my.xfinityprepaid.com Open in urlscan Pro
2a02:26f0:f500:4b7::20b Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://my.xfinityprepaid.com/
Effective URL:
https://my.xfinityprepaid.com/
Submission: On November 20 via api (November 20th 2023, 9:15:37 am UTC) from US — Scanned from DE

Summary HTTP 71 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 26 domains to perform 71 HTTP transactions. The main IP is 2a02:26f0:f500:4b7::20b, located in Munich, Germany and belongs to AKAMAI-ASN1, NL. The main domain is my.xfinityprepaid.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on August 4th 2023. Valid for: a year.

This is the only time my.xfinityprepaid.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:f50... 2a02:26f0:f500:496::20b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	2a02:26f0:f50... 2a02:26f0:f500:4b7::20b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	65.9.65.116 65.9.65.116	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	23.212.202.173 23.212.202.173	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	89.207.16.204 89.207.16.204	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4	2600:9000:215... 2600:9000:2156:7800:12:1bf:30c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:710... 2a02:26f0:7100:882::2af2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	52.210.32.130 52.210.32.130	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 2	52.51.74.64 52.51.74.64	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	3.33.255.181 3.33.255.181	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:f50... 2a02:26f0:f500:4aa::30d4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::44 2620:1ec:46::44	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 2	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
2	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:7a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
71	32

1 2a02:26f0:f500:496::20b (Munich, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

my.xfinityprepaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:26f0:f500:4b7::20b (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

my.xfinityprepaid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
common-payment.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

4053494.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.65.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-65-116.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.212.202.173 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-202-173.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.207.16.204 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams04-nessy-float2.dotomi.com

login.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2156:7800:12:1bf:30c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-prod.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:882::2af2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.comcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.32.130 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-32-130.eu-west-1.compute.amazonaws.com

comcast.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.74.64 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-74-64.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.255.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: aedf1f689f9b4287e.awsglobalaccelerator.com

app.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:f500:4aa::30d4 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.cimcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.155.104 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	xfinityprepaid.com 1 redirects my.xfinityprepaid.com	607 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 x.clarity.ms — Cisco Umbrella Rank: 7419 c.clarity.ms — Cisco Umbrella Rank: 1405	28 KB
6	demdex.net 3 redirects comcast.demdex.net — Cisco Umbrella Rank: 4694 dpm.demdex.net — Cisco Umbrella Rank: 228	4 KB
6	doubleclick.net 2 redirects 4053494.fls.doubleclick.net — Cisco Umbrella Rank: 51758 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	4 KB
5	securiti.ai cdn-prod.securiti.ai — Cisco Umbrella Rank: 14877 app.securiti.ai — Cisco Umbrella Rank: 18494	173 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 874	762 B
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 366 c.bing.com — Cisco Umbrella Rank: 236	16 KB
3	google.de 1 redirects www.google.de — Cisco Umbrella Rank: 6862 adservice.google.de — Cisco Umbrella Rank: 14376	1 KB
3	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 adservice.google.com — Cisco Umbrella Rank: 105 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 955	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	246 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1245 pixel.quantserve.com — Cisco Umbrella Rank: 964	9 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 310	2 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	20 KB
2	cimcontent.net static.cimcontent.net — Cisco Umbrella Rank: 27757	172 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	dotomi.com login.dotomi.com — Cisco Umbrella Rank: 2848	3 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	xfinity.com common-payment.xfinity.com — Cisco Umbrella Rank: 181795	5 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1212	1 KB
1	turn.com r.turn.com — Cisco Umbrella Rank: 4121	398 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 415	98 B
1	comcast.com cdn.comcast.com — Cisco Umbrella Rank: 35301	9 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1161	17 KB
1	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1610 insight.adsrvr.org Failed	3 KB
71	26

	Domain	Requested by
15	my.xfinityprepaid.com	1 redirects my.xfinityprepaid.com
4	tr.snapchat.com	sc-static.net
4	comcast.demdex.net	2 redirects my.xfinityprepaid.com
4	cdn-prod.securiti.ai	www.googletagmanager.com my.xfinityprepaid.com cdn-prod.securiti.ai
3	servedby.flashtalking.com	www.googletagmanager.com servedby.flashtalking.com
3	bat.bing.com	my.xfinityprepaid.com bat.bing.com
3	4053494.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	www.googletagmanager.com	my.xfinityprepaid.com www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	x.clarity.ms	www.clarity.ms
2	s.amazon-adsystem.com	1 redirects 4053494.fls.doubleclick.net
2	www.googleadservices.com	4053494.fls.doubleclick.net www.googleadservices.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	static.cimcontent.net	cdn.comcast.com
2	dpm.demdex.net	1 redirects servedby.flashtalking.com
2	www.google.de	my.xfinityprepaid.com 4053494.fls.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	login.dotomi.com	www.googletagmanager.com login.dotomi.com
2	connect.facebook.net	my.xfinityprepaid.com connect.facebook.net
2	common-payment.xfinity.com	my.xfinityprepaid.com
1	c.bing.com	1 redirects
1	pixel.quantserve.com	4053494.fls.doubleclick.net
1	rules.quantcount.com	secure.quantserve.com
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	secure.quantserve.com	4053494.fls.doubleclick.net
1	r.turn.com	4053494.fls.doubleclick.net
1	adservice.google.de	1 redirects
1	www.facebook.com	my.xfinityprepaid.com
1	adservice.google.com	4053494.fls.doubleclick.net
1	app.securiti.ai	cdn-prod.securiti.ai
1	idsync.rlcdn.com	servedby.flashtalking.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.comcast.com	www.googletagmanager.com
1	sc-static.net	my.xfinityprepaid.com
1	js.adsrvr.org	www.googletagmanager.com
0	insight.adsrvr.org Failed	js.adsrvr.org
71	38

This site contains links to these domains. Also see Links.

Domain
www.xfinity.com
www.xfinityprepaid.com
idm.xfinity.com
oauth.xfinity.com

Subject Issuer	Validity	Valid
t.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2023-08-04` - `2024-08-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2023-11-27`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
app.securiti.ai Amazon RSA 2048 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
xapi.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2023-11-15` - `2024-11-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
static.cimcontent.net COMODO RSA Organization Validation Secure Server CA	`2023-03-30` - `2024-03-29`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.turn.com RapidSSL TLS RSA CA G1	`2023-03-22` - `2024-03-31`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://my.xfinityprepaid.com/
Frame ID: 723D64B8D23F0A70027A41E65E38A01A
Requests: 56 HTTP requests in this frame

Frame: https://4053494.fls.doubleclick.net/activityi;dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F
Frame ID: 77B3A0714A13C3B9045B8F31D6FA5DA3
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ftXRef=FTXREF_VALUE&ftXValue=FTXVALUE_VALUE&ftXType=FTXTYPE_VALUE&ftXName=FTXNAME_VALUE&ftXNumItems=FTXNUMITEMS_VALUE&ftXCurrency=FTXCURRENCY_VALUE&U1=U1_VALUE&U2=U2_VALUE&U3=U3_VALUE&U4=U4_VALUE&U5=U5_VALUE&U6=U6_VALUE&U7=U7_VALUE&U8=U8_VALUE&U9=U9_VALUE&U10=U10_VALUE&U11=U11_VALUE&U12=U12_VALUE&U13=U13_VALUE&U14=U14_VALUE&U15=U15_VALUE&U16=U16_VALUE&U17=U17_VALUE&U18=U18_VALUE&U19=U19_VALUE&U20=U20_VALUE&ft_referrer=https%3A%2F%2Fmy.xfinityprepaid.com%2F&ns=&cb=1328241032
Frame ID: 0C734EAEADD3D9BDB7C99C12B5EBF2A6
Requests: 5 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=9f2d049f-d5d3-4b5e-a3cc-bcb7c0bf3e99&u_scsid=31475365-8565-499f-bc59-d6be6bf7ed3f&u_sclid=139cd2d1-bb5f-4273-ab70-fe31b1adab84
Frame ID: 651F7AD287A25B1C5D66893692FEB495
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F
Frame ID: 9DA79F2101AAFB778A1CE45125ED3728
Requests: 1 HTTP requests in this frame

Frame: https://4053494.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F
Frame ID: FA186359B90304E486D9712FD98A33BC
Requests: 9 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=v86csf1&ref=https%3A%2F%2Fmy.xfinityprepaid.com%2F&upid=ykkm5a6&upv=1.1.0
Frame ID: D42AB48131303D9173EE9EB924CD0846
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In To Your Xfinity Prepaid Account | Xfinity Prepaid

Page URL History Show full URLs

http://my.xfinityprepaid.com/ HTTP 301
https://my.xfinityprepaid.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

71
Requests

90 %
HTTPS

60 %
IPv6

26
Domains

38
Subdomains

32
IPs

6
Countries

1428 kB
Transfer

4432 kB
Size

33
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xfinity.com/privacy/policy/cookienotice
Title: Cookie Policy.

Search URL Search Domain Scan URL

URL: https://www.xfinityprepaid.com/
Title: xfinity

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/create-uid?execution=e1s1&continue=https%3A%2F%2Fmy.xfinityprepaid.com%2F
Title: Create an Xfinity ID

Search URL Search Domain Scan URL

URL: https://oauth.xfinity.com/oauth/authorize?client_id=xfinity_prepaid_digital&response_type=code&redirect_uri=https%3A%2F%2Fmy.xfinityprepaid.com%2F&scope=openid%20urn:cpc:scope:method-of-payment-service:all
Title: ALREADY HAVE ONE? LOG IN

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/create-uid
Title: Creating one is quick and easy

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/lookup?execution=e1s1
Title: help you retrieve or change your password

Search URL Search Domain Scan URL

URL: https://www.xfinityprepaid.com/support
Title: xfinityprepaid.com/support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://my.xfinityprepaid.com/ HTTP 301
https://my.xfinityprepaid.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12

https://4053494.fls.doubleclick.net/activityi;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F HTTP 302
https://4053494.fls.doubleclick.net/activityi;dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F

Request Chain 23

https://comcast.demdex.net/event?d_sid=9719943 HTTP 302
https://comcast.demdex.net/firstevent?d_sid=9719943

Request Chain 24

https://comcast.demdex.net/event?d_sid=10520115 HTTP 302
https://comcast.demdex.net/firstevent?d_sid=10520115

Request Chain 29

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=99999999999999& HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&

Request Chain 54

https://adservice.google.de/ddm/fls/i/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F HTTP 302
https://4053494.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F

Request Chain 61

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D1fd5b972-6e38-daa8-18fc-3c4f1a961230%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.xfinityprepaidhomepage.com&ex-hargs=v%3D1.0%3Bc%3D9803753671926%3Bp%3D1FD5B972-6E38-DAA8-18FC-3C4F1A961230 HTTP 302
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D1fd5b972-6e38-daa8-18fc-3c4f1a961230%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.xfinityprepaidhomepage.com&ex-hargs=v%3D1.0%3Bc%3D9803753671926%3Bp%3D1FD5B972-6E38-DAA8-18FC-3C4F1A961230&dcc=t

Request Chain 66

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/824315090/?random=115111486&cv=9&fst=1700471733076&num=1&npa=1&label=8ez5CP-2h8ABENKZiIkD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJCHr-ye0oIDFcUIogMd9VQITA%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini02-%3Bord%3D2758878176862%3Bauiddc%3D692101225.1700471732%3Bgtm%3D45He3b81v76154393%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fmy.xfinityprepaid.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&ocp_id=tSNbZcjcBqe5x_APl-eAiAk&sscte=1&crd=&pscrd=IhMIiIvp7J7SggMVp9wRCB2XMwCR HTTP 302
https://www.google.com/pagead/1p-conversion/824315090/?random=115111486&cv=9&fst=1700471733076&num=1&npa=1&label=8ez5CP-2h8ABENKZiIkD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJCHr-ye0oIDFcUIogMd9VQITA%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini02-%3Bord%3D2758878176862%3Bauiddc%3D692101225.1700471732%3Bgtm%3D45He3b81v76154393%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fmy.xfinityprepaid.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIiIvp7J7SggMVp9wRCB2XMwCR&is_vtc=1&ocp_id=tSNbZcjcBqe5x_APl-eAiAk&cid=CAQSKQDICaaN3B0Mc4E-I-rtbewbheN7FyuEcm3RtoDajpEk5LGX73qjsl3e&random=3986332237&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/824315090/?random=115111486&cv=9&fst=1700471733076&num=1&npa=1&label=8ez5CP-2h8ABENKZiIkD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJCHr-ye0oIDFcUIogMd9VQITA%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini02-%3Bord%3D2758878176862%3Bauiddc%3D692101225.1700471732%3Bgtm%3D45He3b81v76154393%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fmy.xfinityprepaid.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIiIvp7J7SggMVp9wRCB2XMwCR&is_vtc=1&ocp_id=tSNbZcjcBqe5x_APl-eAiAk&cid=CAQSKQDICaaN3B0Mc4E-I-rtbewbheN7FyuEcm3RtoDajpEk5LGX73qjsl3e&random=3986332237&resp=GooglemKTybQhCsO&ipr=y

Request Chain 70

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=91580A52E9F44B1F9E111BCFE3E98104&RedC=c.clarity.ms&MXFR=13728B46B0B6632A0D969889B4B66D15 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=91580A52E9F44B1F9E111BCFE3E98104&MUID=01D109EAAF07644113001A25AE6C6513

71 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
my.xfinityprepaid.com/
Redirect Chain

http://my.xfinityprepaid.com/
https://my.xfinityprepaid.com/

3 KB
3 KB

218ms
109ms

Document
text/html

2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4740cbe45b4e3ef984bbcd4e37e2d48d1ba86d60fb77e3e037da4d6db8147ed1

Security Headers

Name	Value
Content-Security-Policy	default-src https: wss://.hotjar.com; img-src 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 1717
content-security-policy: default-src https: wss://*.hotjar.com; img-src * 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; style-src 'self' 'unsafe-inline' *
content-type: text/html
date: Mon, 20 Nov 2023 09:15:30 GMT
etag: W/"16f19ccd5e916dca58e4ae6b2d410889"
expires: Mon, 20 Nov 2023 09:15:30 GMT
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'self'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; usb 'none'
last-modified: Thu, 31 Aug 2023 04:02:28 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=15768000 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mTOE,2
x-amz-cf-id: K1NDaJ5swlhAKjFbAmP_gGrDasOP4-DzuBmXKD4mIWXqZG9bjyUh8w==
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
x-amz-version-id: l76qGRVWUDZkQQIL02Gs2wIhHD7EX0zm
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Date: Mon, 20 Nov 2023 09:15:30 GMT
Expires: Mon, 20 Nov 2023 09:15:30 GMT
Location: https://my.xfinityprepaid.com/
Pragma: no-cache

GET
H2 200 main.a2a86baa.chunk.css
my.xfinityprepaid.com/static/css/ 232 KB
46 KB 130ms
129ms Stylesheet
text/css 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

70580eaffefc90f52839fc42b50e21359ac9cd387d6373b5f0d6871b401b4740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
x-amz-version-id: ZsFGFo26y74GrYR0gZ9xmox6k5_lNKgA
content-encoding: gzip
date: Mon, 20 Nov 2023 09:15:30 GMT
last-modified: Thu, 31 Aug 2023 04:02:29 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: W/"51d015dc4c0540b005e1020c0ac007bb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=0, no-cache, no-store
x-amz-cf-id: qeTsrwbjHzHWfYp0sjKUBjSN_8FXRDTjTUGY6pFO8pZtsu8Vgu00ig==
content-length: 46875
expires: Mon, 20 Nov 2023 09:15:30 GMT

GET
H2 200 7e609bf3 Show response
my.xfinityprepaid.com/akam/13/ 26 KB
9 KB 569ms
568ms Script
application/javascript 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/akam/13/7e609bf3

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

40d85119d069c30d3af7472e75b0755e4953e15fa2cc7601feebf2c6483b8c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:31 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Wed, 09 Feb 2022 15:09:56 GMT
etag: "13ba1d0fee3488afcaae5146b7832f1bb10e4c122ad297d805cfd7a3f458be4b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
content-length: 8767
expires: Mon, 20 Nov 2023 09:15:31 GMT

GET
H2 200 native-shim.js Show response
common-payment.xfinity.com/2.1.0/jump/ 419 B
730 B 802ms
671ms Script
application/javascript 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://common-payment.xfinity.com/2.1.0/jump/native-shim.js

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b00c817db3279f4c835949b0271c729e4b42daa4fb9e9c1482428a91db78507b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: R8fDY_DrPuueYWNxwABPxTlZn7yPDEXh
content-encoding: gzip
date: Mon, 20 Nov 2023 09:15:31 GMT
last-modified: Mon, 14 Aug 2023 20:23:01 GMT
strict-transport-security: max-age=86400
x-amz-cf-pop: IAD55-P2
etag: "70d7905894fed50739bd076b9c6fd8ba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=582, origin; dur=0, ak_p; desc="1700471730984_34820665_40794505_58279_51410_35_0_219";dur=1
accept-ranges: bytes
x-amz-cf-id: ZoWODiptrki3FY7Rt8L2QZfNWmCO8T3nz57MRV4ymruBzez3r71Zow==
content-length: 252

GET
H2 200 jump-web-component-bundle.js Show response
common-payment.xfinity.com/2.1.0/jump/ 19 KB
4 KB 817ms
686ms Script
application/javascript 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://common-payment.xfinity.com/2.1.0/jump/jump-web-component-bundle.js

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

c09a53ed0aac9304f40206a035f791807dd2e58dc137b802ac341bcff4deda49

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: wtKH82cwLEN7wYJRsi3wsiEfFLIF5e4H
content-encoding: gzip
date: Mon, 20 Nov 2023 09:15:31 GMT
strict-transport-security: max-age=86400
x-amz-request-id: AZBGPRTTF7ZNH71G
x-amz-cf-pop: ORD52-C2
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=HIT, edge; dur=596, origin; dur=0, ak_p; desc="1700471730985_34820665_40794503_59668_52446_35_0_219";dur=1
content-length: 3793
x-amz-id-2: EYEsyLG+5nbdZwEVTsoT4gGG9mM8YEu/ze00lQs4pBLxaBoPjOGs0ycuaHqvUa1wzmmOeZb7BbQ=
last-modified: Mon, 14 Aug 2023 20:23:01 GMT
etag: "c185c13ad317a1f431b6b08405cba867"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: IAHwht8A66SbhbHJ0RHkr5LGj2VaaNcSNDh-NyPZCMPWYVHbJXMO9A==

GET
H2 200 2.bcf5f605.chunk.js Show response
my.xfinityprepaid.com/static/js/ 866 KB
259 KB 52ms
52ms Script
application/javascript 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/static/js/2.bcf5f605.chunk.js

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b834c9be4e7af32da221f3e746be0a0662978c3a7b7c89704a61991ff86076a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
x-amz-version-id: 3RHH0jjSAdnQmtKn6hrFx_07Lhd3yD8l
content-encoding: gzip
date: Mon, 20 Nov 2023 09:15:30 GMT
last-modified: Thu, 31 Aug 2023 04:02:29 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: W/"47a6bb0158656368858e91e2dad58fb8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
x-amz-cf-id: TiuHBrndVUm1dt3DBfpUgfJusAqrAOn1XB5TN694R44kHky7tCiewQ==
expires: Mon, 20 Nov 2023 09:15:30 GMT

GET
H2 200 main.b08d6afb.chunk.js Show response
my.xfinityprepaid.com/static/js/ 844 KB
158 KB 440ms
440ms Script
application/javascript 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/static/js/main.b08d6afb.chunk.js

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

97227462787fb99c7969acc44b0c88534ee9e1766cc074e9d60e8c9fb6b144e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
x-amz-version-id: _GPgPVx3EB1pD4iATly9ICm0MP8kakhO
content-encoding: gzip
date: Mon, 20 Nov 2023 09:15:31 GMT
last-modified: Thu, 31 Aug 2023 04:02:29 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: W/"a20024bd44076dc837ef08d14d866fd1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, no-cache, no-store
x-amz-cf-id: rS1wor6U9PQb8L0R1AC0hqysPgsphduW7UwpeGN9Vkn2dW0MNYrKlQ==
content-length: 161283
expires: Mon, 20 Nov 2023 09:15:31 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 328 KB
98 KB 121ms
53ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSK4F25&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ce4670bc0adce1fc2caad3f70c242d0dd410820a82b52835b86569fe2453c052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100278
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Nov 2023 09:15:31 GMT

GET
H2 200 XfinityStandard-Regular.5ede86d8.woff2
my.xfinityprepaid.com/static/media/ 26 KB
27 KB 463ms
461ms Font
binary/octet-stream 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/static/media/XfinityStandard-Regular.5ede86d8.woff2

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css
Origin: https://my.xfinityprepaid.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
x-amz-version-id: toQKyBLgGBNFo1hI5Ipp_LjDL_gRK_69
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Thu, 31 Aug 2023 04:02:29 GMT
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: "e3e79cd377b28c1e7ffea64b194136cf"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 26768
x-amz-cf-id: MU0WLgWCtbyCK0qy5XJOWOi8Al4U2BygXZoQepDnaUa_dGX_Re3Z_g==
expires: Mon, 20 Nov 2023 09:15:32 GMT

GET
H2 204 token Show response
my.xfinityprepaid.com/ 0
872 B 397ms
397ms XHR
text/plain 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/token?trackingId=bb2d2951-61de-48c1-b41f-b9c4bd3959fb

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/static/js/2.bcf5f605.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.xfinityprepaid.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-amz-cf-pop: MUC50-P3
cache-control: max-age=0, no-cache, no-store
content-length: 0
x-amz-cf-id: GGGNU8MN8Je9ll_HSyvZgUmt7cJ6sC1y-wUM3dQTEL_DGg7lI0kbTw==
expires: Mon, 20 Nov 2023 09:15:32 GMT

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
82 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3HZMHDCGDN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSK4F25&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

944544db414ef461151f0110a0517eb358bb2b427fe7d679fd05bae4d37ae1a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84106
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 20 Nov 2023 09:15:32 GMT

GET
H2

200

activityi;dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;... Show response
4053494.fls.doubleclick.net/ Frame 77B3
Redirect Chain

https://4053494.fls.doubleclick.net/activityi;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab...
https://4053494.fls.doubleclick.net/activityi;dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1...

590 B
515 B

69ms
63ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4053494.fls.doubleclick.net/activityi;dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSK4F25&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

1a8db56c9dcf9666753d6fa47995ea8f8927a77b05bd04f8eebcf707b13e2079

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://my.xfinityprepaid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 339
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 09:15:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 09:15:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://4053494.fls.doubleclick.net/activityi;dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 118ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 20 Nov 2023 09:15:31 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6477D23F9F0442E19003EE1C0A2F00BC Ref B: FRAEDGE1122 Ref C: 2023-11-20T09:15:32Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 93ms
24ms Script
application/x-javascript 65.9.65.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSK4F25&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.65.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-65-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Mon, 20 Nov 2023 02:56:46 GMT
Content-Encoding: gzip
Via: 1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
Last-Modified: Mon, 20 Nov 2023 02:56:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 22727
ETag: W/"b7474eac210849250426a8f6a39d00f3"
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: N6GoWysnDfUib0V-SHVFn1hcTyDZGFbcB2d6APFL6xYxG8QXUHVfFw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 88ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Nov 2023 09:15:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: aZYePphDZF6Mb+EhtglywjipYzJ/BdBsmWXqAP/fESCVOx2Uu2/RUCP3eHVMFLPkNgkkiHFtnvQV+fpSW9nXgA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/container/12345;91797;9487;iframe/ Frame 0C73 3 KB
2 KB 96ms
31ms Document
text/html 23.212.202.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ftXRef=FTXREF_VALUE&ftXValue=FTXVALUE_VALUE&ftXType=FTXTYPE_VALUE&ftXName=FTXNAME_VALUE&ftXNumItems=FTXNUMITEMS_VALUE&ftXCurrency=FTXCURRENCY_VALUE&U1=U1_VALUE&U2=U2_VALUE&U3=U3_VALUE&U4=U4_VALUE&U5=U5_VALUE&U6=U6_VALUE&U7=U7_VALUE&U8=U8_VALUE&U9=U9_VALUE&U10=U10_VALUE&U11=U11_VALUE&U12=U12_VALUE&U13=U13_VALUE&U14=U14_VALUE&U15=U15_VALUE&U16=U16_VALUE&U17=U17_VALUE&U18=U18_VALUE&U19=U19_VALUE&U20=U20_VALUE&ft_referrer=https%3A%2F%2Fmy.xfinityprepaid.com%2F&ns=&cb=1328241032

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSK4F25&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.202.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-202-173.deploy.static.akamaitechnologies.com

Software

prod-xre-app18.frk11 /

Resource Hash

24f3c34df40e7a78bdad156bfbb8b96b4df3df16168e209cde34b9efb2fe9f82

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://my.xfinityprepaid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1352
Content-Type: text/html
Date: Mon, 20 Nov 2023 09:15:32 GMT
Expires: Mon, 20 Nov 2023 09:15:32 GMT
Pragma: no-cache
Server: prod-xre-app18.frk11
Strict-Transport-Security: max-age=86400
Vary: Accept-Encoding

GET
H2 200 scevent.min.js Show response
sc-static.net/ 40 KB
17 KB 109ms
42ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: d61a6b3234c115e36708d7bbf28cc53c3dc234feddecbba63f52dbca4254145e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 17231
x-amz-cf-id: htTYFvxGN8jmaXOasRxLqYIT0UXClrid1LTimOV0JcypMByisGPz2g==

GET
H2 200 1_0 Show response
login.dotomi.com/profile/visit/js/ 8 KB
2 KB 171ms
66ms Script
application/javascript 89.207.16.204
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/profile/visit/js/1_0?dtm_cid=80315&dtm_cmagic=97cdaa&dtm_fid=2403&cachebuster=1619482893
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSK4F25&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.204 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: 2039ec804489c4e763ba92a8d48d5396e322acec3e7b90899052f8dd811659b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: application/javascript
cache-control: no-cache, private, max-age=0, no-store
content-length: 2172
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-4053494

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSK4F25&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c6518cb45e8ef901a3a023c4660911e819c051828ddd30f5d4d7adbe1df35426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67282
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 20 Nov 2023 09:15:32 GMT

GET
H2 200 ff473080-3a9f-4aa5-bc04-9110ade3d755.js Show response
cdn-prod.securiti.ai/consent/auto_blocking/4b9bbe2a-9c5d-4512-bb76-768a8ea32bc0/ 17 KB
6 KB 138ms
51ms Script
application/javascript 2600:9000:2156:7800:12:1bf:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/auto_blocking/4b9bbe2a-9c5d-4512-bb76-768a8ea32bc0/ff473080-3a9f-4aa5-bc04-9110ade3d755.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSK4F25&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7800:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0e22fff916516df387fff0184f9d25452be3f525bea470919f8e485fb726601e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: Yr6iO0ZqM5Eq68q_vrHIhBw8NhKjmXUX
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Sun, 19 Nov 2023 19:53:22 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
age: 48130
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 01 Aug 2023 15:50:50 GMT
server: AmazonS3
etag: W/"b33094076615c11757e3af41611edbc0"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=86400
x-amz-cf-id: DocGaCz_FIWKhDLt-FZ213SuqZDzLcbRKeAxC8MRgxv7adLCk0QlUw==

GET
H2 200 cookie-consent.css
cdn.comcast.com/cmp/css/ 55 KB
9 KB 163ms
59ms Stylesheet
text/css 2a02:26f0:7100:882::2af2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.comcast.com/cmp/css/cookie-consent.css
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSK4F25&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:882::2af2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ed3e6f6e4fd2a9cf28cf725c7eda293f69c67f5740a79dc58eca9ac914d18b6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 05:41:14 GMT
etag: "df713a0426607730a983610ffcc7f6ec:1692019053.597296"
content-type: text/css
cache-control: max-age=2319930
accept-ranges: bytes
x-robots-tag: noindex, nofollow
content-length: 8936
expires: Sun, 17 Dec 2023 05:41:02 GMT

GET
H2 200 cookie-consent-sdk.js Show response
cdn-prod.securiti.ai/consent/ 342 KB
75 KB 109ms
24ms Script
text/javascript 2600:9000:2156:7800:12:1bf:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7800:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

56ba66ae09f81233fc0266d0f1752d3f82a866263c7a764755fa2230c8690207

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: TNHQ_qOLynin2mWes_qcm8TJ_tOEev93
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Mon, 20 Nov 2023 08:19:01 GMT
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
age: 3392
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Tue, 14 Nov 2023 23:16:45 GMT
server: AmazonS3
etag: W/"07df42af6f2cbc0b53ad415ce030e2bf"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: KAT4Cqlm91iyt9YdZJAxniDLM-d-nuQIVTGpx9UB0dFR1NMV7chpvQ==

GET
H2

200

firstevent
comcast.demdex.net/
Redirect Chain

https://comcast.demdex.net/event?d_sid=9719943
https://comcast.demdex.net/firstevent?d_sid=9719943

42 B
722 B

98ms
97ms

Image
image/gif

52.210.32.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://comcast.demdex.net/firstevent?d_sid=9719943

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Server

52.210.32.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-32-130.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-0d41b9f76.edge-irl1.demdex.com 4 ms
pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: f/Y/T5/oRk0=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0d743c645.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: hVx20s2uSUQ=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://comcast.demdex.net/firstevent?d_sid=9719943
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

firstevent
comcast.demdex.net/
Redirect Chain

https://comcast.demdex.net/event?d_sid=10520115
https://comcast.demdex.net/firstevent?d_sid=10520115

42 B
722 B

97ms
97ms

Image
image/gif

52.210.32.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://comcast.demdex.net/firstevent?d_sid=10520115

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Server

52.210.32.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-210-32-130.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-07bc3a343.edge-irl1.demdex.com 5 ms
pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: c6EHWPTdSaQ=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-09f0ac7a1.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: /TuvZzLHTCI=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://comcast.demdex.net/firstevent?d_sid=10520115
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 76ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSK4F25&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 20 Nov 2023 07:49:38 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5154
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 20 Nov 2023 09:49:38 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 84ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-3HZMHDCGDN&gtm=45je3b81v9123468614z876154393&_p=1700471731824&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1984655925.1700471732&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700471732&sct=1&seg=0&dl=https%3A%2F%2Fmy.xfinityprepaid.com%2F&dt=Comcast%20Prepaid&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1794
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HZMHDCGDN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.xfinityprepaid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 89ms
28ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3HZMHDCGDN&cid=1984655925.1700471732&gtm=45je3b81v9123468614z876154393&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3HZMHDCGDN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.xfinityprepaid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 102ms
47ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-3HZMHDCGDN&cid=1984655925.1700471732&gtm=45je3b81v9123468614z876154393&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=897852099

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 0C73
Redirect Chain

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=99999999999999&
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&

42 B
731 B

92ms
92ms

Image
image/gif

52.51.74.64
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&

Requested by

Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ftXRef=FTXREF_VALUE&ftXValue=FTXVALUE_VALUE&ftXType=FTXTYPE_VALUE&ftXName=FTXNAME_VALUE&ftXNumItems=FTXNUMITEMS_VALUE&ftXCurrency=FTXCURRENCY_VALUE&U1=U1_VALUE&U2=U2_VALUE&U3=U3_VALUE&U4=U4_VALUE&U5=U5_VALUE&U6=U6_VALUE&U7=U7_VALUE&U8=U8_VALUE&U9=U9_VALUE&U10=U10_VALUE&U11=U11_VALUE&U12=U12_VALUE&U13=U13_VALUE&U14=U14_VALUE&U15=U15_VALUE&U16=U16_VALUE&U17=U17_VALUE&U18=U18_VALUE&U19=U19_VALUE&U20=U20_VALUE&ft_referrer=https%3A%2F%2Fmy.xfinityprepaid.com%2F&ns=&cb=1328241032

Protocol

Server

52.51.74.64 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-74-64.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-06e6f5928.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: ItDsmlCmQ1s=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error: 104,303
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-2-v054-0734bfb3b.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: rNvTyz4sQj8=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 451 422866.gif
idsync.rlcdn.com/ Frame 0C73 0
98 B 107ms
32ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/422866.gif?partner_uid=99999999999999&
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ftXRef=FTXREF_VALUE&ftXValue=FTXVALUE_VALUE&ftXType=FTXTYPE_VALUE&ftXName=FTXNAME_VALUE&ftXNumItems=FTXNUMITEMS_VALUE&ftXCurrency=FTXCURRENCY_VALUE&U1=U1_VALUE&U2=U2_VALUE&U3=U3_VALUE&U4=U4_VALUE&U5=U5_VALUE&U6=U6_VALUE&U7=U7_VALUE&U8=U8_VALUE&U9=U9_VALUE&U10=U10_VALUE&U11=U11_VALUE&U12=U12_VALUE&U13=U13_VALUE&U14=U14_VALUE&U15=U15_VALUE&U16=U16_VALUE&U17=U17_VALUE&U18=U18_VALUE&U19=U19_VALUE&U20=U20_VALUE&ft_referrer=https%3A%2F%2Fmy.xfinityprepaid.com%2F&ns=&cb=1328241032
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servedby.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK /
servedby.flashtalking.com/spot/1/12345;108289;11135/ Frame 0C73 42 B
343 B 26ms
24ms Image
image/gif 23.212.202.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/spot/1/12345;108289;11135/?spotName=Comcast_SiteVisit&ftXRef=U6_VALUE&U7=https%253A%252F%252Fmy.xfinityprepaid.com%252F&cachebuster=651814.9988772373

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.202.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-202-173.deploy.static.akamaitechnologies.com

Software

prod-xre-app14.frk11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ftXRef=FTXREF_VALUE&ftXValue=FTXVALUE_VALUE&ftXType=FTXTYPE_VALUE&ftXName=FTXNAME_VALUE&ftXNumItems=FTXNUMITEMS_VALUE&ftXCurrency=FTXCURRENCY_VALUE&U1=U1_VALUE&U2=U2_VALUE&U3=U3_VALUE&U4=U4_VALUE&U5=U5_VALUE&U6=U6_VALUE&U7=U7_VALUE&U8=U8_VALUE&U9=U9_VALUE&U10=U10_VALUE&U11=U11_VALUE&U12=U12_VALUE&U13=U13_VALUE&U14=U14_VALUE&U15=U15_VALUE&U16=U16_VALUE&U17=U17_VALUE&U18=U18_VALUE&U19=U19_VALUE&U20=U20_VALUE&ft_referrer=https%3A%2F%2Fmy.xfinityprepaid.com%2F&ns=&cb=1328241032
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 09:15:32 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app14.frk11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Mon, 20 Nov 2023 09:15:32 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/segment/modify/y41_U6_VALUE;;pixel/ Frame 0C73 42 B
550 B 52ms
24ms Image
image/gif 23.212.202.173
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/segment/modify/y41_U6_VALUE;;pixel/?valuePairs=c_SV_12345

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.212.202.173 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-212-202-173.deploy.static.akamaitechnologies.com

Software

prod-xre-app3.frk11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ftXRef=FTXREF_VALUE&ftXValue=FTXVALUE_VALUE&ftXType=FTXTYPE_VALUE&ftXName=FTXNAME_VALUE&ftXNumItems=FTXNUMITEMS_VALUE&ftXCurrency=FTXCURRENCY_VALUE&U1=U1_VALUE&U2=U2_VALUE&U3=U3_VALUE&U4=U4_VALUE&U5=U5_VALUE&U6=U6_VALUE&U7=U7_VALUE&U8=U8_VALUE&U9=U9_VALUE&U10=U10_VALUE&U11=U11_VALUE&U12=U12_VALUE&U13=U13_VALUE&U14=U14_VALUE&U15=U15_VALUE&U16=U16_VALUE&U17=U17_VALUE&U18=U18_VALUE&U19=U19_VALUE&U20=U20_VALUE&ft_referrer=https%3A%2F%2Fmy.xfinityprepaid.com%2F&ns=&cb=1328241032
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 09:15:32 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app3.frk11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Mon, 20 Nov 2023 09:15:32 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
212 B 31ms
28ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=861658918&t=pageview&_s=1&dl=https%3A%2F%2Fmy.xfinityprepaid.com%2F&de=UTF-8&dt=Comcast%20Prepaid&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAACAAI~&jid=1514748951&gjid=98022796&cid=1984655925.1700471732&tid=UA-89578981-1&_gid=459535637.1700471732&_slc=1&gtm=45He3b81n81KSK4F25v76154393&cd4=website&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1583029366

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xfinityprepaid.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.xfinityprepaid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 31ms
29ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-89578981-1&cid=1984655925.1700471732&jid=1514748951&gjid=98022796&_gid=459535637.1700471732&_u=YCDAiEABBAAAAGAAI~&z=597021432

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://my.xfinityprepaid.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 20 Nov 2023 09:15:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://my.xfinityprepaid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 633034860235020 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 97ms
92ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/633034860235020?v=2.9.138&r=stable&domain=my.xfinityprepaid.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7acd96157e5b08243d9c9214c1c3aba037f5d5a8c877af29fd4e2ec5d331f7ab

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 20 Nov 2023 09:15:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: jXSS09D+aInPhaxjzUDiKORW+AxWiLG5ws37wrucbbJpZA3tbxjNIVDnuOrT8lIXh8OR5a1qNUsABetiWsga7A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 5524559.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 48ms
47ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5524559.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

343e72804a7c8c4bbb943dd65a25447565392195d5bd22c26a53411da6d4e646

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Mon, 20 Nov 2023 09:15:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32B190463E364D6CBC4D724F59349B0F Ref B: FRAEDGE1122 Ref C: 2023-11-20T09:15:32Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
284 B 60ms
60ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5524559&Ver=2&mid=debc1ab4-c3e0-4372-a4ac-e65cd066721d&sid=5b0d8440878511ee8abccbf83846fdea&vid=5b0e2a00878511ee9547656ff477c497&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Comcast%20Prepaid&p=https%3A%2F%2Fmy.xfinityprepaid.com%2F&r=&lt=1522&evt=pageLoad&sv=1&rn=249608

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 20 Nov 2023 09:15:31 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D61BBBAC26D84DA5A344892775348AC4 Ref B: FRAEDGE1122 Ref C: 2023-11-20T09:15:32Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en.json Show response
cdn-prod.securiti.ai/consent/cookie_banner/4b9bbe2a-9c5d-4512-bb76-768a8ea32bc0/ff473080-3a9f-4aa5-bc04-9110ade3d755/ 135 KB
43 KB 77ms
26ms XHR
application/json 2600:9000:2156:7800:12:1bf:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie_banner/4b9bbe2a-9c5d-4512-bb76-768a8ea32bc0/ff473080-3a9f-4aa5-bc04-9110ade3d755/en.json

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7800:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5316ddd45870c6fa42099517527eb2fcfc5324446c9df4a0adaa7b0dd123b09a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:20:19 GMT
x-amz-version-id: ropovfZrcz9oWvzoVfoOW2ahwnLmM3VM
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
age: 64514
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 20 Feb 2023 19:09:12 GMT
server: AmazonS3
etag: W/"0d3351f2c9013b81b046cf91e0955e93"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=86400
x-frame-options: DENY
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: -gVccloOEHiQQkxEavs6IuzH9qK7tqe5VfnXALFnwD9U1cU2SGorgA==

GET
H2 200 location Show response
app.securiti.ai/core/v1/utils/geo/ 580 B
1 KB 634ms
162ms XHR
application/json 3.33.255.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/core/v1/utils/geo/location

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.33.255.181 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

aedf1f689f9b4287e.awsglobalaccelerator.com

Software

Resource Hash

9b25062d1343cc917ea0ef02f02375f98706eaf6665c49734ebca10a0d363e92

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://my.xfinityprepaid.com
access-control-allow-credentials: true
content-length: 580
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebec0a242eb62dac37ad10740e7797b748ff93103796ed6509414a751ce86820

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 xfinitybrown-regular.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-brown-optimized/ 84 KB
85 KB 302ms
37ms Font
binary/octet-stream 2a02:26f0:f500:4aa::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/common-web-assets/fonts/xfinity-brown-optimized/xfinitybrown-regular.woff2
Requested by: Host: cdn.comcast.com
URL: https://cdn.comcast.com/cmp/css/cookie-consent.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:4aa::30d4 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac7ab1854db99c8278486132a7cef4a5d4f2992fd59488d02b4a5c5a071407d0

Request headers

Referer: https://cdn.comcast.com/
Origin: https://my.xfinityprepaid.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: xY4VFNIKWfFjMecUbcE8gRAjkbHd00r_
date: Mon, 20 Nov 2023 09:15:32 GMT
last-modified: Thu, 15 Dec 2022 15:23:01 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
etag: "7852867d778f90102ccdec973b475759"
x-amz-server-side-encryption: AES256
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 86524
x-amz-cf-id: rbPAafl__gTyijRsHSzEqu4sppP6kqMzyhbgISJN4cf2Ve014d92VA==

GET
H2 200 9f2d049f-d5d3-4b5e-a3cc-bcb7c0bf3e99.js Show response
tr.snapchat.com/config/com/ 178 B
450 B 102ms
30ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/com/9f2d049f-d5d3-4b5e-a3cc-bcb7c0bf3e99.js?v=3.6.0-2311172034

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

440fa6989d84e239fbf9008aba1baaa185a93bee50b9a2c516881fc802da2f0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://my.xfinityprepaid.com/
Origin: https://my.xfinityprepaid.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://my.xfinityprepaid.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 178

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 651F 0
201 B 94ms
32ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=9f2d049f-d5d3-4b5e-a3cc-bcb7c0bf3e99&u_scsid=31475365-8565-499f-bc59-d6be6bf7ed3f&u_sclid=139cd2d1-bb5f-4273-ab70-fe31b1adab84

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://my.xfinityprepaid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 20 Nov 2023 09:15:32 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H2 200 activation Show response
my.xfinityprepaid.com/-/api/my.xfinityprepaid/ 28 KB
7 KB 51ms
49ms XHR
application/json 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/-/api/my.xfinityprepaid/activation

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/static/js/2.bcf5f605.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

75e2329c5225d196e704a440673570fde4031b1fc97f14db9dfb636206d8c9b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.xfinityprepaid.com/
X-XSRF-TOKEN: d7e2d5b6466a8801b52b73f6bb28acc2c6501c96ce3b6f055e85064e00a84878
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Thu, 31 Aug 2023 13:13:48 GMT
etag: "aa970f8bae0684a17221441bfbf578b9:1693487628.719556"
vary: Accept-Encoding
content-type: application/json
accept-ranges: bytes
content-length: 6225

GET
H2 200 activation Show response
my.xfinityprepaid.com/-/api/es/my.xfinityprepaid/ 30 KB
7 KB 53ms
52ms XHR
application/json 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/-/api/es/my.xfinityprepaid/activation

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/static/js/2.bcf5f605.chunk.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5a492b5714e9b734f99173445449b7a159fb42679fa2d52cc58e06ca5a49e496

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://my.xfinityprepaid.com/
X-XSRF-TOKEN: d7e2d5b6466a8801b52b73f6bb28acc2c6501c96ce3b6f055e85064e00a84878
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
content-encoding: gzip
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Thu, 31 Aug 2023 13:13:35 GMT
etag: "8f123228ee2e3607931821d4c045a401:1693487615.85268"
vary: Accept-Encoding
content-type: application/json
accept-ranges: bytes
content-length: 7084

GET
H2 200 dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam... Show response
adservice.google.com/ddm/fls/i/ Frame 9DA7 589 B
715 B 128ms
58ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F

Requested by

Host: 4053494.fls.doubleclick.net
URL: https://4053494.fls.doubleclick.net/activityi;dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1bd8801ef04b2a4e956899f4347fa8dde4750139128bbf77f8f5d3b7a04ca327

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://4053494.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 340
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 09:15:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 5524559 Show response
www.clarity.ms/tag/uet/ 827 B
1 KB 288ms
218ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5524559
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5524559.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3ff9c98e18a7bb764fd4e085795121138dd1e4355a0db621aa9f9b10d1e8b66d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: -1
date: Mon, 20 Nov 2023 09:15:32 GMT
x-azure-ref: 20231120T091532Z-mdxar66sah3398n3xmaeabwyrn00000005zg000000004634
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 827
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 65ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=633034860235020&ev=PageView&dl=https%3A%2F%2Fmy.xfinityprepaid.com%2F&rl=&if=false&ts=1700471732501&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700471732499.941283888&ler=empty&it=1700471732294&coo=false&rqm=GET

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 20 Nov 2023 09:15:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 pixel_7e609bf3 Show response
my.xfinityprepaid.com/akam/13/ 0
734 B 89ms
87ms XHR
text/html 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/akam/13/pixel_7e609bf3

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/akam/13/7e609bf3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://my.xfinityprepaid.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

expires: Mon, 20 Nov 2023 09:15:32 GMT
pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=15768000 ; includeSubDomains
content-length: 0
content-type: text/html

GET
H2 200 xfinity-black.bf81aa72.svg
my.xfinityprepaid.com/static/media/ 1 KB
1 KB 92ms
91ms Image
image/svg+xml 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.xfinityprepaid.com/static/media/xfinity-black.bf81aa72.svg

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4926583bd36e157f838796fcb067f190efbbb4c69be74fc7b23e80bce67a1cb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
x-amz-version-id: 1COJxSiNKvCUOA8b.PPnRvqpjSlQUGb3
content-encoding: gzip
date: Mon, 20 Nov 2023 09:15:32 GMT
last-modified: Thu, 31 Aug 2023 04:02:30 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: W/"a95f5a169231ed20d831dab48dc5d03b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0, no-cache, no-store
x-amz-cf-id: ZuDXiIZl1UntISxgRP5SHoWaFXa1ASbGYvz8LBWEWQOPmZtqtu2G5Q==
content-length: 726
expires: Mon, 20 Nov 2023 09:15:32 GMT

GET
H2 200 XfinityStandard-Bold.690961b6.woff2
my.xfinityprepaid.com/static/media/ 26 KB
27 KB 83ms
82ms Font
binary/octet-stream 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/static/media/XfinityStandard-Bold.690961b6.woff2

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

020e9e48d93ba9d27e827e8246dd9f855c388ff4697ba14d647fcc4d9b1ccdef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css
Origin: https://my.xfinityprepaid.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
x-amz-version-id: rVjDBMLDySBvtwzPoK4hk61_c9kr7IoW
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Thu, 31 Aug 2023 04:02:29 GMT
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: "4cf223c306de5325b4939d9d4ea2c5a5"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 26896
x-amz-cf-id: 79HhMdQcCru7hXG-D8Bt8qwVmKorSI9k42PDfaqRnccxhXERcRQHVw==
expires: Mon, 20 Nov 2023 09:15:32 GMT

GET
H2 200 XfinityStandard-Light.118639ac.woff2
my.xfinityprepaid.com/static/media/ 27 KB
27 KB 84ms
83ms Font
binary/octet-stream 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/static/media/XfinityStandard-Light.118639ac.woff2

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css
Origin: https://my.xfinityprepaid.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
x-amz-version-id: GkfG5htUrKs7sSiCmhQX7fPBqMnjrQic
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Thu, 31 Aug 2023 04:02:29 GMT
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: "f05d3ebe80809d82ab14d62a79da544e"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 27420
x-amz-cf-id: fyW7eXWqOxOJ8QsWW5RP4racEG_DbfJnJkIduulJFItuE_9zvJma3w==
expires: Mon, 20 Nov 2023 09:15:32 GMT

GET
H2 200 XfinityStandard-ExtraLight.33776b61.woff2
my.xfinityprepaid.com/static/media/ 32 KB
33 KB 114ms
113ms Font
binary/octet-stream 2a02:26f0:f500:4b7::20b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://my.xfinityprepaid.com/static/media/XfinityStandard-ExtraLight.33776b61.woff2

Requested by

Host: my.xfinityprepaid.com
URL: https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:f500:4b7::20b Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8107d336fd1e5fee55e5a439af3165b98a39d84e25a0d55af1179d8e1b7b19ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains

Request headers

Referer: https://my.xfinityprepaid.com/static/css/main.a2a86baa.chunk.css
Origin: https://my.xfinityprepaid.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
x-amz-version-id: bRoHTrY0c5U9WbcUJdrjh4xDIxuXKEWb
date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=15768000 ; includeSubDomains
last-modified: Thu, 31 Aug 2023 04:02:29 GMT
x-amz-cf-pop: MUC50-P3
x-amz-server-side-encryption: AES256
etag: "a626342f1fe2e8793440bc6f0882cb57"
vary: Accept-Encoding
content-type: binary/octet-stream
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 33268
x-amz-cf-id: 4HwDD7BPixZPFdTfFxmDn9e-Oe_nXGZCX3vQhTs98z_vXfcDOXU3-A==
expires: Mon, 20 Nov 2023 09:15:32 GMT

GET
H3

200

dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uam... Show response
4053494.fls.doubleclick.net/ddm/fls/r/ Frame FA18
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma...
https://4053494.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1...

2 KB
981 B

63ms
62ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4053494.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

5c361e86c551c52e3cd2e22808e3f7cf116e22652f129b6b233b6f8ba3cabc91

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 956
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 09:15:32 GMT
expires: Mon, 20 Nov 2023 09:15:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 20 Nov 2023 09:15:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://4053494.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 p
tr.snapchat.com/ 0
96 B 45ms
44ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://my.xfinityprepaid.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://my.xfinityprepaid.com
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 js Show response
login.dotomi.com/profile/visit/consent/ 19 B
210 B 38ms
36ms Script
application/javascript 89.207.16.204
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://login.dotomi.com/profile/visit/consent/js?dtm_cid=80315&dtm_fid=2403&dtm_cmagic=97cdaa&cachebuster=1619482893&dtm_form_uid=614607316599547847&dtmc_cmpcapture=consentDisco_!0!_apiMissing&gdpr_consent=&gdpr=1
Requested by: Host: login.dotomi.com
URL: https://login.dotomi.com/profile/visit/js/1_0?dtm_cid=80315&dtm_cmagic=97cdaa&dtm_fid=2403&cachebuster=1619482893
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.204 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams04-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: 2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: application/javascript
cache-control: no-cache, private, max-age=0, no-store
content-length: 19
expires: 0

POST
H3 200 p
tr.snapchat.com/ 0
15 B 30ms
29ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://my.xfinityprepaid.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://my.xfinityprepaid.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
25 KB 49ms
49ms Script
application/javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5524559
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:32 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 13:41:44 GMT
etag: W/"0x8DBE772F014B026"
vary: Accept-Encoding
x-azure-ref: 20231120T091532Z-mdxar66sah3398n3xmaeabwyrn00000005zg00000000463k
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7767f6a6-101e-004a-47fe-198d54000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame FA18 50 KB
19 KB 169ms
102ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 4053494.fls.doubleclick.net
URL: https://4053494.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

34eace17373618f0ef6ad0052c607c2b3a6c02af6a6e0a1d16fa15efb97c139d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4053494.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18823
x-xss-protection: 0
server: cafe
etag: 4145344891725561964
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 20 Nov 2023 09:15:33 GMT

GET
H2 200 beacon
r.turn.com/r/ Frame FA18 43 B
398 B 149ms
39ms Image
image/gif 2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=6p-MxQI-whH6lpMVYuaFmiG_fu0uFzlYsJBpqs11Mfa2ne_4BNODL5L8ZiYJLSMMjO71k7H8jA1KHiyGkAiDZQ&cid=
Requested by: Host: 4053494.fls.doubleclick.net
URL: https://4053494.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4053494.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 20 Nov 2023 09:15:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

iui3
s.amazon-adsystem.com/ Frame FA18
Redirect Chain

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D1fd5b972-6e38-daa8-18fc-3c4f1a961230%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.xfinityprepaidhomepage.com&ex-hargs=v%3D...
https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D1fd5b972-6e38-daa8-18fc-3c4f1a961230%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.xfinityprepaidhomepage.com&ex-hargs=v%3D...

43 B
855 B

131ms
130ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D1fd5b972-6e38-daa8-18fc-3c4f1a961230%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.xfinityprepaidhomepage.com&ex-hargs=v%3D1.0%3Bc%3D9803753671926%3Bp%3D1FD5B972-6E38-DAA8-18FC-3C4F1A961230&dcc=t

Requested by

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4053494.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 09:15:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9S4NZBTETXEC7HN456D9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 20 Nov 2023 09:15:33 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 89DQ0G1ZZDWS9691YHM7
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D1fd5b972-6e38-daa8-18fc-3c4f1a961230%26type%3D55%26m%3D1&ex-fch=416613&ex-src=https://www.xfinityprepaidhomepage.com&ex-hargs=v%3D1.0%3Bc%3D9803753671926%3Bp%3D1FD5B972-6E38-DAA8-18FC-3C4F1A961230&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
301 B 382ms
123ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://my.xfinityprepaid.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://my.xfinityprepaid.com
Date: Mon, 20 Nov 2023 09:15:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 de.json Show response
cdn-prod.securiti.ai/consent/cookie_banner/4b9bbe2a-9c5d-4512-bb76-768a8ea32bc0/ff473080-3a9f-4aa5-bc04-9110ade3d755/ 139 KB
49 KB 753ms
752ms XHR
application/json 2600:9000:2156:7800:12:1bf:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie_banner/4b9bbe2a-9c5d-4512-bb76-768a8ea32bc0/ff473080-3a9f-4aa5-bc04-9110ade3d755/de.json

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:7800:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

bc1971acc453de1dcfb48b5942a74084788b472604cad8e75a70a0ba836639c8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:34 GMT
x-amz-version-id: a32nIw6l_U9Yeb6lz_McfTccKA3BVJuz
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
via: 1.1 45de888accabe1a1cb5a389e8c9c1e06.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 20 Feb 2023 19:09:12 GMT
server: AmazonS3
etag: W/"9c6ebee5b3227eb50ceec90d404e8291"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=86400
x-frame-options: DENY
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Nip83iyA_1vbayRnZ4KCsMeLfSUv0bG5S6kM5zsEQtDqci103AFQYQ==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/824315090/ Frame FA18 3 KB
2 KB 39ms
35ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/824315090/?random=1700471733076&cv=9&fst=1700471733076&num=1&npa=1&label=8ez5CP-2h8ABENKZiIkD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJCHr-ye0oIDFcUIogMd9VQITA%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini02-%3Bord%3D2758878176862%3Bauiddc%3D692101225.1700471732%3Bgtm%3D45He3b81v76154393%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fmy.xfinityprepaid.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

d005ba540a461b77fa40250225ce65e37bd31d11eaf957e21fee976472fc98dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4053494.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1609
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame FA18 21 KB
9 KB 72ms
24ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 4053494.fls.doubleclick.net
URL: https://4053494.fls.doubleclick.net/ddm/fls/r/dc_pre=CJCHr-ye0oIDFcUIogMd9VQITA;src=4053494;type=comca517;cat=xfini02-;ord=2758878176862;auiddc=692101225.1700471732;gtm=45He3b81v76154393;gcd=11l1l1l1l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fmy.xfinityprepaid.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4053494.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:33 GMT
content-encoding: gzip
etag: "e23JaXq4HVtlOmThpFhluQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Mon, 27 Nov 2023 09:15:33 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/824315090/ Frame FA18
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/824315090/?random=115111486&cv=9&fst=1700471733076&num=1&npa=1&label=8ez5CP-2h8ABENKZiIkD&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
https://www.google.com/pagead/1p-conversion/824315090/?random=115111486&cv=9&fst=1700471733076&num=1&npa=1&label=8ez5CP-2h8ABENKZiIkD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C51224...
https://www.google.de/pagead/1p-conversion/824315090/?random=115111486&cv=9&fst=1700471733076&num=1&npa=1&label=8ez5CP-2h8ABENKZiIkD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247...

42 B
154 B

36ms
35ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/824315090/?random=115111486&cv=9&fst=1700471733076&num=1&npa=1&label=8ez5CP-2h8ABENKZiIkD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJCHr-ye0oIDFcUIogMd9VQITA%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini02-%3Bord%3D2758878176862%3Bauiddc%3D692101225.1700471732%3Bgtm%3D45He3b81v76154393%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fmy.xfinityprepaid.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIiIvp7J7SggMVp9wRCB2XMwCR&is_vtc=1&ocp_id=tSNbZcjcBqe5x_APl-eAiAk&cid=CAQSKQDICaaN3B0Mc4E-I-rtbewbheN7FyuEcm3RtoDajpEk5LGX73qjsl3e&random=3986332237&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4053494.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/824315090/?random=115111486&cv=9&fst=1700471733076&num=1&npa=1&label=8ez5CP-2h8ABENKZiIkD&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465926%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F4053494.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJCHr-ye0oIDFcUIogMd9VQITA%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini02-%3Bord%3D2758878176862%3Bauiddc%3D692101225.1700471732%3Bgtm%3D45He3b81v76154393%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fmy.xfinityprepaid.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIiIvp7J7SggMVp9wRCB2XMwCR&is_vtc=1&ocp_id=tSNbZcjcBqe5x_APl-eAiAk&cid=CAQSKQDICaaN3B0Mc4E-I-rtbewbheN7FyuEcm3RtoDajpEk5LGX73qjsl3e&random=3986332237&resp=GooglemKTybQhCsO&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-G84dHbkXmCUEt.js Show response
rules.quantcount.com/ Frame FA18 2 KB
1 KB 475ms
423ms Script
application/javascript 2600:9000:223c:7a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-G84dHbkXmCUEt.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b04515011d220f7d50a576bd76b7935f0bb6298cd13a1ea5fbad6b3ee9f1bba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4053494.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 09:15:34 GMT
content-encoding: gzip
via: 1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:38:07 GMT
server: AmazonS3
etag: W/"1631a1846a7023d7d999918e1e64c01c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: SGX0EbNaW_3fNoMNDIKop11akmQuzo_K80VSs43efV_aN7J22Zjj6g==

GET
H2 200 pixel;r=1240694940;labels=_fp.event.Default;rf=0;a=p-G84dHbkXmCUEt;url=https%3A%2F%2F4053494.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJCHr-ye0oIDFcUIogMd9VQITA%3Bsrc%3D4053494%3Btype%3Dcomca...
pixel.quantserve.com/ Frame FA18 35 B
372 B 38ms
22ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1240694940;labels=_fp.event.Default;rf=0;a=p-G84dHbkXmCUEt;url=https%3A%2F%2F4053494.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJCHr-ye0oIDFcUIogMd9VQITA%3Bsrc%3D4053494%3Btype%3Dcomca517%3Bcat%3Dxfini02-%3Bord%3D2758878176862%3Bauiddc%3D692101225.1700471732%3Bgtm%3D45He3b81v76154393%3Bgcd%3D11l1l1l1l1%3Bdma_cps%3Dsypham%3Bdma%3D1%3Buaa%3D%3Buab%3D%3Buafvl%3D%3Buamb%3D0%3Buam%3D%3Buap%3D%3Buapv%3D%3Buaw%3D0%3Bepver%3D2%3B~oref%3Dhttps%253A%252F%252Fmy.xfinityprepaid.com%252F;ref=https%3A%2F%2Fadservice.google.com%2F;uht=2;fpan=1;fpa=P0-1797722757-1700471733182;pbc=;ns=1;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;d=4053494.fls.doubleclick.net;dst=1;et=1700471733664;tzo=-60;ogl=;ses=08f14ede-a57e-4c57-85d5-c89f00a9338d;mdl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://4053494.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET up
insight.adsrvr.org/track/ Frame D42A 0
0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=91580A52E9F44B1F9E111BCFE3E98104&RedC=c.clarity.ms&MXFR=13728B46B0B6632A0D969889B4B66D15
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=91580A52E9F44B1F9E111BCFE3E98104&MUID=01D109EAAF07644113001A25AE6C6513

42 B
442 B

48ms
48ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=91580A52E9F44B1F9E111BCFE3E98104&MUID=01D109EAAF07644113001A25AE6C6513
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://my.xfinityprepaid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:33 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 20 Nov 2023 09:15:33 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A909CE3BC6B34CCBAF17E0DBBDF139C7 Ref B: FRAEDGE1122 Ref C: 2023-11-20T09:15:33Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=91580A52E9F44B1F9E111BCFE3E98104&MUID=01D109EAAF07644113001A25AE6C6513
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 xfinitybrown-bold.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-brown-optimized/ 87 KB
87 KB 35ms
35ms Font
binary/octet-stream 2a02:26f0:f500:4aa::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/common-web-assets/fonts/xfinity-brown-optimized/xfinitybrown-bold.woff2
Requested by: Host: cdn.comcast.com
URL: https://cdn.comcast.com/cmp/css/cookie-consent.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:4aa::30d4 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69420c9db91c689c4ea04655f57a0bcea09b71003f21cd5e56afa71b80f049f0

Request headers

Referer: https://cdn.comcast.com/
Origin: https://my.xfinityprepaid.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: wLTRc_PzG18X6JsncuLR0xfeIe_jGYFj
date: Mon, 20 Nov 2023 09:15:34 GMT
last-modified: Thu, 15 Dec 2022 15:23:00 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
etag: "ee9034e40cbca864ab03bdfab7ea3f8f"
x-amz-server-side-encryption: AES256
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 88920
x-amz-cf-id: n4jeASXFB_9geZegFGOoHPEZrZzKMPg93JMJ2XKe55jNXERjLySWeg==

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
301 B 120ms
120ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://my.xfinityprepaid.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://my.xfinityprepaid.com
Date: Mon, 20 Nov 2023 09:15:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=v86csf1&ref=https%3A%2F%2Fmy.xfinityprepaid.com%2F&upid=ykkm5a6&upv=1.1.0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:22:38	Name: X-AB Value: undefined
.xfinityprepaid.com/	1970-01-20 18:30:47	Name: _gcl_au Value: 1.1.692101225.1700471732
.xfinityprepaid.com/	1970-01-21 01:57:11	Name: _ga_3HZMHDCGDN Value: GS1.1.1700471732.1.0.1700471732.60.0.0
.xfinityprepaid.com/	1970-01-21 01:57:11	Name: _ga Value: GA1.2.1984655925.1700471732
.xfinityprepaid.com/	1970-01-20 16:22:38	Name: _gid Value: GA1.2.459535637.1700471732
my.xfinityprepaid.com/	1969-12-31 23:59:59	Name: XSRF-TOKEN Value: d7e2d5b6466a8801b52b73f6bb28acc2c6501c96ce3b6f055e85064e00a84878
.xfinityprepaid.com/	1970-01-20 16:21:11	Name: _dc_gtm_UA-89578981-1 Value: 1
.flashtalking.com/	1970-01-21 01:50:35	Name: flashtalkingad1 Value: "GUID=58023C36DD3C67\|segment=(y41_U6_VALUE-m:c_SV_12345)"
.xfinityprepaid.com/	1970-01-20 16:22:38	Name: _uetsid Value: 5b0d8440878511ee8abccbf83846fdea
.xfinityprepaid.com/	1970-01-21 01:42:47	Name: _uetvid Value: 5b0e2a00878511ee9547656ff477c497
.xfinityprepaid.com/	1970-01-21 01:50:58	Name: _scid Value: a4aeabab-53c0-4b44-a169-9f88aa6e584b
.xfinityprepaid.com/	1970-01-21 01:50:58	Name: _scid_r Value: a4aeabab-53c0-4b44-a169-9f88aa6e584b
.bing.com/	1970-01-21 01:42:47	Name: MUID Value: 01D109EAAF07644113001A25AE6C6513
.comcast.demdex.net/	1970-01-20 20:40:23	Name: comcast Value: 26752543767191418641215463543658529648
.xfinityprepaid.com/	1970-01-20 16:21:18	Name: bm_sv Value: 79DC4A27F40131DEC0AE78666CC402C7~YAAQOVITAvJZlumLAQAA0ngD7BULQHj3MY/GR8Ph2wF5dkJBjIOHcQ4X3w9MIpJ02Di0xOg5wpJeOFFJ1v+O6Mhf3l7gDmwb67sdCviLao2PEhaTV/fk2+Sl1Vfbc61lRcU2FzE38EwoF2Uz03Ui+fBnbtfjb6q7niBPb68Vu5/BLsX7+xt7ltUNlHcbNPFE7higQr71Rn4PJYqPvUBvPpJa4mOZlMHhx7U2tiSl3zUeQK3dx2y0/kPLcxTGc/xfQcTEP4qkOvA=~1
.demdex.net/	1970-01-20 20:40:23	Name: demdex Value: 75242422259595548001323084907189955827
.xfinityprepaid.com/	1970-01-20 18:30:47	Name: _fbp Value: fb.1.1700471732499.941283888
.dpm.demdex.net/	1970-01-20 20:40:23	Name: dpm Value: 75242422259595548001323084907189955827
.xfinityprepaid.com/	1970-01-20 16:21:18	Name: ak_bmsc Value: A909B076903235DD5BD49EDD5D3576C0~000000000000000000000000000000~YAAQOVITAvRZlumLAQAAY3kD7BXKQ6rnu3wZEdtQm2J8Sdx8mCKiRgQjbR/5BYf/M9+2EP9aAVwUsax055k5P7vVsOq6NN8q8QUh0PP2snTmRhH1jPjE2bu9kNZ19VgwTa+dnO7LiOBHhQ6ZSL+I2C7El9oevRiIGWXNOq8e+NkgPjpYRRnBQXzj1yiSb4hFgtAGNK1iq4vAWvp/E9D9d77OhqVc9hzzvy+ci4c6dqcDEyI0LYBkJfK7si2NStPwxV2UXadIwLRcN9eCwR1wLNXrAPrXdJwXfK968qWU2wuhUJWlVT8Vgl4i0C2C2CgyDkEOVBIubAus4cXHlAKjwJbaJofrCul2wFezWEQRGeKBaU9o1CymBzM/thNj/ep74CN6mPH1hYdaomq8xitwBM3WHnzGGVhmxg6vwLrIVE6Duu6PdA73q2bq0RQK6cGn2UabcdSwOuILvDggg80KXSOjr3sLPc976v+dGuQmCIuUHC/WkXABzJ6S7SYWZPgiWvTQwHwW2fgFW4S5IaQw9fQa4gYMF454443RhMje1UI=
www.clarity.ms/	1970-01-21 01:06:47	Name: CLID Value: 2ee9c0e15abd4cb188a538792174fd00.20231120.20241119
.xfinityprepaid.com/	1970-01-21 01:06:47	Name: _clck Value: 1rtsnzk%7C2%7Cfgv%7C0%7C1419
.doubleclick.net/	1970-01-21 01:42:47	Name: IDE Value: AHWqTUl9iETC0bf_W0bw5-lhDesAKmYZsPwDwpxn0PVZiC8UjI2dJjKetOBE0nbPE7k
.turn.com/	1970-01-20 20:40:23	Name: uid Value: 2940749918454226726
.xfinityprepaid.com/	1970-01-20 16:22:38	Name: _clsk Value: 1bctck4%7C1700471733332%7C1%7C1%7Cx.clarity.ms%2Fcollect
.amazon-adsystem.com/	1970-01-20 21:43:45	Name: ad-id Value: A8uEe96tukt3pqGfVpmGcBI
.amazon-adsystem.com/	1970-01-21 01:57:11	Name: ad-privacy Value: 0
.quantserve.com/	1970-01-21 01:51:26	Name: mc Value: 655b23b5-a974e-b842a-95615
.c.bing.com/	1970-01-20 16:31:16	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:42:47	Name: SRM_B Value: 01D109EAAF07644113001A25AE6C6513
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:42:47	Name: MUID Value: 01D109EAAF07644113001A25AE6C6513
.c.clarity.ms/	1970-01-20 16:31:16	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:21:12	Name: ANONCHK Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://my.xfinityprepaid.com/ Message: Mixed Content: The page at 'https://my.xfinityprepaid.com/' was loaded over HTTPS, but requested an insecure element 'http://comcast.demdex.net/event?d_sid=10520115'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://idsync.rlcdn.com/422866.gif?partner_uid=99999999999999& Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: wss://.hotjar.com; img-src 'self' data: https:; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=15768000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4053494.fls.doubleclick.net
adservice.google.com
adservice.google.de
app.securiti.ai
bat.bing.com
c.bing.com
c.clarity.ms
cdn-prod.securiti.ai
cdn.comcast.com
comcast.demdex.net
common-payment.xfinity.com
connect.facebook.net
dpm.demdex.net
googleads.g.doubleclick.net
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
login.dotomi.com
my.xfinityprepaid.com
pixel.quantserve.com
r.turn.com
region1.analytics.google.com
rules.quantcount.com
s.amazon-adsystem.com
sc-static.net
secure.quantserve.com
servedby.flashtalking.com
static.cimcontent.net
stats.g.doubleclick.net
tr.snapchat.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.clarity.ms
insight.adsrvr.org
142.250.184.194
142.250.185.230
143.204.207.250
20.114.190.119
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
23.212.202.173
2600:9000:2156:7800:12:1bf:30c0:93a1
2600:9000:223c:7a00:6:44e3:f8c0:93a1
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:46::44
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2002
2a00:1450:400c:c06::9a
2a02:26f0:7100:882::2af2
2a02:26f0:f500:496::20b
2a02:26f0:f500:4aa::30d4
2a02:26f0:f500:4b7::20b
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.33.255.181
35.190.43.134
35.244.174.68
52.210.32.130
52.46.155.104
52.51.74.64
65.9.65.116
68.219.88.97
89.207.16.204
020e9e48d93ba9d27e827e8246dd9f855c388ff4697ba14d647fcc4d9b1ccdef
0e22fff916516df387fff0184f9d25452be3f525bea470919f8e485fb726601e
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
1a8db56c9dcf9666753d6fa47995ea8f8927a77b05bd04f8eebcf707b13e2079
1b04515011d220f7d50a576bd76b7935f0bb6298cd13a1ea5fbad6b3ee9f1bba
1bd8801ef04b2a4e956899f4347fa8dde4750139128bbf77f8f5d3b7a04ca327
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2039ec804489c4e763ba92a8d48d5396e322acec3e7b90899052f8dd811659b9
24f3c34df40e7a78bdad156bfbb8b96b4df3df16168e209cde34b9efb2fe9f82
2db1dbcf1a4a6e63576e5f22320949e1ddc87ff4c10ff26ec353abc9540cd228
343e72804a7c8c4bbb943dd65a25447565392195d5bd22c26a53411da6d4e646
34eace17373618f0ef6ad0052c607c2b3a6c02af6a6e0a1d16fa15efb97c139d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3ff9c98e18a7bb764fd4e085795121138dd1e4355a0db621aa9f9b10d1e8b66d
40d85119d069c30d3af7472e75b0755e4953e15fa2cc7601feebf2c6483b8c16
440fa6989d84e239fbf9008aba1baaa185a93bee50b9a2c516881fc802da2f0c
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4740cbe45b4e3ef984bbcd4e37e2d48d1ba86d60fb77e3e037da4d6db8147ed1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4926583bd36e157f838796fcb067f190efbbb4c69be74fc7b23e80bce67a1cb0
5316ddd45870c6fa42099517527eb2fcfc5324446c9df4a0adaa7b0dd123b09a
56ba66ae09f81233fc0266d0f1752d3f82a866263c7a764755fa2230c8690207
5a492b5714e9b734f99173445449b7a159fb42679fa2d52cc58e06ca5a49e496
5c361e86c551c52e3cd2e22808e3f7cf116e22652f129b6b233b6f8ba3cabc91
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
69420c9db91c689c4ea04655f57a0bcea09b71003f21cd5e56afa71b80f049f0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70580eaffefc90f52839fc42b50e21359ac9cd387d6373b5f0d6871b401b4740
75e2329c5225d196e704a440673570fde4031b1fc97f14db9dfb636206d8c9b3
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7acd96157e5b08243d9c9214c1c3aba037f5d5a8c877af29fd4e2ec5d331f7ab
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8107d336fd1e5fee55e5a439af3165b98a39d84e25a0d55af1179d8e1b7b19ea
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
944544db414ef461151f0110a0517eb358bb2b427fe7d679fd05bae4d37ae1a9
97227462787fb99c7969acc44b0c88534ee9e1766cc074e9d60e8c9fb6b144e0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b25062d1343cc917ea0ef02f02375f98706eaf6665c49734ebca10a0d363e92
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
ac7ab1854db99c8278486132a7cef4a5d4f2992fd59488d02b4a5c5a071407d0
b00c817db3279f4c835949b0271c729e4b42daa4fb9e9c1482428a91db78507b
b834c9be4e7af32da221f3e746be0a0662978c3a7b7c89704a61991ff86076a8
bc1971acc453de1dcfb48b5942a74084788b472604cad8e75a70a0ba836639c8
c09a53ed0aac9304f40206a035f791807dd2e58dc137b802ac341bcff4deda49
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6518cb45e8ef901a3a023c4660911e819c051828ddd30f5d4d7adbe1df35426
ce4670bc0adce1fc2caad3f70c242d0dd410820a82b52835b86569fe2453c052
d005ba540a461b77fa40250225ce65e37bd31d11eaf957e21fee976472fc98dc
d61a6b3234c115e36708d7bbf28cc53c3dc234feddecbba63f52dbca4254145e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebec0a242eb62dac37ad10740e7797b748ff93103796ed6509414a751ce86820
ed3e6f6e4fd2a9cf28cf725c7eda293f69c67f5740a79dc58eca9ac914d18b6a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

my.xfinityprepaid.com Open in urlscan Pro 2a02:26f0:f500:4b7::20b Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

71 Requests

90 %HTTPS

60 %IPv6

26 Domains

38 Subdomains

32 IPs

6 Countries

1428 kBTransfer

4432 kBSize

33 Cookies

7 Outgoing links

Page URL History

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

my.xfinityprepaid.com Open in urlscan Pro
2a02:26f0:f500:4b7::20b Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

90 %
HTTPS

60 %
IPv6

26
Domains

38
Subdomains

32
IPs

6
Countries

1428 kB
Transfer

4432 kB
Size

33
Cookies

71 HTTP transactions
3 data transactions