06:23:26 GMT
dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=*;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444
adservice.google.com/ddm/fls/z/ Frame F470
42 B
494 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=*;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444
Requested by
Host: 4053494.fls.doubleclick.net
URL: https://4053494.fls.doubleclick.net/activityi;dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4053494.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRge2FCdiYcFVtA=
x-amz-cf-id
kLy7gKT6yj2RPqXhl3fjWPVim0MKa46yFUkjEzVoydnU-6dkd6hGvQ==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
fe8a4deb-b819-46e6-b8ab-7adfb92216b9
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-apigw-id
WRge1GflIAMFgmA=
x-amz-cf-id
KTkdeyZau3oMI9EfsQ9UMValamh02PK7xTCAYNEsv3NnZhVyi0FfbQ==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
38984f3d-6fba-4370-b3c3-3599c5025e68
collect
stats.g.doubleclick.net/j/
4 B
444 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-22837032-7&cid=637578086.1659507806&jid=492064637&gjid=654716767&_gid=1686091899.1659507806&_u=aGBAAEIIAAAAAC~&z=1438530015
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 03 Aug 2022 06:23:26 GMT
content-type
text/plain
access-control-allow-origin
https://xfinityoffers.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
469 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
2c44320e9d1a4f378d6055cb30d5b563d5454f6d799701f3eaff00fa4340e240

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
5f23e6fb-01c6-4845-8820-f266e444bd8d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-623c0a322eb3aead072b1bf0
x-amz-apigw-id
WRge5HPxiYcFonA=
content-length
110
x-amz-cf-id
p9Z91bVTf2YNUZQ4gveJejEa29Z5eqBTK5uIzu7FeobYYxzUohuTxg==
/
dl.cws.xfinity.com/event/
110 B
490 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
565a11064511ac2e0060d4debbda93e7161620c76a025c027bdc0f9cf64db62c

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRge5GQRIAMF6MQ=
x-amzn-requestid
d629bac6-83bb-4791-b793-84cd75a35a80
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-6a899463010a8455771aa4a9
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
W3rUrlc-5GwWAUGckweCpZbRGxQbhsAxfNxT9frWTePihvMYZurZ-A==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?random=1659507806471&cv=9&fst=1659507806471&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&tiba=Internet%2C%20TV%2C%20Phone%2C%20Smart%20Home%20and%20Security%20-%20Xfinity&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
882949c87a297b43d3c31661aac79b08ab2bd91dcfda10e1a87bb7a7c173d1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1088
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1023869955/?random=1659507806473&cv=9&fst=1659507806473&num=1&value=1&currency_code=USD&label=7HWWCN-bhwgQg4ic6AM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&ig=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&tiba=Internet%2C%20TV%2C%20Phone%2C%20Smart%20Home%20and%20Security%20-%20Xfinity&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c898d64fdfb6fb30ae09986db068945473b8ba5139f0d71b96de3fd62c8c973
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1155
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/475828178/ Frame F470
2 KB
1 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/475828178/?random=1659507806498&cv=9&fst=1659507806498&num=1&npa=1&label=R_euCJHu8r8DENKf8uIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOvBr6qEqvkCFYew7QodkHwDOw%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini00h%3Bord%3D9004507046157%3Bgtm%3D2od811%3Bauiddc%3D793358232.1659507806%3B~oref%3Dhttps%253A%252F%252Fxfinityoffers.xyz%252Foverview%253Fentity%253D1073444%3F&ref=https%3A%2F%2Fxfinityoffers.xyz%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
eb1922119ee33057624b63cc9689f73d96b8ae7ba92b55d65fa960a4f4a828e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4053494.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1262
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212284268
  • https://s.amazon-adsystem.com/ecm3?id=219333204232000482828&ex=neustar.biz
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=219333204232000482828&ex=neustar.biz
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PS5RMSFFJ1Q71CGHAJM9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
server
AAWebServer
location
https://s.amazon-adsystem.com/ecm3?id=219333204232000482828&ex=neustar.biz
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=vp-7D_yJS-CYvghkmXBDjA&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
  • https://r.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=vp-7D_yJS-CYvghkmXBDjA&C=1
  • https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YuoUXgGIJbDk-yIZA1wzrAAA
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YuoUXgGIJbDk-yIZA1wzrAAA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XQ371ED4JFJ75ZN9M1E7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

cf-ray
734cf6f04ba75b92-FRA
pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rfbxgt79GA8NOhDk7wszY2oifHH4yuRKCdOPnAKrKpFh0oiJyVrDNdM36SMalOlT2U5ojQZ0d1Tqu%2FHOTJVNz22peCVvw40Ohj%2BdRLLAf2RkBfus2Svs%2F4Y%2FPrzY%2F2pJqsqI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=YuoUXgGIJbDk-yIZA1wzrAAA
cache-control
no-cache
content-type
text/html; charset=iso-8859-1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=b894dcf16770954e707e7a9622c7acaf
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=b894dcf16770954e707e7a9622c7acaf
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6QP3MQC6THH4HM4K4CQA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=b894dcf16770954e707e7a9622c7acaf
Date
Wed, 03 Aug 2022 06:23:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
  • https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YWZQE568JJ5AX980X3VY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date
Wed, 03 Aug 2022 06:23:26 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=shBPNd1oTzmz10OU5jwecA
  • https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=shBPNd1oTzmz10OU5jwecA
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=shBPNd1oTzmz10OU5jwecA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
45AC0BA4FXKVKP7HTTZS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=shBPNd1oTzmz10OU5jwecA
date
Wed, 03 Aug 2022 06:23:26 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a7b94421-3efa-4efb-b711-d60fe1098fd3
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a7b94421-3efa-4efb-b711-d60fe1098fd3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CCFNHR6K3ZV42J1E1KVK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin
*
Date
Wed, 03 Aug 2022 06:23:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
Connection
keep-alive
Content-Length
0
Location
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=a7b94421-3efa-4efb-b711-d60fe1098fd3
sync
amazon.partners.tremorhub.com/ Frame CB3D
43 B
183 B
Image
General
Full URL
https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:fd1:5892:27bc:b9b0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif
cms
cms.analytics.yahoo.com/ Frame CB3D
0
39 B
Image
General
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server
ATS
age
0
strict-transport-security
max-age=31536000
content-type
text/html;charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://mwzeom.zeotap.com/mw?zpartnerid=1353&zurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%7BZCOOKIE%7D
  • https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=bb2b2a43-d5be-449b-5821-a94528ed09ff
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=bb2b2a43-d5be-449b-5821-a94528ed09ff
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KTT0DAWWD9KAWVZPKDQT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://s.amazon-adsystem.com/ecm3?ex=zeotap&id=bb2b2a43-d5be-449b-5821-a94528ed09ff
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
734cf6efc8ca9a21-FRA
access-control-allow-headers
*
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545
  • https://s.amazon-adsystem.com/ecm3?id=87336826fc401dbe76619e70ee4db4f0&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=87336826fc401dbe76619e70ee4db4f0&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5BCF7D80GA903TCMP2H7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Server
nginx
Cache-Control
max-age=0, no-cache, no-store
Location
https://s.amazon-adsystem.com/ecm3?id=87336826fc401dbe76619e70ee4db4f0&ex=freewheel.tv&gdpr=0&gdpr_consent=
Access-Control-Allow-Origin
*
Cneonction
close
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1659507806603083-502
Expires
Wed, 03 Aug 2022 06:23:26 GMT
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
  • https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
F87Y2N9WEDHZRERQE8FD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
FRA56-P4
content-security-policy-report-only
default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=43A8CTKYZKF2Q1B9Y4YE:sn=www.imdb.com
x-cache
Miss from cloudfront
vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length
0
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
server
Server
x-amz-rid
43A8CTKYZKF2Q1B9Y4YE
strict-transport-security
max-age=31536000; includeSubDomains
location
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy
interest-cohort=()
x-robots-tag
noindex, nofollow
x-amz-cf-id
gDuDxzMCWdYRN0mAEtpaiCiWQwx96eFy1BnrEDudZ3uhQQeNrbTmrA==
usermatch.gif
beacon.krxd.net/ Frame CB3D
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=DtYlVBnkTuuyPyJ3zGpCoQ&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.253.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-253-121.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
cache-control
private, no-cache, no-store
x-request-time
D=36 t=1659507806
x-served-by
beacon-n023-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel.gif
usersync.samplicio.us/amazon/ Frame CB3D
0
263 B
Image
General
Full URL
https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.85.219 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-85-219.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Server
nginx/1.20.0
Location
https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame CB3D
0
123 B
Image
General
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=1868&dspUserId=aPsk6_yBTN-mBJrXtnihDA&redir=https://s.amazon-adsystem.com/ecm3?ex=dailymotionHMT1&id=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
188.65.124.66 , France, ASN41690 (DAILYMOTION For peering related business, please mail peering@dailymotion.com, FR),
Reverse DNS
ingress-03-pub-prod-ix7.vip.dailymotion.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-dm-lb-name
ingress-nginx-nginx-in-cluster-jzbkr
date
Wed, 03 Aug 2022 06:23:26 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fc5d183f059ca776
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fc5d183f059ca776
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RS5DSAJWFJKKTFHZME4N
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 03 Aug 2022 06:23:27 GMT
x-content-type-options
nosniff
location
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=fc5d183f059ca776
x-frame-options
SAMEORIGIN
access-control-allow-methods
HEAD,OPTIONS,GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
content-security-policy
default-src 'self'
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type, Authorization
content-length
93
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=m6aKc5zbST-CoDYR444uRA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=m6aKc5zbST-CoDYR444uRA
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=m6aKc5zbST-CoDYR444uRA
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V9MKRBJGZDZ8STR7EFH6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=m6aKc5zbST-CoDYR444uRA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=rEGi2QYVRk-LbDWA0USLHA&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=31912626428261994344514808420044100204
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=31912626428261994344514808420044100204
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
M6E8Y00Z79HQ2P9QHM8G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-irl1-2-v037-06053dde6.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
OA/hADVvSig=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=31912626428261994344514808420044100204
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=Ziu7s7nsTmGyzh6YAlIfEA
  • https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818983312030411295&gdpr=&gdpr_consent=
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818983312030411295&gdpr=&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MF1A4407TWHB5KR6MXCP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10818983312030411295&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
z
px.surveywall-api.survata.com/ Frame CB3D
0
0

ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=877566848683660962
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=877566848683660962
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XFCJ3ZSFHEFW5FBENY2T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:27 GMT
server
nginx
location
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=877566848683660962
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=c8e8d860-12f4-11ed-9efd-192cb16e0206
  • https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=c8e8d81d-12f4-11ed-9efd-192cb16e0206
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=c8e8d81d-12f4-11ed-9efd-192cb16e0206
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9R46ZJYYQYB5V14F4YCG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Wed, 03 Aug 2022 06:23:27 GMT
Server
nginx
Location
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=c8e8d81d-12f4-11ed-9efd-192cb16e0206
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
96
Connection
keep-alive
Content-Length
0
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
  • https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22c8f02d25-9fca-4217-8840-fa569e49c11d%22,%22Time%22:%2220220803T062327.067628%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
  • https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=c8f02d25-9fca-4217-8840-fa569e49c11d
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=c8f02d25-9fca-4217-8840-fa569e49c11d
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GWKFRABGW79FT7PK6ZQ5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=c8f02d25-9fca-4217-8840-fa569e49c11d
Server
LogModule 0.4
Content-Length
204
Content-Type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
  • https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEF0Kn2C7zOuTzndlqmabh1M&google_cver=1
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEF0Kn2C7zOuTzndlqmabh1M&google_cver=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
N6TQ71M5QW7WBVXVSDJP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEF0Kn2C7zOuTzndlqmabh1M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
311
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=amzn
  • https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=O_tc2w8Z
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=krux.com&id=O_tc2w8Z
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
RHJEQM0JJP7HADAEXHNZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
//s.amazon-adsystem.com/ecm3?ex=krux.com&id=O_tc2w8Z
date
Wed, 03 Aug 2022 06:23:27 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a012-ash-prod.krxd.net
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
  • https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1ecfb3c58ecaad131cad0411b9af672f
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1ecfb3c58ecaad131cad0411b9af672f
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
XEJ0R7GDN12ASVXYMYSF
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1ecfb3c58ecaad131cad0411b9af672f
date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
0
x-amz-cf-id
omR8TWkKFIL4Trt5_DNIjgwVJi6zAt3U79QBZkxv2Vb1loZx3mnFsw==
x-cache
Miss from cloudfront
cm
us-u.openx.net/w/1.0/ Frame CB3D
43 B
304 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:27 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
  • https://s.amazon-adsystem.com/ecm3?ex=index&id=K7gjblG8b8iUrWEtejldmTc4dKY4ZgAC
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index&id=K7gjblG8b8iUrWEtejldmTc4dKY4ZgAC
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
5WJYPSN89XTJD7Y51S19
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

cf-ray
734cf6f2afc4bbfd-FRA
pragma
no-cache
date
Wed, 03 Aug 2022 06:23:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIV5AfRr8l9niEOOlt4sDdiT0fVOfFnOR77w12E7FKWCFZbjSyxyYwcaVjzfHT1BShpVPGI3NjHaIcoOhPtDJTj154qemSn7wsiw0%2BZKH1vvhADPIMWlmbKZlUEAaF8YfTRKWgNWH4J6zw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://s.amazon-adsystem.com/ecm3?ex=index&id=K7gjblG8b8iUrWEtejldmTc4dKY4ZgAC
cache-control
no-cache
content-type
text/html; charset=iso-8859-1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
  • https://s.amazon-adsystem.com/ecm3?ex=semasio&id=43C7A6D397EA83CF
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=43C7A6D397EA83CF
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PR7B2MQKR55V8KV211P4
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:28 GMT
frontend-id
4
location
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=43C7A6D397EA83CF
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=4349564117173850171&ex=appnexus.com
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=4349564117173850171&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JS2D27RCEWVGTE18PKT3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
X-Proxy-Origin
178.162.209.139; 178.162.209.139; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
de052a57-6681-428d-899b-a5547c0745b1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.amazon-adsystem.com/ecm3?id=4349564117173850171&ex=appnexus.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CB3D
0
225 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=T8H6Y0jcQqyj4PTo1Ecw2w&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2179&pt=n
  • https://s.amazon-adsystem.com/ecm3?id=IW2S5KgDS8KkHYSqciLxUcWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?id=IW2S5KgDS8KkHYSqciLxUcWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VRQZ6HGK69JPAM66E9HD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?id=IW2S5KgDS8KkHYSqciLxUcWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=LdWvo18uSaaNFgLqe3SUGA&
  • https://s.amazon-adsystem.com/ecm3?ex=googleHMT
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q79Q6236C955MFGFF6S1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
244
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
loadus.exelator.com/load/ Frame CB3D
0
324 B
Image
General
Full URL
https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
  • https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2D5F14EA62B80419B20233C319
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2D5F14EA62B80419B20233C319
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6CS8P2SA2E1P3BRT4AK6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Wed, 03 Aug 2022 06:23:27 GMT
Server
openresty/1.15.8.2
P3P
CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BEBC4F2D5F14EA62B80419B20233C319
Cache-Control
no-cache, private
Connection
keep-alive
Content-Type
text/html
Content-Length
151
Expires
Wed, 03 Aug 2022 06:23:26 GMT
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=392ef88c4967ac2da67ea6f687fb54dadb7a10846034d0b115733a59d343ac56
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=392ef88c4967ac2da67ea6f687fb54dadb7a10846034d0b115733a59d343ac56
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
7EZWPJFRSZPS77AVBTQQ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:27 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=392ef88c4967ac2da67ea6f687fb54dadb7a10846034d0b115733a59d343ac56
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
retry-after
0
expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame CB3D
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame CB3D
Redirect Chain
  • https://sync.taboola.com/sg/amazon-a9-network/1/rtb
  • https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c3759d88-e9e6-4678-a111-d112ad183a21-tuct9e399df
43 B
556 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c3759d88-e9e6-4678-a111-d112ad183a21-tuct9e399df
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-kr-new_n-lucid_n-dm-HMT_n-samba.tv_n-rb-HMT3_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=DtYlVBnkTuuyPyJ3zGpCoQ&dmt=3&ex-pl-n-g-hmt=LdWvo18uSaaNFgLqe3SUGA&ep=mfS4I4Lxm4iN8M-0MyueFUDivcm3Y8_t6jFbYz6_7HBinc7VfMbyIp9nHkVSOqz22jWiCiwTat5bqD_t_ltt9trbOsLoWu-hxgDBgT8ztVM0B83_I09Bt98LkLcfuQhu2_3Y8VK_7aE91Qi20T-7aoZ_uE-4RVmd4q9BKRCJN8CPnmJWqQfwkcWmEgQINllw0V7jDH4QO_BmHB99cUIaLYmsYJ8ZSHBep-SyULb5ylUGgpwqG6LdHPlBsL3QE3JGEaKjjo_75iFXSOvcNUSdJoFflq4kqbng4Ch7zOt4gwXknOOdd1DIEkHTcRUvHSXGxM2Qp_OmnuYIOv0DguHBy3u-HECbNS_K_pWdDX4tKf-uUQ-lcs5tANLVEcWcFDyP
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BGMCP0ZCJ0S7HG7MFTZ9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=c3759d88-e9e6-4678-a111-d112ad183a21-tuct9e399df
date
Wed, 03 Aug 2022 06:23:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12945
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22837032-7&cid=637578086.1659507806&jid=492064637&_u=aGBAAEIIAAAAAC~&z=422742743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-22837032-7&cid=637578086.1659507806&jid=492064637&_u=aGBAAEIIAAAAAC~&z=422742743
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
471 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
d1970088babfe21823f040717595b7e3371d1f0f5bdf2ad2cc74d1d16fe30dd7

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
cfb71b9e-a9af-4bb1-9410-66acea6d7a47
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-5e6d8dfe286be6617860500d
x-amz-apigw-id
WRge5FNuCYcFSkg=
content-length
110
x-amz-cf-id
6iFHmDqf7KRdmtSj6jQpUCwUbHO9TAYMUGwevHP4F-aotivuXqiJSQ==
/
dl.cws.xfinity.com/event/
110 B
490 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
df0639596a929ccd310e29830c2348824709cc9d001de49e737a9cff05ec539e

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRge5GwuIAMFwng=
x-amzn-requestid
7429e348-7565-4b23-b15b-297f0752ba11
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-00969d0c6b91f3455ae96881
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
Tr9TBsffTKcFng5RYSWe6q371N9sNgBMzdI2Jc-TccQKtNRGvWI7Pw==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRge2EeiCYcFaUA=
x-amz-cf-id
qG3nuLnzE2K3ElfMI4F-PBklhoms2lfp-TOjk3BGI2M1aYgKUqDOyg==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
0bcb96e3-550c-4c1c-ae8c-20914a67da4c
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:26 GMT
x-amz-apigw-id
WRge2EP9IAMF8nQ=
x-amz-cf-id
XQ8tkPPguRSWjTYsPPaEiO59K36D2W3e6qpJs8CMLJ-VXvmbVwpBFQ==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
1c788e93-da32-4422-b7fb-6ac0b582d32e
/
www.google.com/pagead/1p-user-list/1023869955/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1023869955/?random=1659507806473&cv=9&fst=1659506400000&num=1&value=1&currency_code=USD&label=7HWWCN-bhwgQg4ic6AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&tiba=Internet%2C%20TV%2C%20Phone%2C%20Smart%20Home%20and%20Security%20-%20Xfinity&async=1&fmt=3&is_vtc=1&random=53789647&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1023869955/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1023869955/?random=1659507806473&cv=9&fst=1659506400000&num=1&value=1&currency_code=USD&label=7HWWCN-bhwgQg4ic6AM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&tiba=Internet%2C%20TV%2C%20Phone%2C%20Smart%20Home%20and%20Security%20-%20Xfinity&async=1&fmt=3&is_vtc=1&random=53789647&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/1023869955/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1023869955/?random=1659507806471&cv=9&fst=1659506400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&tiba=Internet%2C%20TV%2C%20Phone%2C%20Smart%20Home%20and%20Security%20-%20Xfinity&async=1&fmt=3&is_vtc=1&random=2236571757&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/1023869955/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1023869955/?random=1659507806471&cv=9&fst=1659506400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa811&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&tiba=Internet%2C%20TV%2C%20Phone%2C%20Smart%20Home%20and%20Security%20-%20Xfinity&async=1&fmt=3&is_vtc=1&random=2236571757&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/475828178/ Frame F470
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475828178/?random=2068174472&cv=9&fst=1659507806498&num=1&npa=1&label=R_euCJHu8r8DENKf8uIB&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
  • https://www.google.com/pagead/1p-conversion/475828178/?random=2068174472&cv=9&fst=1659507806498&num=1&npa=1&label=R_euCJHu8r8DENKf8uIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&...
  • https://www.google.de/pagead/1p-conversion/475828178/?random=2068174472&cv=9&fst=1659507806498&num=1&npa=1&label=R_euCJHu8r8DENKf8uIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u...
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/475828178/?random=2068174472&cv=9&fst=1659507806498&num=1&npa=1&label=R_euCJHu8r8DENKf8uIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOvBr6qEqvkCFYew7QodkHwDOw%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini00h%3Bord%3D9004507046157%3Bgtm%3D2od811%3Bauiddc%3D793358232.1659507806%3B~oref%3Dhttps%253A%252F%252Fxfinityoffers.xyz%252Foverview%253Fentity%253D1073444%3F&ref=https%3A%2F%2Fxfinityoffers.xyz%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XhTqYsz8IpzImLAPmcy9aA&cid=CAQSKQCsnQUx5_0tQ2FhkH5L9_znhpkYs8OKZqo_gfpXjl6Uwjd0dkMNI_zf&random=2117933683&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: 4053494.fls.doubleclick.net
URL: https://4053494.fls.doubleclick.net/activityi;dc_pre=COvBr6qEqvkCFYew7QodkHwDOw;src=4053494;type=comca517;cat=xfini00h;ord=9004507046157;gtm=2od811;auiddc=793358232.1659507806;~oref=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444?
Protocol
H3
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4053494.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/475828178/?random=2068174472&cv=9&fst=1659507806498&num=1&npa=1&label=R_euCJHu8r8DENKf8uIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCOvBr6qEqvkCFYew7QodkHwDOw%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini00h%3Bord%3D9004507046157%3Bgtm%3D2od811%3Bauiddc%3D793358232.1659507806%3B~oref%3Dhttps%253A%252F%252Fxfinityoffers.xyz%252Foverview%253Fentity%253D1073444%3F&ref=https%3A%2F%2Fxfinityoffers.xyz%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=XhTqYsz8IpzImLAPmcy9aA&cid=CAQSKQCsnQUx5_0tQ2FhkH5L9_znhpkYs8OKZqo_gfpXjl6Uwjd0dkMNI_zf&random=2117933683&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
91 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1576063789359472&ev=PageView&dl=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&rl=&if=false&ts=1659507806682&sw=1600&sh=1200&v=2.9.70&r=stable&ec=0&o=30&fbp=fb.1.1659507806679.302686637&it=1659507806238&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 03 Aug 2022 06:23:26 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1576063789359472&ev=ViewContent&dl=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&rl=&if=false&ts=1659507806684&cd[type]=resi&cd[content_name]=resi%7Csales%7Cshop%7C%7Chome&cd[content_url]=https%3A%2F%2Fxfinityoffers.xyz%2Foverview&sw=1600&sh=1200&v=2.9.70&r=stable&ec=1&o=30&fbp=fb.1.1659507806679.302686637&it=1659507806238&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 03 Aug 2022 06:23:26 GMT
/
data.cdnbasket.net/
14 B
338 B
XHR
General
Full URL
https://data.cdnbasket.net/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.190.20.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.20.190.35.bc.googleusercontent.com
Software
/
Resource Hash
4a970797076346b140129a69e017d8d2370f6bbb2ce9ba4c1b5a398f3366a202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
page.cdnbasket.net/
14 B
338 B
XHR
General
Full URL
https://page.cdnbasket.net/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.120.232.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.232.120.34.bc.googleusercontent.com
Software
/
Resource Hash
2806dcb5468048c0feef0c94cbcd74d839aff5897f79ef4db82536ddc993cea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:27 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
/
view.cdnbasket.net/
14 B
338 B
XHR
General
Full URL
https://view.cdnbasket.net/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.98.115.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
224.115.98.34.bc.googleusercontent.com
Software
/
Resource Hash
8dd5b5eb9e1aa026df243e8305c4f34555d6db0a59a1151dedf46705c9d4a8ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Aug 2022 06:23:26 GMT
Transfer-Encoding
chunked
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, Content-Type, Accept
Expires
0
inbox_1cde94b71b040afa0e77bb964b3c16e3.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
71 KB
18 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox_1cde94b71b040afa0e77bb964b3c16e3.br.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
532cf7167d55ffff4ca4ee0d3913030f03ff89a34cda42c42b0b659ba446f932

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 30 Jul 2022 21:01:34 GMT
content-encoding
br
age
292912
x-guploader-uploadid
ADPycdsLeh0QXv3YiM5zOAdA20QoTpx2PJl2wPevle0ZueOlAWW1CmguJsFTEFmzokMWjWgmHkIBBZ-bQ6KlO3nEw1WpYRfUtpl3
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18676
last-modified
Mon, 25 Jul 2022 15:26:24 GMT
server
UploadServer
etag
"88ccb13f6e684660e6546c08352c4cfa"
x-goog-hash
crc32c=TP4lGg==, md5=iMyxP25oRmDmVGwINSxM+g==
x-goog-generation
1656622875439352
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
18676
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 30 Jul 2023 21:01:34 GMT
onsite_b8fa8e194e84658622aa825f43fa84cd.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/
154 KB
33 KB
Script
General
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_b8fa8e194e84658622aa825f43fa84cd.br.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5127ebbb4dd689b67037fb9077743687ba5e6b0eb846c0ba7d1f3c6debd2d38c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 12 Jul 2022 14:00:28 GMT
content-encoding
br
age
1873378
x-guploader-uploadid
ADPycdvZmziBMgzxNaPc-It_5YbMQDlFzrnN8DDXT-UWGBCCD_YQVH2CDmgRBgU_pBN17r6eFWbsWTdqkxPACuseGNMHpQ4aDnAB
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33906
last-modified
Tue, 12 Jul 2022 14:00:18 GMT
server
UploadServer
etag
"a3f47e6e18cc9e8bc1117fc6e1e4b1cb"
x-goog-hash
crc32c=USYGsg==, md5=o/R+bhjMnovBEX/G4eSxyw==
x-goog-generation
1657634418394422
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
33906
accept-ranges
bytes
content-type
text/javascript
expires
Wed, 12 Jul 2023 14:00:28 GMT
InviteTriggers
api.iperceptions.com/
0
31 B
XHR
General
Full URL
https://api.iperceptions.com/InviteTriggers
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
SecurityToken
410f8076-db76-454d-bfc2-c724a5fc59b0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 06:23:26 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-origin
*
cache-control
no-cache
content-length
0
expires
-1
InviteTriggers
api.iperceptions.com/ Frame
0
0
Preflight
General
Full URL
https://api.iperceptions.com/InviteTriggers
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
securitytoken
Access-Control-Request-Method
GET
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
securitytoken
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Wed, 03 Aug 2022 06:23:26 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 3169
2 KB
1 KB
Document
General
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Referer
https://xfinityoffers.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
1226779
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
gzip
content-length
1055
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 01:37:07 GMT
etag
"e011643ecd9bb3e6a134f0f2183b2b0e"
expires
Thu, 20 Jul 2023 01:37:07 GMT
last-modified
Tue, 19 Jul 2022 13:57:09 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1658239029272699
x-goog-hash
crc32c=G482cQ== md5=4BFkPs2bs+ahNPDyGDsrDg==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
x-guploader-uploadid
ADPycduA1Rb0jcDdfBxCcM7QIBlkifr_wxBPJNBGKhfz8yZlrN-aPXEKyDkiUOtbQxW5E-7aV033zIKyy3Wm7OMSk43Nlw
quantum-comcast-worker.js
cdn.quantummetric.com/workers/ Frame 87A1
35 KB
11 KB
Other
General
Full URL
https://cdn.quantummetric.com/workers/quantum-comcast-worker.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:149e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffeeb679686bddd0575424792a8e69b74866b65c375858347171d904bef1c581
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.quantummetric.com/workers/quantum-comcast-worker.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
etag
W/"1659455710618"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600
strict-transport-security
max-age=31536000
cf-ray
734cf6f09d119b3f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRge6Ga5CYcF-6w=
x-amz-cf-id
8f40BdH4HYtX8sI9-T9zbG7CzVXf0YOFPGLNI3pKCf9ygXYXGCcHoQ==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
7b8673ec-8952-4a0d-a636-c7e3c9f86e6d
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-apigw-id
WRge6HyNIAMFdBw=
x-amz-cf-id
YvLea8Hg2t0lGJmyirndEOi1ku66Gd-1S-NsfftLPjsSO-LLlC3SqA==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
c0e0ff61-3b80-4f9a-843a-0200c2ae679b
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
469 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
70f9a194483079b6dd624a55ab264642177a732d6a40e2d73e73b840fd05fb8e

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
7544a22b-8c8f-4f15-ba84-c5d962545740
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-401f744800195cd17507574c
x-amz-apigw-id
WRge7HpGCYcFY6g=
content-length
110
x-amz-cf-id
O4dzzUvIITCEg4lTA3rtfxEGP6yiqX9OORnCzL5lB2ssmYnedZresg==
/
dl.cws.xfinity.com/event/
110 B
490 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
04444baa22458c25027638c1436aee773fe94a60fcd30a86f4e124fab7660cb1

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRge-Fe0oAMFQkA=
x-amzn-requestid
c370b3c3-13f0-474f-8b3f-b87681b9fbd6
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-0d183b957e1bc1d743cabc0e
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
qsF2eTE1Uq4BysNASJe_i3DLQ_q5m2qXV1c3fDvBL6jlu3BY76WPXg==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRge4FjpCYcFjzw=
x-amz-cf-id
LGGpKYcNDaJY1itp2lmns8jf4JP-KQDyidXOzvV7gDGTovg-nbQvMA==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
12915ea0-e9b3-48f6-9a71-cd54a59727d6
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-apigw-id
WRge6EejoAMF-sQ=
x-amz-cf-id
4H1Ws6IqWECcry5eEK_4oNz2Xv9nIks8ash070cnEBGHpsGzzPNCoA==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
41baf96f-abb0-48dc-932d-de22d376e4af
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
470 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
1195f816856bbbab77175ad7a1caff1d80c0c9f61c2da1a93c629f252cabd212

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
6853a39c-0e8a-43ac-a525-28cf9368604d
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-1fa9110f7ff955597bb529f7
x-amz-apigw-id
WRge5H1oCYcFXeA=
content-length
110
x-amz-cf-id
iCcRZwPwLDi0egVE5nW_IzcGDveqFh_FmXgRddESeW6WenjuzfAc7Q==
/
dl.cws.xfinity.com/event/
110 B
492 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e9ece1309bdf7f719c328b0e2b9eade9ec1806cb8b39dfbd4422c32f761d1452

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRge-GU2IAMFbHQ=
x-amzn-requestid
c851d55d-681d-43a9-b0ac-efb6edf25cad
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-68d38e603bb65800520ec9d3
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
xKhV44J77xgJWJYZ2LyPle_ULUjMpJVJwzzQqVczLtBI5kjC6OJl5Q==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRge5FGgiYcFmsA=
x-amz-cf-id
EgI5gmN7lzFt48AGIiNgUqRYKCxUaWP4CEILGQZ5dpS1-3sPmXeu1w==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
11c4aefa-525c-4b23-90dc-3cfd542bba68
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-apigw-id
WRge8EKBIAMFZYw=
x-amz-cf-id
ulqRpc0SJrEJV6lM5kDsIa9mb04Lv58MqIRBLDmF6gl0-SlUJqH16A==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
af82ac5c-8878-4706-ba89-785f36bc601b
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
469 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
f71322715138a7c026478b6ddfb2006e0208dd7361afef2a4cf478151bbe77f9

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
0f357c9c-974e-4ad7-92fd-64b313b1d23e
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-249b667033f0c9f8751ddc0c
x-amz-apigw-id
WRge6E3MCYcFuyg=
content-length
110
x-amz-cf-id
ikMRuF6zyCvTw2BCHogBNK8JgdmY6wf80t2E0Wg07n3couQ-eRpZVQ==
/
dl.cws.xfinity.com/event/
110 B
490 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b4f4b2c27b588c050bc9e78f30a32190ccce2e8bfc2f29e113ddd00a9722684f

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgfAFMCIAMFR_g=
x-amzn-requestid
15892d71-4ef6-4ddf-a75b-7729222d5a31
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-1858901a4be0687e63cd0b20
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
WJLLhTUt-K4zY73SxW9sIauBUsnuCV-E5BwXbnqWulCteXPolW1qVQ==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRge5G2sCYcF7Cw=
x-amz-cf-id
i7v2VAtWq8INngf4Mu5t7g-0EajEaeo19asLrgDf_Bl0YdfORmF00w==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
7a886360-65d4-403a-a3d0-617ba882d39c
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-apigw-id
WRge8GWpoAMF0OA=
x-amz-cf-id
ntsfnAAk-2Fjt-5Z0KqXVpPXdwvaKn3Pce8Sq-ZZUDZfQUqbmJq5qQ==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
7f83534c-38d0-49cb-84d7-e85a3e970f03
c
ids.cdnwidget.com/
31 B
202 B
XHR
General
Full URL
https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=&SCH1=&GCS1=101092212&GCS2=NzhhYTdiY2ItOGU5OS00MTg0LWI1NjYtNGEyODUzOTc5M2ZhLmxvY2Fs&pe=false&wsid=1369&varID=0opv6&varData=undefined&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A1369%2C%22loadID%22%3A%229lcGK1SH2Jzehoo%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A2%2C%22IDStageStart%22%3A2%2C%22netComplete%22%3A124%2C%22obsReqview%22%3A310%2C%22obsReqdata%22%3A368%2C%22obsReqpage%22%3A449%2C%22IDStagePrefire%22%3A449%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Afalse%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A0%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.191.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.191.107.34.bc.googleusercontent.com
Software
/
Resource Hash
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
https://xfinityoffers.xyz
date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
469 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
810e7357b6d05220d1f772e984f326810eb35d05ababe7794ca0c87d190bd963

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
5bd0edab-d93a-4925-8f2f-42fec280e8e6
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-5fda396a68d2e43a7968f633
x-amz-apigw-id
WRge7HxmCYcFeUw=
content-length
110
x-amz-cf-id
731U7t-Lv9yApY8_Gaq7Ga0bRS1Ovgu4Xio42ZM-2F3gX80bckRiLA==
/
dl.cws.xfinity.com/event/
110 B
489 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4033dab2a80b8c94ef84b503baffc425b239ece09a68cb08fe155a82c768cad3

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRge_GDWIAMFcHA=
x-amzn-requestid
1907c2df-a1c1-466b-a328-984233a6abd9
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-305486607e7d3fc06cb7307f
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
8cLiss9jo0bkdMPobHG8-OE6efh4xoLYqNdXQRQTAHkme4L_JAlemw==
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/ Frame
0
0
Preflight
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
OPTIONS,POST,PUT
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-apigw-id
WRge7F6wiYcF3Vw=
x-amz-cf-id
cUnaksInoIyZxFi_NK9wYNUO9SfauwbqHAFYyveMOreMi-nLMiWP3Q==
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
234d2ca9-918a-4911-8c45-c241b1dc2c05
x-cache
Miss from cloudfront
/
dl.cws.xfinity.com/event/ Frame
0
0
Preflight
General
Full URL
https://dl.cws.xfinity.com/event/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
PUT
Origin
https://xfinityoffers.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
HEAD,OPTIONS,PUT
access-control-allow-origin
*
content-length
0
content-type
application/json
date
Wed, 03 Aug 2022 06:23:27 GMT
x-amz-apigw-id
WRge-Fe5IAMF25g=
x-amz-cf-id
e8UbHUbfopzb3HA23N7aObmRXHX3nWBZWrVcFUfL7_fAuSAba8zq0A==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
e411e97d-7985-4fed-bdc1-245701f54347
cjs-logger
e.cdnwidget.com/
0
100 B
Image
General
Full URL
https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=1369&warpspeed=2%5EHIykD&loadID=9lcGK1SH2Jzehoo&version=1.5.9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.193.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
48.193.102.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/png
/
dss-dl-prod.aws-origin.xfinity.com/prod/event/
110 B
469 B
XHR
General
Full URL
https://dss-dl-prod.aws-origin.xfinity.com/prod/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-9.fra56.r.cloudfront.net
Software
/
Resource Hash
aad2246df0241fd70c797479664ec8d1acf51e3518cdb5230bff9ac50d857a99

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
x-amzn-requestid
b6371fcd-9800-4e7b-90bd-4c56561352dd
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-2f636a2b374707ec47bf215c
x-amz-apigw-id
WRge8GNkiYcFYXA=
content-length
110
x-amz-cf-id
qA3znirs4WsYRFlsRvnhC-J8qZLQ2W3h8WCQqWgxWPE4xenLzYgAgQ==
/
dl.cws.xfinity.com/event/
110 B
491 B
XHR
General
Full URL
https://dl.cws.xfinity.com/event/
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/?appID=resi_shop_2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc:18a::2c06 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e1f3aa98d7e10335cc5454b9f9866c55201252ce03dd519bf2ecf5055c78795f

Request headers

Referer
https://xfinityoffers.xyz/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 03 Aug 2022 06:23:28 GMT
x-amz-cf-pop
VIE50-C1
x-amz-apigw-id
WRgfBEBIIAMFdRQ=
x-amzn-requestid
d4811b89-94dc-49c3-83dd-9af7d93528da
access-control-max-age
86400
access-control-allow-methods
GET,POST,PUT,HEAD
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-62ea145f-48290a82486083a442473c08
access-control-allow-credentials
false
access-control-allow-headers
*
content-length
110
x-amz-cf-id
ABUWkdSgUsq9zA4VOROsFUR8-PvQ3LpAajSlCrLbtVb0F6v2U48G7g==
init1.js
api.bounceexchange.com/bounce/
36 B
342 B
Script
General
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=2246&wklz=C4ewVgigvArgdgEwKYDMCWckIGQGNgDOUAjAGwCsAnOQAwDsAHPQMwBMN2wAXiFBwO5IARgTTAkAfTQISzUpWwAnJARAAbGMDQg4JUjRoAPYuw7KUSRcsVQ8AQzVqMAcwkxFaqAAtgwAA4EAKTMAIKBrABi4RGG6HBiAJ4gKBaKBAB0hglc0SAAbpZ5aEj8wRFIcFrACcEAIsQsACzN2EWiwBK4ICAA1sVQgXQAQuGsan6jwWGsrD7+QazkoeHkkSuRsRiJyakZWTmLkfmFxaWLzOWViSvM9U3Nk6wAwqOKk8szk3S1eN19SANhqM8u8wkCZrg7IpgKCUA4CEhwi8IVCOgBHaqgmhI0Z+Oy4Hp2ZySEB+LQ6AgSBFqJD4LCw+GI56jNQgZzEhBSOASJAFSoSdDKBAMtQInEzZR+GnxAheemfUJw0VM5GsOwIBDKAiUgC2IAQDk6rIRwoVISVYuZM2QfhA7S5YhFltVaCEhgk4gIMLNFpVo3VmpUlIIMCEOrEEjsviQOrJ8tYU194tYCBAoZpHsUaClkkh0KdfpR0IkeQcMCZCcVjOTIbDYnEnIpYgrierVtYRRKWC54kUmG9lfNbdVncEnL8Xh0LaryuTo+7wBBPuHwNO3YRuHc12Xs-b885eqEaBpBeTxJAEiEMASArQQtP7fPEhpUO5gvjrd3qqfymc2m50gVFo6AfjOzqjEghhoF6LidDAXogDqlgPqqrLst2GAoRBBSKM+bIclyWEzHiBJEpIcB2EhEg6Je14SHixILIOSbtiRhLEhIFFUYutE3gxKhEawKA0u6AagUOX6jFw2ZdMgUgTDu4EzNJfiyZI1IoHhkJOFw4ksSOpxdPAA5TNi7aQuIzggIoN6js+0EmWBhasKIcDOBmFlIFZNklqcgk6jAahaDmnRRl51m2X5inOfuEjKPwUIIExn5KR2a6csJkGCbFmzZelEjGHlXbjooIDiPg-6CSpanyZm+I9HpK4zLFIZ+JYqjxLgp7fMmCDOBEd5egAMiA6qgsAijloMPylmkADam4IUhuHVG1AC6UCYPwrRQgQC2ohtvo7fNebotUG0cLNe38atSCHYyx3XfVZHUWS-7BkgNJ0gg93Ko9c1oQRGA8nyHTvj9UBHVdc2StK0FyhDUO7XNAZarq+qGrgxpYL9CL-Rgvb9nhQi40g-08ayJOQw90N5CAaC4JIlOk-9k5Ucz1N-dDcLHp0QpiCz0M2naEZbMAgvI667qeuLnN49DqNBlSobhh0UbiLGDYS-NOyWFyoXQtre2pumkgTdmHkHXLZPQ6dJZlnd1v-X4pWclxjtI-Ntaqw21FwO0Hs08jLv6qFlkRc+VOe3tuBygSaYdG1iiM-yXSxjS4hG3NsUE5Y-ZZ7FE5TgX+WLiXxVUrSW7nU7tP5Yex6B1zyNXgkwkgPwtG+DRFR2EINKI0H80UVoBSdF4UavRUWcj2gY9p3iWYdb5oj9038vI0+re3kKWdPi+fY7zjteb0gF6-v+UjIFcIGD8382QQ5sGLaAy1Z4DGFwFnvJ6x-nIYDPGimV3S5z7EgDoL8s5sReu7P2vF6JkQIFA56HFYE8W3vxJBJ8vafU0hgL0Dg1Ar1dDSLOwDIwamPtHOaIcuQEMcMQteUDSp0OAIQxhGYZZZ23u3Tuussx3w3vNaq+pJDZiziIuSGktIODQLpQRNtkZsyQPxDaE1yz-VHEZSoF1-qeW8pFEo9kvRZ1cu5XMYUDG+RKFnAKQULYWPDj5Uc5cxxxRKIlLB1DYrANcd2TYfjOTGECfRUq5VyRf2wXtSRYi-B1QJFQoee0WowCTh1BmgtkAoH2obWuWSaEoJJG9CklcvpazyagAG+FP4gyAkfBRrR8mwwqPDRJXN8mK21BIPUBoiFYztG0+W+Thb2jFpkypUsPQqFllDfJdtSwaHXjbfJOdKh53AeM7JhdJyYE2dnUueQ9ktSrlmGuszKmxQbqQip2St50XBns-eSBXz1MeWfdxf4aKARvsUBpeR8l-y5Hs6BqDKIkm5BgxBwLCmcTBR6PI8DMF7PIWJP5KzDJph0XwRplT9ERzsk4ExNy5pmMtk4wx-A9l2OCmS8KzjThHPyvFTxjKK6+OJTldArK3HBI5flEO4T-zcvXKk9qOgMlOy6L0YoHpujPihMSJ2Qg-DYvASquaAAiHhrJ+AaoADQapDggGA+B9UaoRFCWOGq1rYDJEQX46c0B2DgIzAUagiS2DyBPKAQA
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/-/media/Common/adrum/adrum45162845.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:27 GMT
via
1.1 google
x-envoy-upstream-service-time
54
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1576063789359472&ev=Microdata&dl=https%3A%2F%2Fxfinityoffers.xyz%2Foverview%3Fentity%3D1073444&rl=&if=false&ts=1659507808185&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Internet%2C%20TV%2C%20Phone%2C%20Smart%20Home%20and%20Security%20-%20Xfinity%22%2C%22meta%3Adescription%22%3A%22Save%20on%20Xfinity%20Digital%20Cable%20TV%2C%20High%20Speed%20Internet%20and%20Home%20Phone%20Services.%20Enjoy%20entertainment%20your%20way%20with%20great%20deals%20on%20Xfinity%20by%20Comcast.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.70&r=stable&ec=2&o=30&fbp=fb.1.1659507806679.302686637&it=1659507806238&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xfinityoffers.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:23:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Wed, 03 Aug 2022 06:23:28 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.wcdc.comcast.com
URL
https://cdn.wcdc.comcast.com/buy/includes/dist/manifest.json
Domain
px.surveywall-api.survata.com
URL
https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CloudflareApps boolean| trackingDebug object| regeneratorRuntime object| digitalData number| adrum-start-time object| adrum-config string| bazadebezolkohpepadr object| _acxj object| _cf object| bmak undefined| bm_counter object| bm_script undefined| scripts string| bm_url object| url_split string| obfus_state_field string| state_field_str string| _sd_trace object| webpackChunkxfinity_learn_ui function| _ object| global object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| alloy function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_AudienceManagement function| DIL object| s function| AppMeasurement_Module_Integrate object| s_Integrate_DFA string| v object| Flickerlessly object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate function| subscribeEvent function| unsubscribeEvent function| startActivityHandler function| placeCheckerRequest function| placeCssAspxRequest function| timeoutSleep function| getMetatagContent object| s_3_Integrate_DFA_get_0 object| ADRUM object| eventListenerMap function| targetPageParams function| inList number| a object| s_i_comcastdotcomprod string| targetVersion object| ttMETA function| fbq function| _fbq object| chatLaunchedListener object| chatClosedListener object| c2cDisplayed object| chatEngagedListener object| c2cClickedListener object| saleQualifiedListener object| soldListener object| eligibleListener object| InqRegistry object| dataLayer function| pi object| uetq string| iperceptionskey function| twq string| GoogleAnalyticsObject function| ga object| google_tag_manager object| google_tag_data function| logQMError function| qmCheckStorageAvailability function| handleVisibilityChange function| handleStruggleWithNuance function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| _QuantumMetricSymbol function| UET function| UET_init function| UET_push object| ueto_a903c93ce3 object| gaplugins object| gaGlobal object| gaData function| ouibounce function| PulseInsightsInclude function| PulseInsights function| Survey function| BarSurvey function| BottomBarSurvey function| DockedWidgetSurvey function| FullscreenSurvey function| InlineSurvey function| TopBarSurvey object| PulseInsightsObject object| twttr object| iPerceptions object| bouncex function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| bxgraph function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie

74 Cookies

Domain/Path Name / Value
xfinityoffers.xyz/ Name: www-prd_wc
Value: LCBLFHEE
.demdex.net/ Name: demdex
Value: 31912626428261994344514808420044100204
.xfinityoffers.xyz/ Name: AMCVS_DA11332E5321D0550A490D45%40AdobeOrg
Value: 1
.xfinityoffers.xyz/ Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg
Value: -1124106680%7CMCIDTS%7C19208%7CMCMID%7C31716217956443415494534468524773404363%7CMCAAMLH-1660112603%7C6%7CMCAAMB-1660112603%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1659515003s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.agkn.com/ Name: ab
Value: 0001%3A9H7p2N0WhtliBaDbkFYX4A8%2BIuhF20kk
.dpm.demdex.net/ Name: dpm
Value: 31912626428261994344514808420044100204
.w55c.net/ Name: wfivefivec
Value: TxdBkqpC1Oj7MU5
.w55c.net/ Name: matchdmx
Value: 5
.adnxs.com/ Name: uuid2
Value: 4349564117173850171
.turn.com/ Name: uid
Value: 4133073632306300903
.doubleclick.net/ Name: IDE
Value: AHWqTUnZB3AKUQWLpg9yDVGOFCvKLEswdBfONHAQk8sVYMjCI-VZqLFXEkt0Tfm-RkU
.bing.com/ Name: MUID
Value: 298B16572CDA61330B0B07A22DB160E3
.twitter.com/ Name: personalization_id
Value: "v1_MyqeybMpw8Gld1fbrs2XJw=="
.innovid.com/ Name: uuid
Value: c4372f02-8861-4eaf-ae03-4d89395e15cf-20220803 02:23:25
.demdex.net/ Name: dextp
Value: 21-1-1659507803924|359-1-1659507804025|60-1-1659507804128|358-1-1659507804229|470-1-1659507804329|477-1-1659507804430|771-1-1659507804531|1123-1-1659507804631|903-1-1659507804732|1957-1-1659507804833|3047-1-1659507804934|13870-1-1659507805035|30646-1-1659507805135|80742-1-1659507805236|152416-1-1659507805338|175765-1-1659507805440|275754-1-1659507805542|139200-1-1659507805643
.bidr.io/ Name: bito
Value: AAA5A07F1CkAAA8LE-mjLw
.bidr.io/ Name: bitoIsSecure
Value: ok
.xfinityoffers.xyz/ Name: at_check
Value: true
.xfinityoffers.xyz/ Name: s_pers
Value: %20s_dfa%3Dcomcastdotcomprod%7C1659509603588%3B%20stc18%3D%7C1659509605904%3B%20s_tslv%3D1659507805906%7C1722579805906%3B%20gpv_Page%3Dresi%257Csales%257Cshop%257C%257Chome%7C1659509605906%3B
.xfinityoffers.xyz/ Name: s_sess
Value: %20s_cc%3Dtrue%3B
.xfinityoffers.xyz/ Name: mbox
Value: session#f863f1915061427691748ad000c80033#1659509664|PC#f863f1915061427691748ad000c80033.37_0#1722752607
.xfinityoffers.xyz/ Name: kndctr_DA11332E5321D0550A490D45_AdobeOrg_cluster
Value: irl1
.xfinityoffers.xyz/ Name: kndctr_DA11332E5321D0550A490D45_AdobeOrg_identity
Value: CiYzMTcxNjIxNzk1NjQ0MzQxNTQ5NDUzNDQ2ODUyNDc3MzQwNDM2M1IPCP6e_pKmMBgBKgRJUkwx8AH-nv6SpjA=
.xfinityoffers.xyz/ Name: aam_sitecore
Value: 2450016%3Dy
.xfinityoffers.xyz/ Name: fltk
Value: segID%3D2450016
.amazon-adsystem.com/ Name: ad-id
Value: A9rsCr--R0kzo8rNUNjP7o0
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.xfinityoffers.xyz/ Name: _gcl_au
Value: 1.1.793358232.1659507806
.undertone.com/ Name: UTID
Value: 74c44fbbe29043489f59c9f2721995c3
.undertone.com/ Name: UTID_ENC
Value: 6wv3b87jk2bgfxb26gqqnjfsz
.xfinityoffers.xyz/ Name: _uetsid
Value: c881a61012f411ed8dc71b877e5c42da
.xfinityoffers.xyz/ Name: _uetvid
Value: c881d14012f411edafcca59031f4f571
.agkn.com/ Name: u
Value: C|0CAAAAAAAKnzQ3gAAAAAAAT5hAAAAAA
.xfinityoffers.xyz/ Name: _ga
Value: GA1.2.637578086.1659507806
.xfinityoffers.xyz/ Name: _gid
Value: GA1.2.1686091899.1659507806
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=5328646D03601F|segment=(y41_-m:c_SV_12345)"
.xfinityoffers.xyz/ Name: _gat
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1659507806520
.tapad.com/ Name: TapAd_DID
Value: 73a46113-1bdf-4c24-9e23-8618145b28b1
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.xfinityoffers.xyz/ Name: _fbp
Value: fb.1.1659507806679.302686637
.bidswitch.net/ Name: tuuid
Value: 321f9ebd-b06c-4973-8874-819ca4aab25f
.bidswitch.net/ Name: c
Value: 1659507806
.bidswitch.net/ Name: tuuid_lu
Value: 1659507806
.zeotap.com/ Name: zc
Value: bb2b2a43-d5be-449b-5821-a94528ed09ff
.casalemedia.com/ Name: CMID
Value: YuoUXgGIJbDk-yIZA1wzrAAA
.casalemedia.com/ Name: CMPS
Value: 1135
.analytics.yahoo.com/ Name: IDSYNC
Value: 195g~26di
.yahoo.com/ Name: A3
Value: d=AQABBF0U6mICEFMgh5_ahYfWNF7es2eHZSAFEgEBAQFl62LzYgAAAAAA_eMAAA&S=AQAAAkAZ1aZfvYj5CENGdOzpM5o
xfinityoffers.xyz/ Name: ipe_s
Value: da369c7c-6fb2-cbd2-d3e2-11f4dc2d6b59
ads.stickyadstv.com/ Name: UID
Value: 87336826fc401dbe76619e70ee4db4f0
ads.stickyadstv.com/ Name: uid-bp-30833
Value: 1
ads.stickyadstv.com/ Name: sessionId
Value: 419da57366073ab4cff9e7a5d1ce35a
.casalemedia.com/ Name: CMPRO
Value: 1217
.casalemedia.com/ Name: CMRUM3
Value: c662ea145e2760vp-7D_yJS-CYvghkmXBDjA
.t.co/ Name: muc_ads
Value: bfd02266-b568-42a8-9b08-8415ad9b6cc8
.krxd.net/ Name: _kuid_
Value: O_tc2w8Z
.myvisualiq.net/ Name: tuuid
Value: a7b94421-3efa-4efb-b711-d60fe1098fd3
.myvisualiq.net/ Name: c
Value: 1659507806
.myvisualiq.net/ Name: tuuid_lu
Value: 1659507807
.mookie1.com/ Name: id
Value: 10818983312030411295
.mookie1.com/ Name: mdata
Value: 1|10818983312030411295|1659507807025
.mookie1.com/ Name: ov
Value: 22442df8c24183948433d870a79ae0bb
.adform.net/ Name: C
Value: 1
.spotxchange.com/ Name: audience
Value: c8e8d81d-12f4-11ed-9efd-192cb16e0206
.adform.net/ Name: uid
Value: 877566848683660962
bs.serving-sys.com/ Name: r1
Value: 1659507807_1
.serving-sys.com/ Name: u2
Value: c8f02d25-9fca-4217-8840-fa569e49c11d4I7060
.casalemedia.com/ Name: CMTS
Value: 5125
.casalemedia.com/ Name: CMST
Value: YuoUXmLqFF8A
ads.samba.tv/ Name: sambapxid
Value: fc5d183f059ca776
.semasio.net/ Name: SEUNCY
Value: 43C7A6D397EA83CF
.ispot.tv/ Name: pt
Value: v2:392ef88c4967ac2da67ea6f687fb54dadb7a10846034d0b115733a59d343ac56|54e6d6c8deaabb6ba18e976bf3902a9901ccfd1183974a6ce47966f1b6152381
.ninthdecimal.com/ Name: ndat
Value: LU+8vmLqFF+yGQS4GcMzAg==

9 Console Messages

Source Level URL
Text
network error URL: https://xfinityoffers.xyz/akam/13/6e5ad451
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=31912626428261994344514808420044100204
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://idsync.rlcdn.com/365868.gif?partner_uid=31912626428261994344514808420044100204
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript error URL: https://xfinityoffers.xyz/overview?entity=1073444
Message:
Access to fetch at 'https://cdn.wcdc.comcast.com/buy/includes/dist/manifest.json' from origin 'https://xfinityoffers.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://cdn.wcdc.comcast.com/buy/includes/dist/manifest.json
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://api.iperceptions.com/InviteTriggers
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4053494.fls.doubleclick.net
aa.agkn.com
adobedc.demdex.net
ads.samba.tv
ads.stickyadstv.com
ads.undertone.com
adservice.google.com
ag.innovid.com
amazon.partners.tremorhub.com
analytics.twitter.com
api.bounceexchange.com
api.iperceptions.com
assets.adobedtm.com
assets.bounceexchange.com
assets.xfinity.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c.bing.com
c1.adform.net
cdn.comcast.com
cdn.quantummetric.com
cdn.wcdc.comcast.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
comcast.demdex.net
comcastcom.d1.sc.omtrdc.net
comcastresidentialservices.tt.omtrdc.net
connect.facebook.net
core.conversant.mgr.consensu.org
d.agkn.com
d.turn.com
data.cdnbasket.net
dl.cws.xfinity.com
dpm.demdex.net
dss-dl-prod.aws-origin.xfinity.com
dsum-sec.casalemedia.com
e.cdnwidget.com
evt.undertone.com
fls.doubleclick.net
googleads.g.doubleclick.net
ib.adnxs.com
ids.cdnwidget.com
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
js.pulseinsights.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
login.dotomi.com
match.adsrvr.org
match.prod.bidr.io
match.rundsp.com
metrics.xfinity.com
mwzeom.zeotap.com
odr.mookie1.com
page.cdnbasket.net
pi.ispot.tv
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
polaris.xfinity.com
public-prod-dspcookiematching.dmxleo.com
publicis-36-adswizz.attribution.adswizz.com
publicis-37-adswizz.attribution.adswizz.com
publicis-38-adswizz.attribution.adswizz.com
px.surveywall-api.survata.com
r.casalemedia.com
s.amazon-adsystem.com
sb.scorecardresearch.com
servedby.flashtalking.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.cimcontent.net
stats.g.doubleclick.net
survey.pulseinsights.com
sync.search.spotxchange.com
sync.taboola.com
synchroscript.deliveryengine.adswizz.com
t.co
t.myvisualiq.net
tag.bounceexchange.com
tags.bluekai.com
token.rubiconproject.com
uipglob.semasio.net
universal.iperceptions.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
view.cdnbasket.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
x.bidswitch.net
xfinityoffers.xyz
cdn.wcdc.comcast.com
px.surveywall-api.survata.com
104.18.18.126
104.18.19.126
104.244.42.133
104.244.42.3
108.128.62.116
108.138.17.67
108.138.7.9
13.32.110.73
13.32.99.21
13.36.218.177
141.226.228.48
142.250.181.226
142.250.185.194
142.250.185.230
15.236.176.210
151.101.130.132
18.185.150.148
18.195.201.66
18.198.200.35
18.235.187.108
185.64.190.78
185.64.190.80
185.89.210.20
185.94.180.126
188.65.124.66
199.232.16.157
2.18.79.139
2001:558:fe02::a
2001:678:cb4:bbbb::13
209.197.3.19
209.54.182.161
212.82.100.182
23.7.201.234
2600:1f18:612b:4200:fd1:5892:27bc:b9b0
2600:9000:225e:9600:8:e7ba:7440:93a1
2606:4700:10::ac43:149e
2606:4700:10::ac43:db6
2606:4700:3031::ac43:b88a
2620:1ec:c11::200
2a00:1450:4001:803::2004
2a00:1450:4001:80b::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9b
2a02:26f0:dc:18a::2c06
2a02:26f0:dc:282::1e80
2a02:26f0:dc:2bc::2af2
2a02:26f0:ea:488::20b
2a02:26f0:ea:499::30d4
2a02:fa8:8806:13::1400
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
2a05:d01c:1d8:8102:8e6d:8fd7:763c:360f
3.120.80.21
3.126.56.137
3.127.124.165
3.209.91.249
3.33.220.150
3.74.200.12
34.102.193.48
34.105.198.99
34.107.191.194
34.111.8.32
34.120.232.38
34.120.253.250
34.254.114.204
34.98.115.224
34.98.67.61
34.98.72.95
35.190.20.211
35.227.248.159
35.244.159.8
35.244.174.68
37.157.4.29
45.79.188.190
52.138.200.61
52.19.186.186
52.19.192.193
52.214.253.121
52.222.237.72
52.49.242.9
54.163.85.219
54.166.21.101
54.229.168.160
54.78.254.47
63.215.202.137
63.33.97.13
69.173.144.138
69.173.144.139
77.243.60.138
00442a6f990774ff26d567029c9abc41e597890804a111b9f150a3aac14f3cd7
0383c119d7a3f1fa0a82aec48a7d3bd90738f13613d07cd4944259fbc1309c4d
04444baa22458c25027638c1436aee773fe94a60fcd30a86f4e124fab7660cb1
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
059f933e15d14cba472d1e97aad97febb895c1c25e77b6a80a79e75ec48d0292
07dd4594e5dee5763669fa3b1978255da05ebae9f6d85b0135007a6a41351325
082f4b0e6c639e4582ec2b24ae18729856afff8b9ebad0f6459f7d9ca6232902
0a534d9383599d9dfad819eb3d8cf68689dd2621539eb828dadc8fe67bac15e9
0c898d64fdfb6fb30ae09986db068945473b8ba5139f0d71b96de3fd62c8c973
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1195f816856bbbab77175ad7a1caff1d80c0c9f61c2da1a93c629f252cabd212
126b381f32f601d12e517bff52589bd007f815ec05a422e22c118f6497a2abfc
1284c73727db10782c02d61166e1aeaae8beae688c94f181953baf3ccee7b9de
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
162cdddbc2239f23aae42e21113ee39e9623fd02149b43d1179499d57c96a9d7
169654a2040e9f83c46d4cd65600c3dc9db6db042904c22cc97645fb4323c362
16b2f26953e4ad83955c72d86eae761a749635de542e9dc65ccf38858bb15a1a
16c302e91b03812a5843a7f87021e370f178e72811586afd656e5966b0a70cb5
18075060ba622aee5d8bdfa1cc1a3892f288f2727028692fcfe25a85e66d0505
1977fe8907b52a32baed543e698bad3e0c743dc5a84477e4b616100ce98d3191
1ad540422134da8dfd6bb3a48bf40c6e09a52efba28b02e3b35361c81762dee1
23ba745e82026b117f83e8b3195f2b080ee6eef2110e0c5571361497825a429f
259890950189c9fbdb7b1a8138ecd14020c2d4b1aed3941e30c9ac020f0db40a
2790c15466585751a14fabb1982970380f30398c2a4e01f76040e38405ce1a65
2806dcb5468048c0feef0c94cbcd74d839aff5897f79ef4db82536ddc993cea6
2812ab8e952fa1e7cb64dcef5539482f99eb581cc551db7317848baf25f42a69
28ec916479431a2358c6ba22b78d8796dac76ebbd2e322cddfc8fdf76dbe2852
29d9cf405c2a0b560bc167610274b7c9beb0c1613ca2381c0996c0caba9aa578
2b3a473bd31d3f8ab2e05fcfc4e109222b92460e0331db9c52bfe894c1688de5
2c44320e9d1a4f378d6055cb30d5b563d5454f6d799701f3eaff00fa4340e240
2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228
2f04a059ac4b6cc886a06d5c2d4b2ae4644fb56d04bcc36c40f8364785c72400
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
37fac18953e6cebec2c5bb3899194d76d0b46ae40f1e531f107c8f55fe73b845
3aea02903ffd476e286f78a9445684f4e6e2f10339c7d2b3fafcccafa3f634cc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f872b7c1ea83bc597822ad8cef76084cf3e036a94d8dffa6d0f1a37c4a5b795
3fac3c7275cc0616c4d1f5717b76cb8e1d488840f080b48489ad1f1c5717d8d7
4033dab2a80b8c94ef84b503baffc425b239ece09a68cb08fe155a82c768cad3
40aefc09f33205666c2c42f20d54285147ae9434ef5f8018481950fd67ddcb68
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47ae953e563096176354dbbb9da550fbb1aa2b7adb9ae5daa9a55d245f71e854
4a970797076346b140129a69e017d8d2370f6bbb2ce9ba4c1b5a398f3366a202
4c867b57f0b2b2f76b1f449bbd890f302cc19d45a1d3b28a0e43074c6fe59e41
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5127ebbb4dd689b67037fb9077743687ba5e6b0eb846c0ba7d1f3c6debd2d38c
512d9082e95ad6923a81a811d1dcf9839a8d889954a18f00c32366f89507655e
51fe75530a58625839754c70058fa2c43f0144611a424563fc7f7fdb5fe074b3
532cf7167d55ffff4ca4ee0d3913030f03ff89a34cda42c42b0b659ba446f932
5346dfc0f18be96e38080c303c312d99867487d6078f5ce0f1c0ddaaf165c473
54a94e7637402e1971d68af38ec6cdbb7e6ea5f949f5480e8459480f97bdabd6
565a11064511ac2e0060d4debbda93e7161620c76a025c027bdc0f9cf64db62c
5d9de41758ec132539394cc1e511396ebaaf81bab5c1f8df8b5f7edd63fb8521
603458c9f36ee7f3dc08dd6c32a8c3e3344c4a784d6c5bd085a769b6ec0a69ae
6129aa661eb8bc3c924bd24f067eb70565fd8fb6e15eb73cdeea22a3ce46a2fd
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
683eb61a7c4d2f159a57f01b3ef838451d8046f8986c7c407600d5ec3739a50f
69420c9db91c689c4ea04655f57a0bcea09b71003f21cd5e56afa71b80f049f0
6b45807ad2e5ece54afa5297bdf4c52b351766106ad3e6f280a2a1f87105ede6
70f9a194483079b6dd624a55ab264642177a732d6a40e2d73e73b840fd05fb8e
71ae00bd89b7768628f24b4c7466c68a77d23c4c84fba029649350837208cefc
734f7e23ad1f4214ccefbb5ea8cbc61bcc3c3bf7007b36abae22aeb8c74d1e68
74ff52c8ec4a615e185da6d2d99c6e08dcec5e2104607c05ef0ee9698927001f
767840ea3137292ccac8441683a618c453a00d3d924a78e177db69ef1231b3f5
7a3e285118ddd861d723135af4b7837e9103f9266f71874074f38c8c312a4658
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb
7f9caac31580c23eeeabb17edd23ff7a05a176d858e43fc720f387160ea2215e
7fc84bb4115d3c1b5b1fa8f659849d92e6b38a67d968e8f8043e6cd6df983852
810e7357b6d05220d1f772e984f326810eb35d05ababe7794ca0c87d190bd963
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f1324380fc870e456d4af34885aa598e7379274b661eee31471ff901870aeb
882949c87a297b43d3c31661aac79b08ab2bd91dcfda10e1a87bb7a7c173d1b3
8af60accc157c3670b9e65ca4d68fc58fbd2bb8f033f63f6e3d53c70a9e4de3f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd5b5eb9e1aa026df243e8305c4f34555d6db0a59a1151dedf46705c9d4a8ef
8f6e1abd2d0c7965b33e2520eb20b841fd3ed6a39c9292808e8d192e86e5b359
900a4cf20cd7006debe3da5033f73ed12f6abf896430718bf4deeb3d1ac8b2ac
91d9994900a38f268727efc8c744ced60d79daed04a0d9c5bc1a6bd79f7402c5
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
96adde4f65e0389a8d2949b7c1fe631e7cb2dae7b24b35c28ed5d6d66465ed03
97d2d7795d8696da8f15abfbc4ed528f5d97767966a23ad602f276c8d6680de9
98b60d240232af077467cb18fc3dec37a70ec6a6ebaac379911fb9bb5a5213ea
98b6c4dd7cac7bc07b7f997f8f5b8763fb8493b7dadd3d92fba11cb26f09f2c7
9a1448deb4a53c7c941ed4267cf7762c262504098d2f26e90a031c136fec46c6
9a21a4bbed8deaa5fdfebff47eae26c8ac6572c9cc5dd96cf7bcc9f49c68b50e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d09e0ae23da94f42fee147c24ec010831d0f905583a55c32e18d821f58fdd8
a354154fcbe0c2ad727613039555d0ff7a863377978d069e08f34d0d395ed9b2
a3a86b0e098b59e3ba2436bf14b07d28d69a6a30a10727ef6d1b5efcaec894a7
a3e27ce8d07cbc5aa2936c2078c33b17238db5a5e8a0b1bb03fb6ad318e8673b
a4b3bd16f7e2b5129499b55e8a9d5839a8d41851d267c4dd52d28c6e302551de
a6f2535b2625b5f0830c5b3fe1dee50feb879d4f4f58241c0a7e8718dba7fe81
aad2246df0241fd70c797479664ec8d1acf51e3518cdb5230bff9ac50d857a99
ac7ab1854db99c8278486132a7cef4a5d4f2992fd59488d02b4a5c5a071407d0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae57d5e97bf1a0db8777b7531cd32cb09ee6f07bed183bb880469cc20f355086
ae6d4ea51b966b37eb69310012c3f6ab6af0779be264b8a1aa36a2b8aacdb819
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b026c0484c0b346e7d4fec20551ef3385107f4a23b791f3ec8ab8d91aa10722b
b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb
b4f4b2c27b588c050bc9e78f30a32190ccce2e8bfc2f29e113ddd00a9722684f
b4fa88d874e84f5361f0fa66229b63e1dd7be7dbdf5f5ca70cdb063ab859db27
b598e066ae346807f7f6309fd72eaa6e0bca4947a8aef6ba6a326b7554abdd86
b713af325c1a056dad17e07386d716de0fa8e6c13f78e29820c0a35eec32d081
b8bc8c2a178d7440f4e68d08ea41bb6230298dcdf486ee05981d3d1347971677
b979e8e81ec5918de3bd3a54a5a1f7c4354761275d665b7891bbf48b81d094d8
bb16b92df7ef7932e416c3026429f60255bddefb6f36b73e0763aeb5e94f1dbf
bc7651714c6246c9f7495fa9e5c52486730483360c49d4119e18ce41e04d6d67
c00cb90efff4d2b5d526c7886fa06cc480dd01c8643815939c7bbbb14aa15643
c0eca03827c6c63a6efa3ac3f1f7b63a2fcc2d2d393689abe918f7ea093d36e1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5d986a24bd987df580198c58ee4ab383b89d879633c400c76d1e8d279c592e5
c7affb9d47b42dd36ced3ce81637c6e0a4db02f8c6f8b47fce040d991cc13515
c7cdb5caa6c8bf6ff863c2005db15f84f428634e51969a95b48f57fa05da7804
c8965e8058f3c2b505a9bd679db4454d46736a977c1497729131f3c99a781e6e
c8999d8e87d000fec02114645fbf2a662230cc175a99b7d38e9b6760d89a11ce
cb9678da466c4a2dbef477f6b6217fa99c6448ecaefa1c05feb32567652f81f0
cc473e0ecb7548770c5126276073996407b55422b0e27b07e5d7d12c1ef01bb6
cc748d8110eb91b117f5566a7f37332d782dd63aa2c3b0121fc1e75d98856b3d
ce1af9b55a97fa21cbe40947a9268541647539de76dd8061669cd989cc07e8ac
ceb11e3b78aaa7ceb817f5814fc972862699fc6ecadce18d148676d85235817d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfc96c8fa85a02fa11161682617e004a76aad934f1b05c8f172bdf6ecfd2fed2
d1970088babfe21823f040717595b7e3371d1f0f5bdf2ad2cc74d1d16fe30dd7
d391c103115c3201a5a4b6d97cdceec7dda2b421dd30f2ffd0c88c879e3b7a38
d43f22ea832346677963a708d0891262d3890ebcf5f0a2e5e35b1fa52d2f70c8
d69e95c819d1278a4bdc40c49622efec8976515d80f9b2846efecc165955212e
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d8c792745b52b0c5d43b56081e1570582ffc3d7a8f37e26d63f3e41f5a82d8eb
da11fa2945a854c33772418178a05db0320f00ef941a8e4e7abca4e135ab8519
da319dcae9d21873bf2ad8b146767e023772a8f0a4fd7446156b3d61b9c83098
df0639596a929ccd310e29830c2348824709cc9d001de49e737a9cff05ec539e
e099569fb9739efc09e01524b45ba53cf847ed65fc2f40f480a1730e88c3016a
e1f3aa98d7e10335cc5454b9f9866c55201252ce03dd519bf2ecf5055c78795f
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
e676d1e47c6ea9382fe38a2beca4a21daf8e774c370ba2e79248857d4d9737ea
e9ece1309bdf7f719c328b0e2b9eade9ec1806cb8b39dfbd4422c32f761d1452
ea7f199abca09f4732b8d82aaa8f7b3d7c2a3fa30c2343618e8e9e3ecc6dd7ba
eaae4123efcca745da90e8e7766668d1bb28e7b2415a75f8404d6a45c94a7c02
eb1922119ee33057624b63cc9689f73d96b8ae7ba92b55d65fa960a4f4a828e7
ebc10b39925d1fe90f29fee71f7b7048916f123df2f94ec868c6aa19c033b9ed
ece4cb1b97a86177e1cddb6e25ae1d0f19cfcf7a2df428f2b92adcb8b1784527
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9083cd0add6d9f7c6f82dba352a8d7310e9b680782ca7d8f32ae0ff56438c4
f1f11e70cf7f9b08300a8c9b186074d42fb79549f5c5ce659cd104154e430bb0
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f343501b0ca8c6f3f711b8a0642b7f2965536d5c17dcda7a81227f532bb37d91
f404d909d502fda9b4ec39c2786563ebb6fbb62eef10d8db84c7525be4cab927
f4fc8ea1d0db62d19b2320e0299afe1c60abc0aacb7ba34d4169d56bcc828fe2
f54a753a60b9ca12da6deadda4c7a94b2e5ba1e5fc36d84a38ad972452ed1597
f580a18028aefc450677d115b637d758461a8068cd22062e6a86640fa353b1ed
f71322715138a7c026478b6ddfb2006e0208dd7361afef2a4cf478151bbe77f9
f8ea57850cc6ac35997ced61f2f147c4aabbb314b7b3b4fa85aff836c089201b
fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2
fbef6cfd9afd1c9ee0acde687916ad9d5d24617b16084c0e93b5286093d349bb
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
ffeeb679686bddd0575424792a8e69b74866b65c375858347171d904bef1c581