urlscan.io logo urlscan.io
SecurityTrails logo

my.xfinity.com Open in urlscan Pro
2a02:26f0:6c00:2bd::1b62  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://my.xfinity.com/terms/web/
Effective URL: https://my.xfinity.com/terms/web/
Submission Tags: phishing
Submission: On November 03 via api from AU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 10 domains to perform 44 HTTP transactions. The main IP is 2a02:26f0:6c00:2bd::1b62, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is my.xfinity.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on May 4th 2020. Valid for: 2 years.
This is the only time my.xfinity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    2a02:26f0:6c00:2bd::1b62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
my.xfinity.com
sdx.xfinity.com
auth.xfinity.com
2    2a02:26f0:6c00:2b2::30d4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static.cimcontent.net
4    2a02:26f0:6c00:28a::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
3    2001:558:fe03:37::2 (United States)

ASN7922 (COMCAST-7922, US)
polaris.xfinity.com
2    2001:558:fe21:38:162:150:57:167 (United States)

ASN7922 (COMCAST-7922, US)
oauth.xfinity.com
1    2a02:26f0:6c00::210:bae0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
login.xfinity.com
1    2a02:26f0:6c00:2bf::2af2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.xfinity.com
2    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
fls.doubleclick.net
4053494.fls.doubleclick.net
4    2600:9000:2156:200:8:e7ba:7440:93a1 (United States)

ASN16509 (AMAZON-02, US)
universal.iperceptions.com
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    209.197.3.19 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: vip0x013.map2.ssl.hwcdn.net
servedby.flashtalking.com
2    108.128.92.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-92-179.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
metrics.xfinity.com
2    2600:1f18:336:b300:ca1e:4102:aa2c:1d89 (None, )

ASN- ()
melee.sed.dh.comcast.net
2    52.138.200.61 (None, )

ASN- ()
api.iperceptions.com
1    2600:9000:2156:e400:18:ee0c:6e00:93a1 (None, )

ASN- ()
sd.iperceptions.com
Domain Requested by
9 my.xfinity.com 1 redirects my.xfinity.com
6 servedby.flashtalking.com my.xfinity.com
servedby.flashtalking.com
4 universal.iperceptions.com my.xfinity.com
universal.iperceptions.com
4 sdx.xfinity.com my.xfinity.com
polaris.xfinity.com
4 assets.adobedtm.com static.cimcontent.net
assets.adobedtm.com
3 polaris.xfinity.com my.xfinity.com
polaris.xfinity.com
2 api.iperceptions.com static.cimcontent.net
2 melee.sed.dh.comcast.net static.cimcontent.net
2 dpm.demdex.net 1 redirects servedby.flashtalking.com
2 oauth.xfinity.com 2 redirects
2 auth.xfinity.com 2 redirects
2 static.cimcontent.net my.xfinity.com
1 sd.iperceptions.com universal.iperceptions.com
1 metrics.xfinity.com assets.adobedtm.com
1 adservice.google.com 4053494.fls.doubleclick.net
1 4053494.fls.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com my.xfinity.com
1 fls.doubleclick.net assets.adobedtm.com
1 www.xfinity.com my.xfinity.com
1 login.xfinity.com 1 redirects
0 post.iperceptions.com Failed static.cimcontent.net
44 21
Subject Issuer Validity Valid
www.xfinity.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2020-05-04 -
2022-05-04		 2 years crt.sh
static.cimcontent.net
COMODO RSA Organization Validation Secure Server CA		 2020-04-16 -
2022-04-16		 2 years crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-10 -
2022-09-10		 a year crt.sh
polaris.xfinity.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-12 -
2022-10-12		 a year crt.sh
xapi.xfinity.com
COMODO RSA Organization Validation Secure Server CA		 2020-05-07 -
2022-05-07		 2 years crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.iperceptions.com
Amazon		 2021-04-15 -
2022-05-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-04 -
2022-02-22		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
metrics.xfinity.com
COMODO RSA Organization Validation Secure Server CA		 2021-09-07 -
2022-09-07		 a year crt.sh
*.sed.dh.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2021-01-20 -
2022-01-20		 a year crt.sh

This page contains 6 frames:

Primary Page: https://my.xfinity.com/terms/web/
Frame ID: 4A0981EA013C36CBFA5D7AE72B275FD6
Requests: 29 HTTP requests in this frame

Frame: https://my.xfinity.com/sso/oauth/iframe/
Frame ID: 095FC7AB9E6166DD46BF937D8BDB4411
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
Frame ID: A72CCA91D95F7CDF9444F67A84D3F14B
Requests: 7 HTTP requests in this frame

Frame: https://4053494.fls.doubleclick.net/activityi;src=4053494;type=comca517;cat=xfini022;ord=7416041007507;gtm=dar;auiddc=1455235621.1635943775;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F
Frame ID: F5EBFD19AD028E10259B60569ABF253F
Requests: 2 HTTP requests in this frame

Frame: https://polaris.xfinity.com/orc.html?domain=my.xfinity.com
Frame ID: 2C7989173CDE2146C5F147FABE8BC085
Requests: 2 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 8DDE15D830BFE3E11828501AE1C6E382
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Xfinity | Terms of Service

Page URL History Show full URLs

  1. http://my.xfinity.com/terms/web/ HTTP 301
    https://my.xfinity.com/terms/web/ Page URL

Page Statistics

44
Requests

95 %
HTTPS

71 %
IPv6

10
Domains

21
Subdomains

16
IPs

4
Countries

515 kB
Transfer

1594 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.xfinity.com/terms/web/ HTTP 301
    https://my.xfinity.com/terms/web/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://auth.xfinity.com/oauth/login?passive=true&state=https://my.xfinity.com/sso/oauth/iframe/ HTTP 302
  • https://oauth.xfinity.com/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.xfinity.com%2Foauth%2Fcallback&client_id=my-xfinity&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fiframe%2F&prompt=none HTTP 302
  • https://login.xfinity.com/login?r=comcast.net&s=oauth&continue=https%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fauth.xfinity.com%252Foauth%252Fcallback%26client_id%3Dmy-xfinity%26state%3Dhttps%253A%252F%252Fmy.xfinity.com%252Fsso%252Foauth%252Fiframe%252F%26prompt%3Dnone%26response%3D1&client_id=my-xfinity&reqId=4639551a-64c2-43c6-92ec-24d5730f4251&passive=1 HTTP 302
  • https://oauth.xfinity.com/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.xfinity.com%2Foauth%2Fcallback&client_id=my-xfinity&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fiframe%2F&prompt=none&response=1&lang=en HTTP 302
  • https://auth.xfinity.com/oauth/callback?error=login_required&error_description=User%20login%20required&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fiframe%2F HTTP 302
  • https://my.xfinity.com/sso/oauth/iframe/
Request Chain 21
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=99999999999999& HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&

44 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
my.xfinity.com/terms/web/
Redirect Chain
  • http://my.xfinity.com/terms/web/
  • https://my.xfinity.com/terms/web/
65 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
56ef00d5376d89ecbd97e38ebf7803bed7d228eee2e9e76aa59dbd9210209a24
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=utf-8
etag
W/"d54fbbad8d11fd4433f302bb8cbd05c1"
fingerprint
_production_cf_g3_75518_1635943774065
x-frame-options
SAMEORIGIN
x-request-id
a78e4c0d-fba7-4c93-81af-f9c90acfeaad
x-runtime
0.195542
x-ua-compatible
IE=Edge
x-vcap-request-id
cfa908aa-1074-44c4-4826-4a2f53c12259
vary
Accept-Encoding
content-encoding
gzip
cache-control
public, max-age=299
date
Wed, 03 Nov 2021 12:49:34 GMT
content-length
21809

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://my.xfinity.com/terms/web/
Date
Wed, 03 Nov 2021 12:49:33 GMT
Connection
keep-alive
legal-69528c47ddc8578d5062ee5dc996b6fc.css
my.xfinity.com/assets/channels/ 		28 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my.xfinity.com/assets/channels/legal-69528c47ddc8578d5062ee5dc996b6fc.css
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
286f65bc79eb7fec2ddc2e26c91a4c1d222f90a6ff46e77a60c5d335554c0d11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:51:22 GMT
server
AkamaiNetStorage
etag
"9f8527efa05e5e60750358ba38b7df5e:1635180682.044052"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
13802
datalayer-resi-slim.min.js
static.cimcontent.net/data-layer/ 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/data-layer/datalayer-resi-slim.min.js?appID=resi_myxfn
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
185b0dde3b4401b5c9e5ed71d8a39dbb601fd06b2894dbf090752dd353104c04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-amz-version-id
9jo66Ybd17KbcsuOT6TPqwAvmbP5VIIP
content-encoding
br
last-modified
Mon, 18 Oct 2021 00:12:17 GMT
server
Akamai Resource Optimizer
x-amz-cf-pop
PHL50-C1
etag
"92ae860d6ad6e75b2b26b7ef4a49c886"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
date
Wed, 03 Nov 2021 12:49:34 GMT
accept-ranges
bytes
content-length
19976
x-amz-cf-id
Xso06AknSHlMYbvd80OEbymCBXOiJUvof4gQIB34lJ3hRMjI78cSnA==
oauth.umd.min-1a880f61190ca5a759decc3c57d0d249.js
my.xfinity.com/assets/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.xfinity.com/assets/oauth.umd.min-1a880f61190ca5a759decc3c57d0d249.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1982e8cbe6846d3a9d033a9a755b2dc4e43c0006fbb1a17ae13937916f64507a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:50:32 GMT
server
AkamaiNetStorage
etag
"8ae88ab0574a4e62f4430aed2cccb02a:1635180632.946462"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
3571
xapi-lib-this-prod.min-b62f1cb0d8faec8c2f9c30acb6129edc.js
my.xfinity.com/assets/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.xfinity.com/assets/xapi-lib-this-prod.min-b62f1cb0d8faec8c2f9c30acb6129edc.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
63f3b6f4301ee30fbc15aa65fdc463e948cfa581930dda3ef38268aa5d466aa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:51:30 GMT
server
AkamaiNetStorage
etag
"7bc82e2d42164eb1081ed51a9d34bb70:1635180690.988763"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
16496
application_top-e1e70700207cb68599ae03542a030498.js
my.xfinity.com/assets/ 		219 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.xfinity.com/assets/application_top-e1e70700207cb68599ae03542a030498.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f55a052b29d0f04d49b5724c064c6601cd77f553ad71f6a8abb50c9c216fc0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:51:56 GMT
server
AkamaiNetStorage
etag
"eae8c932f6ed82017ea2d6ee594163b9:1635180716.605713"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
master_top-4f889393e45169eb10efc66c9658037a.js
my.xfinity.com/assets/ 		281 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.xfinity.com/assets/master_top-4f889393e45169eb10efc66c9658037a.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5089bf7e3a332fdfc24435e0a09602ff7e306c4d877da091e7e65557dd458262

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:51:25 GMT
server
AkamaiNetStorage
etag
"89b9bec92ccd77836563b2e1121f549e:1635180685.517166"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
legal-f11ca3d817ecac2afea25e800339d0fb.js
my.xfinity.com/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.xfinity.com/assets/legal-f11ca3d817ecac2afea25e800339d0fb.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
81aedb8b8a300c346eeae360f6cc9de22c93e79e95e7255c73a1ec687468d2fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:50:46 GMT
server
AkamaiNetStorage
etag
"7f7a9a470cc0a7e6e9348e98a3ba16f6:1635180646.395136"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
1355
launch-29c49a6863fd.min.js
assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/ 		304 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/launch-29c49a6863fd.min.js
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/datalayer-resi-slim.min.js?appID=resi_myxfn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
816f0c1e7d06fa3c17fee7bffeb51d87485df627dde9a00e6535c8a667dcfd97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 20:07:01 GMT
server
AkamaiNetStorage
etag
"70d27e7fd38b1a7b7de39c761d518cfe:1635883621.948762"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://my.xfinity.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
94195
expires
Wed, 03 Nov 2021 13:49:34 GMT
polaris.wc.js
polaris.xfinity.com/ 		122 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://polaris.xfinity.com/polaris.wc.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:558:fe03:37::2 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
55.9435d7f.el7 /
Resource Hash
41bfc95ff2b0b626ffe0397a00c0fce925d7689f3ea120acee25e71c5ee2808b
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

Date
Wed, 03 Nov 2021 12:49:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
55.9435d7f.el7
Age
0
Vary
accept-language
Strict-Transport-Security
max-age=31540000
Content-Type
application/javascript
Via
http/1.1 cdn-mid-bad-01.whitemarsh.md.bad.comcast.net (52.d47d486.el7 [uScMsSfWpSeN:t cCMpSs ]), http/1.1 odol-atsec-bos-47.malden.ma.boston.comcast.net (55.9435d7f.el7 [uScMsSfWpSeN:t cCMpSs ])
X-Vcap-Request-Id
47dea846-b54c-42b0-657e-8ee12f6b6405
Cache-Control
max-age=86400, s-maxage=1800, stale-if-error=3600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Nov 2021 12:49:37 GMT
XfinityStandard-Regular.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/channels/legal-69528c47ddc8578d5062ee5dc996b6fc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Referer
https://my.xfinity.com/
Origin
https://my.xfinity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

x-amz-version-id
kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"e3e79cd377b28c1e7ffea64b194136cf"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1908074
date
Wed, 03 Nov 2021 12:49:34 GMT
accept-ranges
bytes
content-length
26768
x-amz-cf-id
0GWwjsiBzJGe8MgjhwAySfDM5ZcxIZDt5ZhIKogVBzvLM4gAUddR3Q==
XfinityStandard-Thin.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Thin.woff2
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/channels/legal-69528c47ddc8578d5062ee5dc996b6fc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44f222333b4c6396b38f2e06dc73d385d243e2b36a30914fd10b6ddb4e831017

Request headers

Referer
https://my.xfinity.com/
Origin
https://my.xfinity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

x-amz-version-id
bxgN27mK5618uKSmNEOffcVgf2unEoWp
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"63971dfcbf18dc975adf178d85295f9c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1827205
date
Wed, 03 Nov 2021 12:49:34 GMT
accept-ranges
bytes
content-length
33252
x-amz-cf-id
XTFJTUbpOr1FjexvdGAPmSJDWTSI6dStHnNitO0BnsG0JciXs69Jgw==
/
my.xfinity.com/sso/oauth/iframe/ Frame 095F
Redirect Chain
  • https://auth.xfinity.com/oauth/login?passive=true&state=https://my.xfinity.com/sso/oauth/iframe/
  • https://oauth.xfinity.com/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.xfinity.com%2Foauth%2Fcallback&client_id=my-xfinity&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fi...
  • https://login.xfinity.com/login?r=comcast.net&s=oauth&continue=https%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fauth.xfinity.com%252Fo...
  • https://oauth.xfinity.com/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.xfinity.com%2Foauth%2Fcallback&client_id=my-xfinity&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fi...
  • https://auth.xfinity.com/oauth/callback?error=login_required&error_description=User%20login%20required&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fiframe%2F
  • https://my.xfinity.com/sso/oauth/iframe/
1 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://my.xfinity.com/sso/oauth/iframe/
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/application_top-e1e70700207cb68599ae03542a030498.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
240136ffc987721bc1563fcbe5b9ce20fd64418d87ef8a3e19af590c3e43a681
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/

Response headers

content-type
text/html;charset=utf-8
etag
W/"d131e84054774d532ad080add06a29fe"
fingerprint
_production_cf_g3_54522_1635943777974
x-frame-options
SAMEORIGIN
x-request-id
161c0229-3abf-4faf-82b4-632f8c9496b8
x-runtime
0.003268
x-ua-compatible
IE=Edge
x-vcap-request-id
8ca7b691-e9ca-42e9-6f28-2f921c2138a2
vary
Accept-Encoding
content-encoding
gzip
content-length
509
cache-control
public, max-age=300
date
Wed, 03 Nov 2021 12:49:38 GMT

Redirect headers

content-language
de-DE
content-length
0
location
https://my.xfinity.com/sso/oauth/iframe/
x-vcap-request-id
97587b62-1b6e-424d-6742-027bde655027
date
Wed, 03 Nov 2021 12:49:37 GMT
5BF28DC6EBA54E929173CC7B0D9B6E69
www.xfinity.com/-/media/ 		269 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.xfinity.com/-/media/5BF28DC6EBA54E929173CC7B0D9B6E69?ts=1635943774815
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bf::2af2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f6c8fe3d9d39c232c48874cb05e4b88fc313b703b4671333badf8c96ff9b130
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-xfnlog-site
XDS
last-modified
Thu, 31 May 2018 15:11:27 GMT
etag
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
date
Wed, 03 Nov 2021 12:49:35 GMT
content-disposition
inline; filename="data-layer.jpg"
accept-ranges
bytes
content-length
269
expires
Wed, 03 Nov 2021 12:49:35 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/launch-29c49a6863fd.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://my.xfinity.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Wed, 03 Nov 2021 13:49:34 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/launch-29c49a6863fd.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://my.xfinity.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Wed, 03 Nov 2021 13:49:34 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/launch-29c49a6863fd.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28a::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:53 GMT
server
AkamaiNetStorage
etag
"c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://my.xfinity.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Wed, 03 Nov 2021 13:49:34 GMT
json
fls.doubleclick.net/ 		40 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fls.doubleclick.net/json?spot=4053494&src=1516422&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=4719762986556
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/launch-29c49a6863fd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60
x-xss-protection
0
pragma
no-cache
server
cafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=ISO-8859-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrapper.js
universal.iperceptions.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://universal.iperceptions.com/wrapper.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 12:44:35 GMT
content-encoding
gzip
content-md5
d5YIeO59lrTqhttidyvULA==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
access-control-allow-origin
*
last-modified
Mon, 22 Mar 2021 18:02:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-ms-request-id
44da13d6-601e-0138-4fde-cff791000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-id
8inbjVo8NyU5QzdYZjDmm7iriwbW9JZCxgPePpM7OI7AQ1sBoYuQyQ==
js
www.googletagmanager.com/gtag/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-4053494
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
053379f931af838aba16e619dd873938953e260fd606cf1a15cc597147c39134
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 12:49:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35591
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Nov 2021 12:49:34 GMT
/
servedby.flashtalking.com/container/12345;91797;9487;iframe/ Frame A72C 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app39.frk11 /
Resource Hash
72518af3befc85b18d47d83e9f0fe9010766f5dcd4daa2b583615989ccb04235

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/

Response headers

Date
Wed, 03 Nov 2021 12:49:34 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app39.frk11
Pragma
no-cache
X-HW
1635943774.dop241.fr8.t,1635943774.cds201.fr8.shn,1635943774.dop241.fr8.t,1635943774.cds015.fr8.sc,1635943774.cds015.fr8.p
/
servedby.flashtalking.com/segment/modify/uxf;;pixel/ Frame A72C 		42 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/segment/modify/uxf;;pixel/?name=ExistingCustomer__CustomerHomepage__MyXfinity__Xfinitycom_RTG_ACQ_3675199_LearnnLanding_MyXfinity2016
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app30.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
User-Agent
phishfarmer

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 12:49:34 GMT
Server
prod-xre-app30.frk11
X-HW
1635943774.dop214.fr8.shc,1635943774.dop214.fr8.t,1635943774.cds145.fr8.sc,1635943774.cds145.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
demconf.jpg
dpm.demdex.net/ Frame A72C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=99999999999999&
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
42 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
Protocol
HTTP/1.1
Server
108.128.92.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-92-179.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
phishfarmer

Response headers

DCS
dcs-prod-irl1-2-v019-0440bd2ad.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
104,303
X-TID
wTM4MQ4DRts=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v019-0d5309355.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
W2fmLE+JRgo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
servedby.flashtalking.com/spot/8/12345;92909;9487/ Frame A72C 		42 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/spot/8/12345;92909;9487/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app17.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
User-Agent
phishfarmer

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 12:49:35 GMT
Server
prod-xre-app17.frk11
X-HW
1635943774.dop214.fr8.shc,1635943774.dop214.fr8.t,1635943775.cds011.fr8.sc,1635943775.cds011.fr8.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
/
servedby.flashtalking.com/spot/1/12345;108289;11135/ Frame A72C 		42 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/spot/1/12345;108289;11135/?spotName=Comcast_SiteVisit&ftXRef=&U7=https%253A//my.xfinity.com/terms/web/&cachebuster=409980.03102835326
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app20.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
User-Agent
phishfarmer

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 12:49:34 GMT
Server
prod-xre-app20.frk11
X-HW
1635943774.dop107.fr8.shc,1635943774.dop107.fr8.t,1635943774.cds122.fr8.sc,1635943774.cds122.fr8.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
/
servedby.flashtalking.com/segment/modify/y41_;;pixel/ Frame A72C 		42 B
524 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/segment/modify/y41_;;pixel/?valuePairs=c_SV_12345
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app12.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
User-Agent
phishfarmer

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 12:49:34 GMT
Server
prod-xre-app12.frk11
X-HW
1635943774.dop103.fr8.shc,1635943774.dop103.fr8.t,1635943774.cds201.fr8.sc,1635943774.cds201.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
/
servedby.flashtalking.com/segment/2/read/a;;pixel/ Frame A72C 		42 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=9487&d=my.xfinity.com&r=terms/web/
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app8.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=726679.9811209004
User-Agent
phishfarmer

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 12:49:34 GMT
Server
prod-xre-app8.frk11
X-HW
1635943774.dop214.fr8.shc,1635943774.dop214.fr8.t,1635943774.cds145.fr8.sc,1635943774.cds145.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
activityi;src=4053494;type=comca517;cat=xfini022;ord=7416041007507;gtm=dar;auiddc=1455235621.1635943775;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F
4053494.fls.doubleclick.net/ Frame F5EB 		371 B
673 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4053494.fls.doubleclick.net/activityi;src=4053494;type=comca517;cat=xfini022;ord=7416041007507;gtm=dar;auiddc=1455235621.1635943775;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4053494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
27da9afb7ac8703f93d3914ae4c43e0c7bcaaa8ade8902c9aa5cc31b4fb7c205
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 03 Nov 2021 12:49:35 GMT
expires
Wed, 03 Nov 2021 12:49:35 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=ISO-8859-1
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
305
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
src=4053494;type=comca517;cat=xfini022;ord=7416041007507;gtm=dar;auiddc=*;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F
adservice.google.com/ddm/fls/z/ Frame F5EB 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/src=4053494;type=comca517;cat=xfini022;ord=7416041007507;gtm=dar;auiddc=*;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F
Requested by
Host: 4053494.fls.doubleclick.net
URL: https://4053494.fls.doubleclick.net/activityi;src=4053494;type=comca517;cat=xfini022;ord=7416041007507;gtm=dar;auiddc=1455235621.1635943775;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4053494.fls.doubleclick.net/
User-Agent
phishfarmer

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 12:49:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Referer
https://my.xfinity.com/
Origin
https://my.xfinity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

x-amz-version-id
kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"e3e79cd377b28c1e7ffea64b194136cf"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1908071
date
Wed, 03 Nov 2021 12:49:37 GMT
accept-ranges
bytes
content-length
26768
x-amz-cf-id
JxslSHTV_FRD0OYWoPLXvgr7dnTI7FGo_Sxi1cgB9cEA_TJDAjUmUg==
orc.html
polaris.xfinity.com/ Frame 2C79 		20 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://polaris.xfinity.com/orc.html?domain=my.xfinity.com
Requested by
Host: polaris.xfinity.com
URL: https://polaris.xfinity.com/polaris.wc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:558:fe03:37::2 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
55.9435d7f.el7 /
Resource Hash
7fda360d9cf785dc6421a44bff9d84e0e8ddbd3eb003b2d0acd6439b0e1d7d05
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/

Response headers

Cache-Control
max-age=86400 s-maxage=1800, stale-if-error=3600
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 03 Nov 2021 12:47:26 GMT
Expires
Thu, 04 Nov 2021 12:47:26 GMT
Server
55.9435d7f.el7
Strict-Transport-Security
max-age=31540000
X-Content-Type-Options
nosniff
X-Vcap-Request-Id
e6529054-6ba6-4043-6183-e75667e42114
Age
131
Content-Length
7411
Via
http/1.1 cdn-mid-bad-303.metrodr.md.bad.comcast.net (52.d47d486.el7 [uScRs f p eN:t cCHp s ]), http/1.1 odol-atsec-bos-47.malden.ma.boston.comcast.net (55.9435d7f.el7 [uScRs f p eN:t cCHp s ])
Connection
keep-alive
xfinity_logo.svg
polaris.xfinity.com/images/svgs/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polaris.xfinity.com/images/svgs/xfinity_logo.svg
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:558:fe03:37::2 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
55.9435d7f.el7 /
Resource Hash
c7affb9d47b42dd36ced3ce81637c6e0a4db02f8c6f8b47fce040d991cc13515

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

Date
Tue, 02 Nov 2021 05:30:47 GMT
Via
http/1.1 cdn-mid-njs-01.plainfield.nj.panjde.comcast.net (52.d47d486.el7 [uIcSsSfUpNeN:t cCSpSs ]), http/1.1 odol-atsec-bos-47.malden.ma.boston.comcast.net (55.9435d7f.el7 [uScRs f p eN:t cCHp s ])
Last-Modified
Tue, 20 Oct 2020 13:02:52 GMT
Server
55.9435d7f.el7
Age
112730
Etag
"5f8edffc-622"
Content-Type
image/svg+xml
X-Vcap-Request-Id
e1579fbf-808f-45a7-49a1-4ebcbca0e598
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1570
Expires
Thu, 02 Dec 2021 05:30:47 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37c20f26af4b3ee4798d520759362c4e530c9d436848dc72c10cfbd89615fce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
phishfarmer

Response headers

Content-Type
image/png
bluebarpackage.json
sdx.xfinity.com/cms/data/bluebar/unauthorized/clients/myxfinity/ Frame 2C79 		21 B
394 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sdx.xfinity.com/cms/data/bluebar/unauthorized/clients/myxfinity/bluebarpackage.json
Requested by
Host: polaris.xfinity.com
URL: https://polaris.xfinity.com/orc.html?domain=my.xfinity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d658337681530c4bbeca6a59b71cf571ab24dbee929356e72b224522236ee89
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
application/json
Referer
https://polaris.xfinity.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer
Content-Type
application/json

Response headers

x-amz-version-id
null
etag
"9a4661fec145f8d2fce7c8266b7cebae"
x-amz-cf-pop
FRA53-C1
strict-transport-security
max-age=86400
content-length
21
last-modified
Mon, 08 Feb 2021 16:33:38 GMT
server
AmazonS3
date
Wed, 03 Nov 2021 12:49:38 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600
x-amz-meta-noderef
workspace://SpacesStore/bf90e5d4-5f6b-4c86-8101-a96ce565e4af
accept-ranges
bytes
x-amz-cf-id
WZjATJZbxmoDhohpySu2jdDQg5YOyw53RNWCtal5RIg0RR5k-E5IFQ==
bluebarpackage.json
sdx.xfinity.com/cms/data/bluebar/unauthorized/clients/myxfinity/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdx.xfinity.com/cms/data/bluebar/unauthorized/clients/myxfinity/bluebarpackage.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://polaris.xfinity.com
User-Agent
phishfarmer
Sec-Fetch-Mode
cors

Response headers

content-length
0
access-control-allow-methods
GET
access-control-allow-headers
content-type
access-control-max-age
3000
server
AmazonS3
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
p0e0mLz4QS3G1mRxqwcOrPevnXdrp-a2E2tjX76UdsM1H4lyzOWqww==
cache-control
max-age=600
date
Wed, 03 Nov 2021 12:49:38 GMT
strict-transport-security
max-age=86400
access-control-allow-origin
*
s6234947308622
metrics.xfinity.com/b/ss/comcastdotcomprod/10/JS-2.22.0-LBWB/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.xfinity.com/b/ss/comcastdotcomprod/10/JS-2.22.0-LBWB/s6234947308622?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=3%2F10%2F2021%2012%3A49%3A38%203%200&d.&nsid=0&jsonv=1&.d&mid=03951399445918116686688778374405107452&ce=UTF-8&pageName=resi%7Cselfservice%7Cmyxfinity%7Clegal%7Cterms%3Aweb&g=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F&cc=USD&ch=myxfinity&events=event125%3D44&v1=existing&c25=resi%7Cselfservice%7Cmyxfinity%7Clegal%7Cterms%3Aweb%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1600x1200&c35=legal&v37=D%3DpageName&c44=responsive%7Cmy-xfinity%7Cproduction_cf_g3%20env&v44=responsive%7Cmy-xfinity%7Cproduction_cf_g3%20env&c45=existing&v46=New%20Visitor&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c73=AA%20Hosted%20by%20Adobe%20Launch%20%7C%2011182020&v86=unauthenticated%7Cunrecognized&v91=nc&v99=comcast%7Cweb&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
684803166a42491492d8e72ae0bc2668397c0e6a056d1734611daf035f778084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-aam-tid
y6H8nO0mT0w=
date
Wed, 03 Nov 2021 12:49:38 GMT
x-content-type-options
nosniff
x-c
main-1540.I13d07b.M0-522
p3p
CP="This is not a P3P policy"
vary
*
content-length
3962
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v019-0f4b0dfcb.edge-irl1.demdex.com UNKNOWN
pragma
no-cache
last-modified
Thu, 04 Nov 2021 12:49:38 GMT
server
jag
xserver
anedge-b4c7fdd79-4fthn
etag
3513162512513925120-4619384327401780417
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 02 Nov 2021 12:49:38 GMT
iFrame.html
universal.iperceptions.com/ Frame 8DDE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://universal.iperceptions.com/iFrame.html
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/

Response headers

content-type
text/html
content-md5
Vmg/mBwwVR6Kl52r4KoGqg==
last-modified
Tue, 28 Jan 2020 16:03:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
50b1b066-601e-00d2-0488-cf4ec5000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 03 Nov 2021 12:49:10 GMT
vary
Accept-Encoding
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control
public,max-age=7200
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
iSFwViLVRRCyEndVoQ8BjiiMCvR9hnC6NvxgRuPAscJ24DJZQ4TPpQ==
xfn-cloud
melee.sed.dh.comcast.net/v2/unstructured/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://melee.sed.dh.comcast.net/v2/unstructured/xfn-cloud
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/datalayer-resi-slim.min.js?appID=resi_myxfn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:336:b300:ca1e:4102:aa2c:1d89 -, , ASN (),
Reverse DNS
Software
Melee /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

melee-token
AD7BE0B7-120E-4CA2-B58F-C71B46AAB7E7
Referer
https://my.xfinity.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 03 Nov 2021 12:49:38 GMT
x-client-id
myxfinity
x-elastic-write-status
TotalFailure
server
Melee
xfn-cloud
melee.sed.dh.comcast.net/v2/unstructured/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://melee.sed.dh.comcast.net/v2/unstructured/xfn-cloud
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:336:b300:ca1e:4102:aa2c:1d89 -, , ASN (),
Reverse DNS
Software
Melee /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,melee-token
Origin
https://my.xfinity.com
User-Agent
phishfarmer
Sec-Fetch-Mode
cors

Response headers

date
Wed, 03 Nov 2021 12:49:38 GMT
content-type
application/octet-stream
content-length
0
server
Melee
access-control-allow-origin
*
access-control-allow-methods
POST, GET
access-control-allow-headers
content-type,melee-token
InviteTriggers
api.iperceptions.com/ 		241 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.iperceptions.com/InviteTriggers
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/datalayer-resi-slim.min.js?appID=resi_myxfn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f78185def0ae6da0ed784c29f5823f22cb6208908dd77edb9dce04d47b2b2e7b

Request headers

Referer
https://my.xfinity.com/
Accept-Language
de-DE,de;q=0.9
SecurityToken
410f8076-db76-454d-bfc2-c724a5fc59b0
User-Agent
phishfarmer

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 12:49:38 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
241
expires
-1
InviteTriggers
api.iperceptions.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.iperceptions.com/InviteTriggers
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
securitytoken
Origin
https://my.xfinity.com
User-Agent
phishfarmer
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache
pragma
no-cache
expires
-1
server
Microsoft-IIS/10.0
access-control-allow-origin
*
access-control-allow-headers
securitytoken
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 03 Nov 2021 12:49:38 GMT
content-length
0
IpEngine_v78.0.js
universal.iperceptions.com/core/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://universal.iperceptions.com/core/IpEngine_v78.0.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 12:48:46 GMT
content-encoding
gzip
content-md5
ofN/a2/Vf6dAsat1lPzqnA==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
access-control-allow-origin
*
last-modified
Mon, 22 Mar 2021 17:01:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-ms-request-id
48308e8c-f01e-0076-2096-cf7421000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-id
nipgeVkNFePEda-fLkXYLJEmMrTkDZU-ffC6yWjY0colIjX7JChlLA==
22299_637693032682509108
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/ 		147 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/22299_637693032682509108
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e400:18:ee0c:6e00:93a1 -, , ASN (),
Reverse DNS
Software
ECAcc (frc/8F7A) /
Resource Hash
5fdb2b4bd611a7aad7c1197dc86396f5feeacd1123acc51b6c8f0ef9d37af8be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 12:39:10 GMT
content-encoding
gzip
content-md5
+bzsljhckFbFhf3KRYOv4A==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
10188
x-ms-lease-status
unlocked
access-control-allow-origin
*
last-modified
Fri, 08 Oct 2021 15:21:08 GMT
server
ECAcc (frc/8F7A)
etag
0x8D98A6F40D7AE05
vary
Accept-Encoding
content-type
application/javascript
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-ms-request-id
2b26de7f-b01e-00cb-2e72-cc57bf000000
cache-control
x-ms-blob-cache-control: public, max-age=900
x-ms-version
2009-09-19
accept-ranges
bytes
x-amz-cf-id
ezkme-3RMAgJcWAH27ItslhO5ypGFK01T5l4Tk2RUXvq7mjM-OuesA==
harvest_22299.js
universal.iperceptions.com/harvest/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://universal.iperceptions.com/harvest/harvest_22299.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:200:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7879f21d7d53bb16ef1ab30a7e6d3823482777ecdf86db4beca37ca74487d259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 29 Oct 2021 18:46:31 GMT
content-encoding
gzip
content-md5
1pUI4YsQw8rhGZNGyRSvdw==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
access-control-allow-origin
*
last-modified
Fri, 20 Sep 2019 17:46:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
via
1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-ms-request-id
6445f4d1-301e-00ca-5362-b56350000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=2592000
x-ms-version
2009-09-19
x-amz-cf-id
xkuUbvkqzySkwGYwZM361vykPI4Kkyo0j303hE6R8aFonCnRGnzheg==
ip.gif
post.iperceptions.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
post.iperceptions.com
URL
https://post.iperceptions.com/ip.gif?sid=f9cb832e-db04-47b6-1b8e-4f0a6ab7a6a0&vid=837a816a-b0cd-e521-1e1d-cf92c14bb77a&tkid=410f8076-db76-454d-bfc2-c724a5fc59b0&url=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F&title=Xfinity%20%7C%20Terms%20of%20Service

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| SURF_N_PERF object| CIM boolean| trackingDebug object| digitalData object| Oauth object| __core-js_shared__ function| XapiLib function| Events object| CIMA object| hostParts string| cookieSubDomain string| cookieRootDomain function| $ function| jQuery object| async function| $Ostrich function| get_cache_response function| get_cache_count function| cleanup_zip function| format_date function| parse_user_response function| get_cached_response function| get_cached_count function| parse_response function| check_prefs_cache function| count_keys function| parse_prefs_response object| polaris object| $xfn function| _ object| CIM_browser object| CIM_cookie object| CIM_storage function| CityList object| sticky_thing object| dynamicReplacements object| Tracking function| LocationFinder function| moment string| f_ADTARGET_ZIP string| f_AM_CID boolean| f_ENABLE_ADTARGETING object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| Flickerlessly function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| DIL function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s function| AppMeasurement_Module_Integrate object| s_Integrate_DFA string| v object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| iperceptionskey object| dataLayer object| s_3_Integrate_DFA_get_0 object| google_tag_manager object| google_tag_data object| iPerceptions string| key object| throttlePromise number| throttleStatus object| s_i_comcastdotcomprod object| logParams

30 Cookies

Domain/Path Name / Value
.my.xfinity.com/sso/oauth/iframe Name: offnet
Value: true
.my.xfinity.com/assets/channels Name: offnet
Value: true
.my.xfinity.com/terms/web Name: offnet
Value: true
.my.xfinity.com/assets Name: offnet
Value: true
oauth.xfinity.com/oauth/ Name: SESSION
Value: 9adfd896-0d18-4ecf-a5ee-7b97e87c715e
.my.xfinity.com/ Name: userZip
Value:
.xfinity.com/ Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg
Value: 359503849%7CMCMID%7C03951399445918116686688778374405107452%7CMCAID%7CNONE%7CvVersion%7C5.0.1
.xfinity.com/ Name: mbox
Value: session#6974675d7f394eff87fb762063bc2e11#1635945635
.xfinity.com/ Name: _gcl_au
Value: 1.1.1455235621.1635943775
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=50553EF9C9B8AF"
.doubleclick.net/ Name: IDE
Value: AHWqTUmEz4JSfExe1_3mEjctXyr1kDL8p77IiLgOXuyG-Z9rwA78MEX08NoLEAjac04
.demdex.net/ Name: demdex
Value: 48493252145169220073838053649474049010
.dpm.demdex.net/ Name: dpm
Value: 48493252145169220073838053649474049010
.xfinity.com/ Name: PSC
Value: UCID=8bd89ff4-2a4d-45cb-8a59-696dad35d7e6
.xfinity.com/ Name: SC
Value: RC.USID=77116d21-0786-46e6-a2c9-958ffd32f55d&VA=1025
www.xfinity.com/ Name: www-prd_wc
Value: LEBLFHEE
.xfinity.com/ Name: _abck
Value: 81458130B615CC1C03F0C6A0357E06C4~-1~YAAQz7oQAmmntN18AQAAtvvY5QbVQHNhHtVuqWM1snWqCVWNvtKcJfFcKOWOdTx6oulVpXY7Gw681pyFzhzaSBai2O991QKwX3PeJ2fUjmQAYvNuNHtpLbeRscF5KapqQNEIP5WmFsjlRtSAo/bz9uFB3ZjqalWbrWvZ7eEV4CDJOHJQanDggDN1rgzZ78tumbhVZTkaLEzMSfBZvMw/Q6TPbeCgoV9TXzSolKaRMCw77hq8DfE1E6Wl2Z48/93nlN6UuKLjwQjZNSRcKylpc8vjwnQN74psgL19fLV3tv9so6tfTIESw3lV/4gpOsbDZLGnRyKKUND0310i7fXN+/bc9fy6sv7nfPfT0pR55VcxRgP1e9GIzeAZ~-1~-1~-1
.xfinity.com/ Name: bm_sz
Value: 87BE454D4BC3DED1A4E09BA1D0CB1CBE~YAAQz7oQAmqntN18AQAAtvvY5Q18nVM5ab0XdTJ03H8Jo3cTzpvonR46ucPovp7f+MZvUOTXuk2C5ACuiylcv1FxlJ17tWu5WlzfQ6BMy9t6xM0vU1adDqhylfFRm0/kA19E7FpeanjJQ4YAu6gnNoWUNXfz1gmz7OvWlu9uy/I7/cIpTGw2lV5ujN0/PhtjEfR1pU8uxAnf298p+tKC9LmGUUe5jg2xnBfl5Uvni0p1VI7vXAZhrmd3zO3eB2cPtPUp9cn7wa0U+sf7qApyXPCi1fx6dwho5CbsDgx2lgFiOFeD~4535857~4274499
oauth.xfinity.com/ Name: BIGipServerp_loginxf-ch2-ipv6_443
Value: !WjaQAh0VLB8NEco2ljjvjldvjyLKIE4k7Lv93bhNCXnDX9sNiJmn4aCIuWSWBGnO88xTJJb2aNzdIQ==
login.xfinity.com/ Name: bid
Value: jdMMr1o5SvGxh6lAFtxIKHCxpzY
login.xfinity.com/ Name: BIGipServerp_loginxf-wcdc-ipv4_443
Value: !wkef+AzOkyRqss2KyLJrj5P6dcteJb1VlwVOAUmeqWExl75GEDVQ1k8pbieSPKCDlCq3nWu/VMOHzUM=
.xfinity.com/ Name: isAuth
Value: 0
.my.xfinity.com/ Name: ipa_failed
Value: 1
.my.xfinity.com/ Name: usp_v
Value: 1635943778043
.xfinity.com/ Name: s_pers
Value: %20s_dfa%3Dcomcastdotcomprod%7C1635945574880%3B%20stc18%3D%7C1635945578056%3B%20s_dslv%3D1635943778057%7C1730551778057%3B%20gpv_Page%3Dresi%257Cselfservice%257Cmyxfinity%257Clegal%257Cterms%253Aweb%7C1635945578058%3B
.xfinity.com/ Name: s_sess
Value: %20s_cc%3Dtrue%3B
.my.xfinity.com/ Name: aam_sc
Value: aamsc%3D8163787
.my.xfinity.com/ Name: fltk
Value: segID%3D2450016%2CsegID%3D6804930%2CsegID%3D6804829
.my.xfinity.com/ Name: aam_sitecore
Value: existing_customer%3Dtrue%2C1898505%3Dy%2C2450016%3Dy
my.xfinity.com/ Name: ipe_s
Value: f9cb832e-db04-47b6-1b8e-4f0a6ab7a6a0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4053494.fls.doubleclick.net
adservice.google.com
api.iperceptions.com
assets.adobedtm.com
auth.xfinity.com
dpm.demdex.net
fls.doubleclick.net
login.xfinity.com
melee.sed.dh.comcast.net
metrics.xfinity.com
my.xfinity.com
oauth.xfinity.com
polaris.xfinity.com
post.iperceptions.com
sd.iperceptions.com
sdx.xfinity.com
servedby.flashtalking.com
static.cimcontent.net
universal.iperceptions.com
www.googletagmanager.com
www.xfinity.com
post.iperceptions.com
108.128.92.179
142.250.186.134
15.188.95.229
2001:558:fe03:37::2
2001:558:fe21:38:162:150:57:167
209.197.3.19
2600:1f18:336:b300:ca1e:4102:aa2c:1d89
2600:9000:2156:200:8:e7ba:7440:93a1
2600:9000:2156:e400:18:ee0c:6e00:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2008
2a02:26f0:6c00:28a::1e80
2a02:26f0:6c00:2b2::30d4
2a02:26f0:6c00:2bd::1b62
2a02:26f0:6c00:2bf::2af2
2a02:26f0:6c00::210:bae0
52.138.200.61
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
053379f931af838aba16e619dd873938953e260fd606cf1a15cc597147c39134
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
185b0dde3b4401b5c9e5ed71d8a39dbb601fd06b2894dbf090752dd353104c04
1982e8cbe6846d3a9d033a9a755b2dc4e43c0006fbb1a17ae13937916f64507a
1f55a052b29d0f04d49b5724c064c6601cd77f553ad71f6a8abb50c9c216fc0f
240136ffc987721bc1563fcbe5b9ce20fd64418d87ef8a3e19af590c3e43a681
27da9afb7ac8703f93d3914ae4c43e0c7bcaaa8ade8902c9aa5cc31b4fb7c205
286f65bc79eb7fec2ddc2e26c91a4c1d222f90a6ff46e77a60c5d335554c0d11
3d658337681530c4bbeca6a59b71cf571ab24dbee929356e72b224522236ee89
41bfc95ff2b0b626ffe0397a00c0fce925d7689f3ea120acee25e71c5ee2808b
44f222333b4c6396b38f2e06dc73d385d243e2b36a30914fd10b6ddb4e831017
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4f6c8fe3d9d39c232c48874cb05e4b88fc313b703b4671333badf8c96ff9b130
5089bf7e3a332fdfc24435e0a09602ff7e306c4d877da091e7e65557dd458262
56ef00d5376d89ecbd97e38ebf7803bed7d228eee2e9e76aa59dbd9210209a24
5fdb2b4bd611a7aad7c1197dc86396f5feeacd1123acc51b6c8f0ef9d37af8be
63f3b6f4301ee30fbc15aa65fdc463e948cfa581930dda3ef38268aa5d466aa9
684803166a42491492d8e72ae0bc2668397c0e6a056d1734611daf035f778084
70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6
72518af3befc85b18d47d83e9f0fe9010766f5dcd4daa2b583615989ccb04235
7879f21d7d53bb16ef1ab30a7e6d3823482777ecdf86db4beca37ca74487d259
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb
7fda360d9cf785dc6421a44bff9d84e0e8ddbd3eb003b2d0acd6439b0e1d7d05
816f0c1e7d06fa3c17fee7bffeb51d87485df627dde9a00e6535c8a667dcfd97
81aedb8b8a300c346eeae360f6cc9de22c93e79e95e7255c73a1ec687468d2fd
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
c7affb9d47b42dd36ced3ce81637c6e0a4db02f8c6f8b47fce040d991cc13515
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e37c20f26af4b3ee4798d520759362c4e530c9d436848dc72c10cfbd89615fce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f78185def0ae6da0ed784c29f5823f22cb6208908dd77edb9dce04d47b2b2e7b