connect.xfinity.com Open in urlscan Pro
96.118.22.71 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html
Submission: On October 07 via manual (October 7th 2021, 1:10:53 pm UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 6 countries across 24 domains to perform 34 HTTP transactions. The main IP is 96.118.22.71, located in United States and belongs to COMCAST-7922, US. The main domain is connect.xfinity.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on February 10th 2020. Valid for: 2 years.

This is the only time connect.xfinity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	96.118.22.71 96.118.22.71	7922 (COMCAST-7922) (COMCAST-7922)
1	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
1	104.111.226.85 104.111.226.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
6	52.48.145.41 52.48.145.41	16509 (AMAZON-02) (AMAZON-02)
4	18.66.120.173 18.66.120.173	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.196.0.40 18.196.0.40	16509 (AMAZON-02) (AMAZON-02)
3	206.189.254.17 206.189.254.17	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	213.19.162.61 213.19.162.61	26667 (RUBICONPR...) (RUBICONPROJECT)
3	54.247.138.82 54.247.138.82	16509 (AMAZON-02) (AMAZON-02)
2 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	185.59.220.17 185.59.220.17	60068 (CDN77 ^_^) (CDN77 ^_^)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	52.45.241.222 52.45.241.222	14618 (AMAZON-AES) (AMAZON-AES)
1 1	91.228.74.133 91.228.74.133	16509 (AMAZON-02) (AMAZON-02)
2 2	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
1	3.231.143.9 3.231.143.9	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.49.53.128 52.49.53.128	16509 (AMAZON-02) (AMAZON-02)
1	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
34	19

1 96.118.22.71 (United States)

ASN7922 (COMCAST-7922, US)
PTR: poc-abhi-ho-b-002.sys.comcast.net

connect.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.217 (United States)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.226.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-226-85.deploy.static.akamaitechnologies.com

my.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.48.145.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.120.173 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.0.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-0-40.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 206.189.254.17 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

comcast-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.61 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.247.138.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

comcastathena.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.59.220.17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-10.cdn77.com

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.241.222 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-241-222.compute-1.amazonaws.com

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.133 (United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.70.222 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.143.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-143-9.compute-1.amazonaws.com

dmp.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.53.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-53-128.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.47.23 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	demdex.net dpm.demdex.net comcastathena.demdex.net	13 KB
4	amazon-adsystem.com c.amazon-adsystem.com	40 KB
3	exelator.com 2 redirects loadm.exelator.com load77.exelator.com	2 KB
3	openx.net 1 redirects comcast-d.openx.net eu-u.openx.net us-u.openx.net	1018 B
3	serverbid.com e.serverbid.com	2 KB
3	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	1 KB
3	criteo.com bidder.criteo.com gum.criteo.com	6 KB
2	doubleclick.net 2 redirects cm.g.doubleclick.net	999 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	627 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	criteo.net static.criteo.net	55 KB
2	bidr.io 2 redirects match.prod.bidr.io	1 KB
2	eyeota.net 2 redirects ps.eyeota.net	1 KB
2	tidaltv.com 2 redirects sync.tidaltv.com	688 B
2	rlcdn.com 2 redirects idsync.rlcdn.com	802 B
2	adnxs.com acdn.adnxs.com ib.adnxs.com	32 KB
2	xfinity.com connect.xfinity.com my.xfinity.com	83 KB
1	sonobi.com sync.go.sonobi.com	474 B
1	adsrvr.org match.adsrvr.org	265 B
1	fwmrm.net dmp.v.fwmrm.net	411 B
1	quantserve.com 1 redirects pixel.quantserve.com	493 B
1	rubiconproject.com fastlane.rubiconproject.com	1 KB
1	webcontentassessor.com scripts.webcontentassessor.com	24 KB
34	24

	Domain	Requested by
6	dpm.demdex.net	connect.xfinity.com
4	c.amazon-adsystem.com	connect.xfinity.com c.amazon-adsystem.com
3	comcastathena.demdex.net	connect.xfinity.com
3	e.serverbid.com	my.xfinity.com
2	cm.g.doubleclick.net	2 redirects
2	eb2.3lift.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	static.criteo.net	my.xfinity.com static.criteo.net
2	match.prod.bidr.io	2 redirects
2	ps.eyeota.net	2 redirects
2	sync.tidaltv.com	2 redirects
2	idsync.rlcdn.com	2 redirects
2	loadm.exelator.com	2 redirects
1	us-u.openx.net
1	eu-u.openx.net	1 redirects
1	sync.go.sonobi.com
1	match.adsrvr.org
1	ib.adnxs.com	acdn.adnxs.com
1	dmp.v.fwmrm.net
1	pixel.quantserve.com	1 redirects
1	load77.exelator.com
1	fastlane.rubiconproject.com	my.xfinity.com
1	comcast-d.openx.net	my.xfinity.com
1	tlx.3lift.com	my.xfinity.com
1	bidder.criteo.com	my.xfinity.com
1	acdn.adnxs.com	connect.xfinity.com
1	my.xfinity.com	connect.xfinity.com
1	scripts.webcontentassessor.com	connect.xfinity.com
1	connect.xfinity.com
34	32

This site contains no links.

Subject Issuer	Validity	Valid
connect.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2020-02-10` - `2022-02-09`	2 years	crt.sh
scripts.webcontentassessor.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-01-27` - `2022-02-28`	a year	crt.sh
www.xfinity.comcast.net COMODO RSA Organization Validation Secure Server CA	`2020-05-04` - `2022-05-04`	2 years	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
e.serverbid.com R3	`2021-08-30` - `2021-11-28`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
1605158521.rsc.cdn77.org R3	`2021-08-04` - `2021-11-02`	3 months	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-12-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html
Frame ID: B003082F932D5996947B9804A7FCFE89
Requests: 23 HTTP requests in this frame

Frame: https://comcastathena.demdex.net/dest5.html?d_nsid=undefined
Frame ID: F0CC7B68D0224BB5FB2E8D6617183FDA
Requests: 8 HTTP requests in this frame

Frame: https://comcastathena.demdex.net/dest5.html?d_nsid=1
Frame ID: 902DD8AEAC9C05C01FD434BBF3EADAF4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=connect.xfinity.com
Frame ID: 955F27BA0EA63E9897587FF95359EF41
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Promotion

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

34
Requests

100 %
HTTPS

0 %
IPv6

24
Domains

32
Subdomains

19
IPs

6
Countries

257 kB
Transfer

767 kB
Size

42
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=02109740223324009113187683700902006217 HTTP 302
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=02109740223324009113187683700902006217&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 17

https://idsync.rlcdn.com/365868.gif?partner_uid=02109740223324009113187683700902006217 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMDIxMDk3NDAyMjMzMjQwMDkxMTMxODc2ODM3MDA5MDIwMDYyMTcQABoNCNXj-4oGEgUI6AcQAEIASgA HTTP 307
https://dpm.demdex.net/ibs:dpid=477&dpuuid=c7bf7566964af232015dedc1475c3eb3eacb16127ff7384d91e31d1ca3aabc9cb0da87c991749652

Request Chain 18

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=38noredirect HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=38noredirect&s_h=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=445&dpuuid=84b839f7-93c0-4fd5-a827-fb70a2c63b18?gdpr=1&gdpr_consent=

Request Chain 19

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bV-zLD1f4nx2C74vPwirLG1d4HB2C7Yta1xb_2IA

Request Chain 20

https://ps.eyeota.net/match?bid=6j5b2cv&uid=02109740223324009113187683700902006217&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=02109740223324009113187683700902006217&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2Z_dfIRHB-t62EG-sgxXffYeVeZOm8caibw9PhZtIaY0

Request Chain 22

https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAB7xU7CveQAAEOvJy49Ig?gdpr=0

Request Chain 28

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D&s=185073&C=1 HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YV7x2SgDZsBuU6Yveu.iRgAA%261140

Request Chain 29

https://pixel.advertising.com/ups/56621/occ HTTP 302
https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPfd8c0dd3-276f-11ec-9f4f-061b9b3b951e HTTP 302
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPfd8c0dd3-276f-11ec-9f4f-061b9b3b951e&verify=true HTTP 302
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPfd8c0dd3-276f-11ec-9f4f-061b9b3b951e

Request Chain 30

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

Request Chain 32

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGrkYAq2j5GbeLAE0KSF-kk&google_cver=1

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set mini-msglistAds-wide-012621.html Show response
connect.xfinity.com/appsuite/apps/ads/minified/ 62 KB
21 KB 1168ms
319ms Document
text/html 96.118.22.71
COMCAST-7922

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

96.118.22.71 , United States, ASN7922 (COMCAST-7922, US),

Reverse DNS

poc-abhi-ho-b-002.sys.comcast.net

Software

Apache /

Resource Hash

8c53da7b228b4c5dce94ee3864c2482ec9e471fe7b412cc1472bd026920b0f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: connect.xfinity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Thu, 07 Oct 2021 13:10:45 GMT
Server: Apache
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT, REPORT
Access-Control-Max-Age: 1000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-requested-with, Content-Type, origin, authorization, accept, client-security-token, depth, if-none-match, access-control-allow-origin, if-match, authentication
X-Frame-Options: SAMEORIGIN SAMEORIGIN
Accept-Ranges: bytes
Content-Encoding: gzip
Cache-Control: max-age=15552000, private
Expires: Tue, 05 Apr 2022 13:10:45 GMT
Content-Length: 20544
Content-Type: text/html; charset=UTF-8
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Set-Cookie: OXBETA=oxui-hob-01o.email.comcast.net; path=/; HttpOnly; Secure
Cache-control: private

GET
H2 200 b4be7e7b6b352605a1ac84e1c5b4df5dd6407a83c34cfd33ff1cc7345cf246a3 Show response
scripts.webcontentassessor.com/scripts/ 86 KB
24 KB 35ms
6ms Script
application/javascript 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/b4be7e7b6b352605a1ac84e1c5b4df5dd6407a83c34cfd33ff1cc7345cf246a3
Requested by: Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad581f898bf0305193e8c4520e4cfe04da106aa0120ba21e10ecdca2c823f626

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:10:45 GMT
content-encoding: gzip
age: 1397
x-cache: HIT
content-length: 23919
x-amz-id-2: NjN6KYxjG0XjiECJN+HCw/U3u6SDyyQ768g0537vibdfXlFO+ldUytpEw8dJLBJYdJpVrXk29aY=
x-served-by: cache-hhn4070-HHN
last-modified: Thu, 07 Oct 2021 12:34:04 GMT
server: AmazonS3
x-timer: S1633612246.538442,VS0,VE0
etag: "74d143aa0193e96e9a86b913e52915c5"
vary: Accept-Encoding
x-amz-request-id: XMNTWF4BR4QRNBGT
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 3

GET
H2 200 prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js Show response
my.xfinity.com/assets/ads/ 194 KB
62 KB 67ms
21ms Script
application/x-javascript 104.111.226.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Requested by: Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.226.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-226-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d12019c690a93d78d305ce3e2328770dc64cd7e9645cf25de086db0032fe8cfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:10:45 GMT
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 16:16:59 GMT
server: AkamaiNetStorage
etag: "af8b5c8913909b331c98062f33c9236f:1632241019.01127"
vary: Accept-Encoding
content-type: application/x-javascript
accept-ranges: bytes

GET
H/1.1 200
OK ast.js Show response
acdn.adnxs.com/ast/ 89 KB
31 KB 38ms
6ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ast/ast.js
Requested by: Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 20de6d868da34f858f29c591051e6a090968af31da2519ea6ea28183e41430a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Thu, 07 Oct 2021 13:10:45 GMT
Content-Encoding: gzip
Age: 71016
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 31390
X-Served-By: cache-lga21932-LGA, cache-fra19151-FRA
Access-Control-Allow-Origin: *
Last-Modified: Tue, 28 Sep 2021 17:11:43 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1633612246.581226,VS0,VE0
ETag: W/"61534ccf-16237"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 29 Sep 2021 17:26:54 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 32134

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 2 KB
1 KB 130ms
33ms Script
application/javascript 52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=1.5.6&d_rtbd=json&d_ver=2&d_orgid=723C39F756ABCD0B7F000101%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields

Requested by

Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4192cabd2126bce8f9a00e6670d07905dbc6c207fd802794605c138dd315339b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v018-0b6b44d4b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: ONrd4zS2T7A=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 688
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 55ms
20ms Script
application/javascript 18.66.120.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
content-encoding: gzip
etag: e2b905aea413c4d7479fb2bb9cbc6c65
age: 543
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1RRV8G03NPS5FK5PKZXB
date: Thu, 07 Oct 2021 13:01:46 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: FKtG2AukPudOjWllSWxP9hDlYh6BxkWeRGEor4Ppip1dFzOanXImjA==

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
288 B 90ms
56ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.15.0&cb=71551555995
Requested by: Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer: https://connect.xfinity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Oct 2021 13:10:44 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://connect.xfinity.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
266 B 117ms
90ms XHR
application/json 18.196.0.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.15.0&referrer=https%3A%2F%2Fconnect.xfinity.com%2Fappsuite%2Fapps%2Fads%2Fminified%2Fmini-msglistAds-wide-012621.html&tmax=3000

Requested by

Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.0.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-0-40.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://connect.xfinity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:10:45 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://connect.xfinity.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 711 B
989 B 369ms
185ms XHR
application/json 206.189.254.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a1864f9c9e8f8b71315692973433328a730a27f673bf692719e01772f2acfb13

Request headers

Referer: https://connect.xfinity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://connect.xfinity.com
date: Thu, 07 Oct 2021 13:10:45 GMT
access-control-allow-credentials: true
content-length: 711
vary: Origin
content-type: application/json

GET
H2 200 arj Show response
comcast-d.openx.net/w/1.0/ 174 B
563 B 71ms
40ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://comcast-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fconnect.xfinity.com%2Fappsuite%2Fapps%2Fads%2Fminified%2Fmini-msglistAds-wide-012621.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=aae99d19-d969-4447-bbbd-8583e96c600e&nocache=1633612245614&aus=300x250&divIds=Mail_x32&auid=540654282
Requested by: Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 41ddb199b50fbc35efabf072e95758d014fc8f2594b2a5d5db5a476a340a4c88

Request headers

Referer: https://connect.xfinity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:10:45 GMT
content-encoding: gzip
server: OXGW/16.216.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://connect.xfinity.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
1 KB 147ms
91ms XHR
application/json 213.19.162.61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11648&site_id=248120&zone_id=1228130&size_id=15&p_pos=atf&rf=https%3A%2F%2Fconnect.xfinity.com%2Fappsuite%2Fapps%2Fads%2Fminified%2Fmini-msglistAds-wide-012621.html&tk_flint=pbjs_lite_v4.15.0&x_source.tid=aae99d19-d969-4447-bbbd-8583e96c600e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.1663773140548186
Requested by: Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.61 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 162f371cf82a882f2188cecc067540ff8eb7da545217f6246aa542fe1bfc4e00

Request headers

Referer: https://connect.xfinity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:10:45 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://connect.xfinity.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
306 B 99ms
99ms XHR
text/plain 18.66.120.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3338&u=https%3A%2F%2Fconnect.xfinity.com%2Fappsuite%2Fapps%2Fads%2Fminified%2Fmini-msglistAds-wide-012621.html
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:10:45 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
access-control-allow-origin: https://connect.xfinity.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: ZrOyZ_Uup2qdV3jdNzRuKPqjMCTPuGx-4BwgzRllduDkWWlm73bd_g==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
495 B 70ms
69ms XHR
text/javascript 18.66.120.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3338&u=https%3A%2F%2Fconnect.xfinity.com%2Fappsuite%2Fapps%2Fads%2Fminified%2Fmini-msglistAds-wide-012621.html&pid=bYGzzDJha7Yk8&cb=0&ws=1600x1200&v=7.69.01&t=1500&slots=%5B%7B%22sd%22%3A%22Mail_x32%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.120.173 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:10:45 GMT
via: 1.1 598a1f878f2efc16baaf47787ffe82d2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA60-P2
x-amz-rid: 7ZND07BCEK5SC3PYS5SN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://connect.xfinity.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: EMRGOqVdUkzYaPObsq_ifX-lZhVMBxIPXTmbiOh5P9GoferRuc7dFQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 21ms
7ms XHR
application/javascript 18.66.120.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.173 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 03:06:41 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 36245
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA60-P2
content-type: application/javascript
x-amz-cf-id: YRF1LLdX-cOEOZnxP0rYgwOr__kP1ZnXVF0X2MscC-HI-zUM8lYDIA==

GET
H/1.1 200
OK dest5.html Show response
comcastathena.demdex.net/ Frame F0CC 7 KB
3 KB 134ms
31ms Document
text/html 54.247.138.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcastathena.demdex.net/dest5.html?d_nsid=undefined

Requested by

Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.247.138.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: comcastathena.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://connect.xfinity.com/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=02109740223324009113187683700902006217
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 7 Oct 2021 13:10:45 GMT
DCS: dcs-prod-irl1-2-v018-0bd060ab7.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 23 Sep 2021 12:09:25 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: U0CEuMWRSLo=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1 200
OK dest5.html Show response
comcastathena.demdex.net/ Frame 902D 7 KB
3 KB 141ms
33ms Document
text/html 54.247.138.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcastathena.demdex.net/dest5.html?d_nsid=1

Requested by

Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.247.138.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: comcastathena.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://connect.xfinity.com/
Accept-Encoding: gzip, deflate, br
Cookie: demdex=02109740223324009113187683700902006217
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 7 Oct 2021 13:10:45 GMT
DCS: dcs-prod-irl1-1-v018-0b90d5c4a.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 23 Sep 2021 11:49:46 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: imhtG3u1Sak=
Content-Length: 2791
Connection: keep-alive

GET
H/1.1 200
OK event Show response
comcastathena.demdex.net/ 135 B
863 B 124ms
41ms Script
application/javascript 54.247.138.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcastathena.demdex.net/event?d_mid=01732323634888150263221792562305986420&d_nsid=1&d_ld=_ts%3D1633612245745&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_1_1633612245745

Requested by

Host: connect.xfinity.com
URL: https://connect.xfinity.com/appsuite/apps/ads/minified/mini-msglistAds-wide-012621.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.247.138.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

Software

Resource Hash

11064f8920fd5a099740bedc7036d349e1f8018374bf051a747de0977caedb33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v018-099f537fe.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: UDEOnO8OS+4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 151
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

pixel.gif
load77.exelator.com/ Frame F0CC
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=02109740223324009113187683700902006217
https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=02109740223324009113187683700902006217&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
335 B

64ms
8ms

Image
image/gif

185.59.220.17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-10.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comcastathena.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-77-nzt: Abk73BBeNdLvW+oHAA==
x-accel-expires: @1634130299
date: Thu, 07 Oct 2021 13:10:46 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: 5OMi5FHJq2I=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 518747
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Thu, 07 Oct 2021 13:10:45 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=477&dpuuid=c7bf7566964af232015dedc1475c3eb3eacb16127ff7384d91e31d1ca3aabc9cb0da87c991749652
dpm.demdex.net/ Frame F0CC
Redirect Chain

https://idsync.rlcdn.com/365868.gif?partner_uid=02109740223324009113187683700902006217
https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMDIxMDk3NDAyMjMzMjQwMDkxMTMxODc2ODM3MDA5MDIwMDYyMTcQABoNCNXj-4oGEgUI6AcQAEIASgA
https://dpm.demdex.net/ibs:dpid=477&dpuuid=c7bf7566964af232015dedc1475c3eb3eacb16127ff7384d91e31d1ca3aabc9cb0da87c991749652

42 B
943 B

33ms
33ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=477&dpuuid=c7bf7566964af232015dedc1475c3eb3eacb16127ff7384d91e31d1ca3aabc9cb0da87c991749652

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comcastathena.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v018-0140b2bc2.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hzgD99bMTVY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Thu, 07 Oct 2021 13:10:45 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dpm.demdex.net/ibs:dpid=477&dpuuid=c7bf7566964af232015dedc1475c3eb3eacb16127ff7384d91e31d1ca3aabc9cb0da87c991749652
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=445&dpuuid=84b839f7-93c0-4fd5-a827-fb70a2c63b18
dpm.demdex.net/ Frame F0CC
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=38noredirect
https://sync.tidaltv.com/genericusersync.ashx?dpid=38noredirect&s_h=1
https://dpm.demdex.net/ibs:dpid=445&dpuuid=84b839f7-93c0-4fd5-a827-fb70a2c63b18?gdpr=1&gdpr_consent=

0
0

33ms
32ms

Image
application/json

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=445&dpuuid=84b839f7-93c0-4fd5-a827-fb70a2c63b18?gdpr=1&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-145-41.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comcastathena.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:10:46 GMT
server: Apache-Coyote/1.1
location: https://dpm.demdex.net/ibs:dpid=445&dpuuid=84b839f7-93c0-4fd5-a827-fb70a2c63b18?gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1

200
OK

ibs:dpid=1175&gdpr=0&dpuuid=bV-zLD1f4nx2C74vPwirLG1d4HB2C7Yta1xb_2IA
dpm.demdex.net/ Frame F0CC
Redirect Chain

https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bV-zLD1f4nx2C74vPwirLG1d4HB2C7Yta1xb_2IA

42 B
943 B

36ms
32ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bV-zLD1f4nx2C74vPwirLG1d4HB2C7Yta1xb_2IA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comcastathena.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v018-08210a8d7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: I2HYmNwsQAU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:10:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bV-zLD1f4nx2C74vPwirLG1d4HB2C7Yta1xb_2IA
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=2Z_dfIRHB-t62EG-sgxXffYeVeZOm8caibw9PhZtIaY0
dpm.demdex.net/ Frame F0CC
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=02109740223324009113187683700902006217&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=02109740223324009113187683700902006217&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2Z_dfIRHB-t62EG-sgxXffYeVeZOm8caibw9PhZtIaY0

42 B
943 B

49ms
32ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2Z_dfIRHB-t62EG-sgxXffYeVeZOm8caibw9PhZtIaY0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comcastathena.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v018-0b11b7be7.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: blCejhYnQ3I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid=2Z_dfIRHB-t62EG-sgxXffYeVeZOm8caibw9PhZtIaY0
Date: Thu, 07 Oct 2021 13:10:45 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H/1.1 200
OK u
dmp.v.fwmrm.net/ad/ Frame F0CC 0
411 B 415ms
98ms Image
text/html 3.231.143.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.143.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-143-9.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comcastathena.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:10:46 GMT
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ibs:dpid=275754&dpuuid=AAB7xU7CveQAAEOvJy49Ig
dpm.demdex.net/ Frame F0CC
Redirect Chain

https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/adobe?gdpr=0&gdpr_consent=&_bee_ppp=1
https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAB7xU7CveQAAEOvJy49Ig?gdpr=0

42 B
943 B

33ms
33ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAB7xU7CveQAAEOvJy49Ig?gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://comcastathena.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v018-0274f1697.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: VUxr7rrATss=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AAB7xU7CveQAAEOvJy49Ig?gdpr=0
Date: Thu, 07 Oct 2021 13:10:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

POST
H/1.1 200
OK v3 Show response
ib.adnxs.com/ut/ 53 B
739 B 22ms
7ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://connect.xfinity.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:10:46 GMT
X-Proxy-Origin: 216.131.114.234; 216.131.114.234; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fbdfa026-40fb-4855-bf0b-6473027233ee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://connect.xfinity.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 49ms
16ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: my.xfinity.com
URL: https://my.xfinity.com/assets/ads/prebid-4.15.0-6c3fb9bec87b2f0a2eb6b28912848f1a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:10:48 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 12:34:24 GMT
server: nginx
etag: W/"615af4d0-1535c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Oct 2021 13:10:48 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 955F 11 KB
5 KB 53ms
18ms Document
text/html 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=connect.xfinity.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=connect.xfinity.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://connect.xfinity.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2189
set-cookie: uid=ff891215-7d5d-44f6-9b13-b753cec8da94; expires=Tue, 01 Nov 2022 13:10:48 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Thu, 07 Oct 2021 13:10:48 GMT
content-length: 4685

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 51ms
20ms XHR
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:10:48 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 12:34:24 GMT
server: nginx
etag: W/"615af4d0-1535c"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Oct 2021 13:10:48 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 955F 430 B
528 B 18ms
18ms Fetch
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=xfinity.com&sn=ChromeSyncframe&so=0&topUrl=connect.xfinity.com&cw=1&lsw=1

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=connect.xfinity.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

38637625f89eb414953b07d176a482ce62bf340d0f9fd8b3af81c2910ed442a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=connect.xfinity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 07 Oct 2021 13:10:48 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2670
expires: 0

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26a%3Dtrue%26userId%3D&s=185073&C=1
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YV7x2SgDZsBuU6Yveu.iRgAA%261140

43 B
294 B

88ms
88ms

Image
image/gif

206.189.254.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YV7x2SgDZsBuU6Yveu.iRgAA%261140
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:10:49 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&a=true&userId=YV7x2SgDZsBuU6Yveu.iRgAA%261140
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 293
Expires: Thu, 07 Oct 2021 13:10:49 GMT

GET
H2

200

i.gif
e.serverbid.com/udb/9969/sync/
Redirect Chain

https://pixel.advertising.com/ups/56621/occ
https://pixel.advertising.com/ups/56621/occ?verify=true
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPfd8c0dd3-276f-11ec-9f4f-061b9b3b951e
https://ups.analytics.yahoo.com/ups/56621/occ?apid=UPfd8c0dd3-276f-11ec-9f4f-061b9b3b951e&verify=true
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPfd8c0dd3-276f-11ec-9f4f-061b9b3b951e

43 B
294 B

89ms
89ms

Image
image/gif

206.189.254.17
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPfd8c0dd3-276f-11ec-9f4f-061b9b3b951e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 206.189.254.17 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:10:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Redirect headers

Date: Thu, 07 Oct 2021 13:10:49 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UPfd8c0dd3-276f-11ec-9f4f-061b9b3b951e
Connection: keep-alive
Content-Length: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
265 B

103ms
31ms

Image
image/gif

76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:10:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
date: Thu, 07 Oct 2021 13:10:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ 0
474 B 55ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?a=true&partnerId=38&userId=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Oct 2021 13:10:49 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGrkYAq2j5GbeLAE0KSF-kk&google_cver=1

43 B
114 B

18ms
18ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGrkYAq2j5GbeLAE0KSF-kk&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.216.4 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://connect.xfinity.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:10:49 GMT
via: 1.1 google
server: OXGW/16.216.4
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Oct 2021 13:10:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGrkYAq2j5GbeLAE0KSF-kk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.my.xfinity.com/assets/ads	1969-12-31 23:59:59	Name: offnet Value: true
.3lift.com/sync	1970-01-19 23:56:28	Name: sync Value: CgkIOhDH74LXxS8=
connect.xfinity.com/	1969-12-31 23:59:59	Name: OXBETA Value: oxui-hob-01o.email.comcast.net
.my.xfinity.com/	1970-01-21 00:03:40	Name: userZip Value:
.openx.net/	1970-01-20 06:32:28	Name: i Value: 4d773fe8-7187-0180-1c49-0c7a69c4fd7a\|1633612245
.demdex.net/	1970-01-20 02:06:04	Name: demdex Value: 02109740223324009113187683700902006217
.xfinity.com/	1969-12-31 23:59:59	Name: AMCVS_723C39F756ABCD0B7F000101%40AdobeOrg Value: 1
.xfinity.com/	1970-01-20 15:18:04	Name: AMCV_723C39F756ABCD0B7F000101%40AdobeOrg Value: -1248264605%7CMCMID%7C01732323634888150263221792562305986420%7CMCAAMLH-1634217045%7C6%7CMCAAMB-1634217045%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1633619445s%7CNONE
.rubiconproject.com/	1970-01-20 06:32:28	Name: khaos Value: KUGYJVZN-R-IHZ7
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqYZbmPjeGkQR6qtzTGAAuzFUbJMy/+K1uqnlYBuW1UyhM5ZM7bR0169gWtDr9ePsX0VKXYWVv/VO/a+hEPPQ==
.rubiconproject.com/	1970-01-20 06:32:28	Name: audit Value: 1\|naVuGyos1qr+CKveETymroe6d+EcCplMVVAOZycTDOxIInReGIC/xjCiFlCIG8VOpzCDj9pkdpDggJ3pD4CYmwZlrptl4/mV0A+VO7RH1E0=
.connect.xfinity.com/	1970-01-19 22:30:04	Name: aam_uuid Value: 02109740223324009113187683700902006217
.rlcdn.com/	1970-01-20 06:32:28	Name: rlas3 Value: G5iuwWtsQUouPhVFiFK0GVxDeU0T9bMBDPcp0XbSI1g=
.rlcdn.com/	1970-01-19 23:13:16	Name: pxrc Value: CNXj+4oGEgUI6AcQABIGCPHrARAA
.exelator.com/	1970-01-20 00:39:40	Name: EE Value: "46c943cc3710e19546c081f1a1c94cb1"
.quantserve.com/	1970-01-19 23:56:28	Name: d Value: EPgBDAG2JLmvYA
.quantserve.com/	1970-01-20 07:17:06	Name: mc Value: 615ef1d5-e8fdf-e63f9-e0d02
.demdex.net/	1970-01-20 02:06:04	Name: dextp Value: 3-1-1633612245855\|60-1-1633612245869\|445-1-1633612245885\|477-1-1633612245900\|1175-1-1633612245915\|30064-1-1633612245930\|796-1-1633612245945\|275754-1-1633612245960
.dpm.demdex.net/	1970-01-20 02:06:04	Name: dpm Value: 02109740223324009113187683700902006217
.eyeota.net/	1970-01-20 06:32:28	Name: mako_uid Value: 17c5ae0abcf-7dc90000010f5ad7
.eyeota.net/	1970-01-19 21:46:52	Name: SERVERID Value: 23255~DM
.exelator.com/	1970-01-20 00:39:40	Name: ud Value: "eJxrXxzq6XKLQcHELNnSxDg52djc0CDV0NIUyDewMEwzTDQEiicnGS4uSy1asLS0ODUl6dCSipySnKbVZfGhjvFujr6ePpHLnDOK8nNTV4CFwlyDFlkaL8kvykxf5OK6uCgljWFRSfGp4H26BQBWEila"
e.serverbid.com/	1970-01-20 06:32:28	Name: azk Value: ue1-sb1-c9395583-c428-455c-8548-5a5ed1b85d85
.bidr.io/	1970-01-20 07:15:25	Name: bito Value: AAB7xU7CveQAAEOvJy49Ig
.bidr.io/	1970-01-20 07:15:25	Name: bitoIsSecure Value: ok
.tidaltv.com/	1970-01-20 06:32:28	Name: tidal_ttid Value: 84b839f7-93c0-4fd5-a827-fb70a2c63b18
.tidaltv.com/	1970-01-20 06:32:28	Name: sync-his Value: "H4sIAAAAAAAAADM0srC0sDI0tAAAZvJjZQkAAAA="
.fwmrm.net/	1970-01-20 02:06:04	Name: _uid Value: "e5205_7016311170915421028"
.criteo.com/	1970-01-20 07:08:28	Name: uid Value: ff891215-7d5d-44f6-9b13-b753cec8da94
.xfinity.com/	1970-01-20 07:08:28	Name: cto_bundle Value: LgzS8F9WaldQJTJCd2ZLTVBJZUQwbjVNZ085R2lrOU5KN3U2cXhZT3BoWENkTHJTNmhIaERVb1NLTVRLRzUxM1hVbHdmTFQ0WnZNSyUyQjY5a2klMkYlMkJTemRMWXRCJTJGSVF0S05hTllzRG9LRjFrZUphSmhTZ2pDS0gxU0hlMUhpREt3RW5VMmpMZ0RXQ0FqZzUyZ0ZJTGVGeEwlMkZSS1d6RGclM0QlM0Q
.openx.net/	1970-01-19 22:08:28	Name: pd Value: v2\|1633612249\|gu
.3lift.com/	1970-01-19 23:56:28	Name: tluid Value: 5022345926981537820
.advertising.com/	1970-01-20 06:33:54	Name: APID Value: UPfd8c0dd3-276f-11ec-9f4f-061b9b3b951e
.casalemedia.com/	1970-01-20 06:32:28	Name: CMID Value: YV7x2SgDZsBuU6Yveu.iRgAA
.casalemedia.com/	1970-01-19 23:56:28	Name: CMPS Value: 3200
.casalemedia.com/	1970-01-19 23:56:28	Name: CMPRO Value: 1140
.casalemedia.com/	1970-01-19 21:48:18	Name: CMST Value: YV7x2WFe8dkA
.yahoo.com/	1970-01-20 06:32:49	Name: A3 Value: d=AQABBNnxXmECEGPPt0Lgv6Vo_3bmx_5T6SIFEgEBAQFDYGFoYQAAAAAA_eMAAA&S=AQAAAmI68VYb9CVfvG78q6yOvkE
.analytics.yahoo.com/	1970-01-20 06:33:54	Name: IDSYNC Value: 17ot~20tp
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPfd8c0dd3-276f-11ec-9f4f-061b9b3b951e
.yahoo.com/	1970-01-19 21:48:18	Name: APIDTS Value: 1633612249
.doubleclick.net/	1970-01-20 15:18:04	Name: IDE Value: AHWqTUmK4YZUYnxWGrHCaNGP9qMdmx8lnnaPkCyJoEuKDtDM_J_w2q9_uh9kCvM9Usg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
bidder.criteo.com
c.amazon-adsystem.com
cm.g.doubleclick.net
comcast-d.openx.net
comcastathena.demdex.net
connect.xfinity.com
dmp.v.fwmrm.net
dpm.demdex.net
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
fastlane.rubiconproject.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
my.xfinity.com
pixel.advertising.com
pixel.quantserve.com
ps.eyeota.net
scripts.webcontentassessor.com
ssum-sec.casalemedia.com
static.criteo.net
sync.go.sonobi.com
sync.tidaltv.com
tlx.3lift.com
ups.analytics.yahoo.com
us-u.openx.net
104.111.226.85
13.248.245.213
142.250.185.194
151.101.130.217
151.101.65.108
178.162.133.149
178.250.0.130
178.250.0.157
178.250.0.165
18.156.0.31
18.196.0.40
18.197.47.23
18.66.120.173
185.59.220.17
2.18.234.21
206.189.254.17
213.19.162.61
3.125.70.222
3.231.143.9
34.254.143.3
35.244.159.8
35.244.174.68
37.252.172.249
52.45.241.222
52.48.145.41
52.49.53.128
54.247.138.82
76.223.111.131
91.228.74.133
96.118.22.71
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
11064f8920fd5a099740bedc7036d349e1f8018374bf051a747de0977caedb33
162f371cf82a882f2188cecc067540ff8eb7da545217f6246aa542fe1bfc4e00
20de6d868da34f858f29c591051e6a090968af31da2519ea6ea28183e41430a7
2581d556ceadd8cdd3eb15509ff94501871552563a71381393fc7b59611cbc1e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
38637625f89eb414953b07d176a482ce62bf340d0f9fd8b3af81c2910ed442a6
4192cabd2126bce8f9a00e6670d07905dbc6c207fd802794605c138dd315339b
41ddb199b50fbc35efabf072e95758d014fc8f2594b2a5d5db5a476a340a4c88
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8c53da7b228b4c5dce94ee3864c2482ec9e471fe7b412cc1472bd026920b0f1d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1864f9c9e8f8b71315692973433328a730a27f673bf692719e01772f2acfb13
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
ad581f898bf0305193e8c4520e4cfe04da106aa0120ba21e10ecdca2c823f626
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
d12019c690a93d78d305ce3e2328770dc64cd7e9645cf25de086db0032fe8cfd
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

connect.xfinity.com Open in urlscan Pro 96.118.22.71 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

100 %HTTPS

0 %IPv6

24 Domains

32 Subdomains

19 IPs

6 Countries

257 kBTransfer

767 kBSize

42 Cookies

0 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

connect.xfinity.com Open in urlscan Pro
96.118.22.71 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

100 %
HTTPS

0 %
IPv6

24
Domains

32
Subdomains

19
IPs

6
Countries

257 kB
Transfer

767 kB
Size

42
Cookies

34 HTTP transactions
0 data transactions