Submitted URL: http://my.xfinity.com/terms/web/
Effective URL: https://my.xfinity.com/terms/web/
Submission Tags: phishing
Submission: On November 03 via api from AU — Scanned from DE

Summary

This website contacted 18 IPs in 4 countries across 10 domains to perform 44 HTTP transactions. The main IP is 2a02:26f0:6c00:2bd::1b62, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is my.xfinity.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on May 4th 2020. Valid for: 2 years.
This is the only time my.xfinity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
9 my.xfinity.com 1 redirects my.xfinity.com
6 servedby.flashtalking.com my.xfinity.com
servedby.flashtalking.com
4 universal.iperceptions.com my.xfinity.com
universal.iperceptions.com
4 sdx.xfinity.com my.xfinity.com
polaris.xfinity.com
4 assets.adobedtm.com static.cimcontent.net
assets.adobedtm.com
3 polaris.xfinity.com my.xfinity.com
polaris.xfinity.com
2 api.iperceptions.com static.cimcontent.net
2 melee.sed.dh.comcast.net static.cimcontent.net
2 dpm.demdex.net 1 redirects servedby.flashtalking.com
2 oauth.xfinity.com 2 redirects
2 auth.xfinity.com 2 redirects
2 static.cimcontent.net my.xfinity.com
1 post.iperceptions.com static.cimcontent.net
1 sd.iperceptions.com universal.iperceptions.com
1 metrics.xfinity.com assets.adobedtm.com
1 adservice.google.com 4053494.fls.doubleclick.net
1 4053494.fls.doubleclick.net www.googletagmanager.com
1 www.googletagmanager.com my.xfinity.com
1 fls.doubleclick.net assets.adobedtm.com
1 www.xfinity.com my.xfinity.com
1 login.xfinity.com 1 redirects
44 21
Subject Issuer Validity Valid
www.xfinity.comcast.net
COMODO RSA Organization Validation Secure Server CA
2020-05-04 -
2022-05-04
2 years crt.sh
static.cimcontent.net
COMODO RSA Organization Validation Secure Server CA
2020-04-16 -
2022-04-16
2 years crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-10 -
2022-09-10
a year crt.sh
polaris.xfinity.com
Sectigo RSA Organization Validation Secure Server CA
2021-10-12 -
2022-10-12
a year crt.sh
xapi.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2020-05-07 -
2022-05-07
2 years crt.sh
*.doubleclick.net
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
*.iperceptions.com
Amazon
2021-04-15 -
2022-05-14
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1
2021-02-04 -
2022-02-22
a year crt.sh
*.google.com
GTS CA 1C3
2021-10-04 -
2021-12-27
3 months crt.sh
metrics.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2021-09-07 -
2022-09-07
a year crt.sh
*.sed.dh.comcast.net
COMODO RSA Organization Validation Secure Server CA
2021-01-20 -
2022-01-20
a year crt.sh

This page contains 6 frames:

Primary Page: https://my.xfinity.com/terms/web/
Frame ID: 0996E2A2E56D7F6E0355AADED325BB59
Requests: 29 HTTP requests in this frame

Frame: https://my.xfinity.com/sso/oauth/iframe/
Frame ID: 5FD22FCF4C28C885822007F42FA9D0D4
Requests: 1 HTTP requests in this frame

Frame: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
Frame ID: F6F5506646078889EEFD769AAB515DDE
Requests: 7 HTTP requests in this frame

Frame: https://4053494.fls.doubleclick.net/activityi;src=4053494;type=comca517;cat=xfini022;ord=5300355023068;gtm=dar;auiddc=1122158991.1635939089;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F
Frame ID: 8673CECABA26E572D30FE1B35833D597
Requests: 2 HTTP requests in this frame

Frame: https://polaris.xfinity.com/orc.html?domain=my.xfinity.com
Frame ID: D06625B635C4EB04279097ABA2DCD713
Requests: 2 HTTP requests in this frame

Frame: https://universal.iperceptions.com/iFrame.html
Frame ID: 6344244E42296168F77218ACF6C8CECD
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Xfinity | Terms of Service

Page URL History Show full URLs

  1. http://my.xfinity.com/terms/web/ HTTP 301
    https://my.xfinity.com/terms/web/ Page URL

Page Statistics

44
Requests

98 %
HTTPS

74 %
IPv6

10
Domains

21
Subdomains

18
IPs

4
Countries

516 kB
Transfer

1595 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://my.xfinity.com/terms/web/ HTTP 301
    https://my.xfinity.com/terms/web/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://auth.xfinity.com/oauth/login?passive=true&state=https://my.xfinity.com/sso/oauth/iframe/ HTTP 302
  • https://oauth.xfinity.com/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.xfinity.com%2Foauth%2Fcallback&client_id=my-xfinity&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fiframe%2F&prompt=none HTTP 302
  • https://login.xfinity.com/login?r=comcast.net&s=oauth&continue=https%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fauth.xfinity.com%252Foauth%252Fcallback%26client_id%3Dmy-xfinity%26state%3Dhttps%253A%252F%252Fmy.xfinity.com%252Fsso%252Foauth%252Fiframe%252F%26prompt%3Dnone%26response%3D1&client_id=my-xfinity&reqId=cb2db23c-c421-458f-b889-0b1e6e68bf20&passive=1 HTTP 302
  • https://oauth.xfinity.com/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.xfinity.com%2Foauth%2Fcallback&client_id=my-xfinity&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fiframe%2F&prompt=none&response=1&lang=en HTTP 302
  • https://auth.xfinity.com/oauth/callback?error=login_required&error_description=User%20login%20required&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fiframe%2F HTTP 302
  • https://my.xfinity.com/sso/oauth/iframe/
Request Chain 22
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=99999999999999& HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
my.xfinity.com/terms/web/
Redirect Chain
  • http://my.xfinity.com/terms/web/
  • https://my.xfinity.com/terms/web/
65 KB
22 KB
Document
General
Full URL
https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
61d11073de2bebb34c236311ec9031f6a420c03f97192c122aa6e6b257ca7676
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=utf-8
etag
W/"cb1a87c69e6a3557c08c26f662d45294"
fingerprint
_production_cf_g3_121312_1635939088302
x-frame-options
SAMEORIGIN
x-request-id
a59ef306-a5ad-4ab7-9039-3765e2732b7b
x-runtime
0.223345
x-ua-compatible
IE=Edge
x-vcap-request-id
d8c2f62f-db63-464a-7126-aa077f2e1ea3
vary
Accept-Encoding
content-encoding
gzip
cache-control
public, max-age=300
date
Wed, 03 Nov 2021 11:31:28 GMT
content-length
21805

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://my.xfinity.com/terms/web/
Date
Wed, 03 Nov 2021 11:31:27 GMT
Connection
keep-alive
legal-69528c47ddc8578d5062ee5dc996b6fc.css
my.xfinity.com/assets/channels/
28 KB
14 KB
Stylesheet
General
Full URL
https://my.xfinity.com/assets/channels/legal-69528c47ddc8578d5062ee5dc996b6fc.css
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
286f65bc79eb7fec2ddc2e26c91a4c1d222f90a6ff46e77a60c5d335554c0d11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:28 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:51:22 GMT
server
AkamaiNetStorage
etag
"9f8527efa05e5e60750358ba38b7df5e:1635180682.044052"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
13802
datalayer-resi-slim.min.js
static.cimcontent.net/data-layer/
76 KB
20 KB
Script
General
Full URL
https://static.cimcontent.net/data-layer/datalayer-resi-slim.min.js?appID=resi_myxfn
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
185b0dde3b4401b5c9e5ed71d8a39dbb601fd06b2894dbf090752dd353104c04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-amz-version-id
9jo66Ybd17KbcsuOT6TPqwAvmbP5VIIP
content-encoding
br
last-modified
Mon, 18 Oct 2021 00:12:17 GMT
server
Akamai Resource Optimizer
x-amz-cf-pop
PHL50-C1
etag
"92ae860d6ad6e75b2b26b7ef4a49c886"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
date
Wed, 03 Nov 2021 11:31:28 GMT
accept-ranges
bytes
content-length
19976
x-amz-cf-id
Xso06AknSHlMYbvd80OEbymCBXOiJUvof4gQIB34lJ3hRMjI78cSnA==
oauth.umd.min-1a880f61190ca5a759decc3c57d0d249.js
my.xfinity.com/assets/
8 KB
4 KB
Script
General
Full URL
https://my.xfinity.com/assets/oauth.umd.min-1a880f61190ca5a759decc3c57d0d249.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1982e8cbe6846d3a9d033a9a755b2dc4e43c0006fbb1a17ae13937916f64507a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:28 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:50:32 GMT
server
AkamaiNetStorage
etag
"8ae88ab0574a4e62f4430aed2cccb02a:1635180632.946462"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
3571
xapi-lib-this-prod.min-b62f1cb0d8faec8c2f9c30acb6129edc.js
my.xfinity.com/assets/
50 KB
16 KB
Script
General
Full URL
https://my.xfinity.com/assets/xapi-lib-this-prod.min-b62f1cb0d8faec8c2f9c30acb6129edc.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
63f3b6f4301ee30fbc15aa65fdc463e948cfa581930dda3ef38268aa5d466aa9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:28 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:51:30 GMT
server
AkamaiNetStorage
etag
"7bc82e2d42164eb1081ed51a9d34bb70:1635180690.988763"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
16496
application_top-e1e70700207cb68599ae03542a030498.js
my.xfinity.com/assets/
219 KB
56 KB
Script
General
Full URL
https://my.xfinity.com/assets/application_top-e1e70700207cb68599ae03542a030498.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1f55a052b29d0f04d49b5724c064c6601cd77f553ad71f6a8abb50c9c216fc0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:28 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:51:56 GMT
server
AkamaiNetStorage
etag
"eae8c932f6ed82017ea2d6ee594163b9:1635180716.605713"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
master_top-4f889393e45169eb10efc66c9658037a.js
my.xfinity.com/assets/
281 KB
71 KB
Script
General
Full URL
https://my.xfinity.com/assets/master_top-4f889393e45169eb10efc66c9658037a.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5089bf7e3a332fdfc24435e0a09602ff7e306c4d877da091e7e65557dd458262

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:28 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:51:25 GMT
server
AkamaiNetStorage
etag
"89b9bec92ccd77836563b2e1121f549e:1635180685.517166"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
legal-f11ca3d817ecac2afea25e800339d0fb.js
my.xfinity.com/assets/
3 KB
2 KB
Script
General
Full URL
https://my.xfinity.com/assets/legal-f11ca3d817ecac2afea25e800339d0fb.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
81aedb8b8a300c346eeae360f6cc9de22c93e79e95e7255c73a1ec687468d2fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/terms/web/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:28 GMT
content-encoding
gzip
last-modified
Mon, 25 Oct 2021 16:50:46 GMT
server
AkamaiNetStorage
etag
"7f7a9a470cc0a7e6e9348e98a3ba16f6:1635180646.395136"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
1355
launch-29c49a6863fd.min.js
assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/
304 KB
92 KB
Script
General
Full URL
https://assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/launch-29c49a6863fd.min.js
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/datalayer-resi-slim.min.js?appID=resi_myxfn
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
816f0c1e7d06fa3c17fee7bffeb51d87485df627dde9a00e6535c8a667dcfd97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:28 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 20:07:01 GMT
server
AkamaiNetStorage
etag
"70d27e7fd38b1a7b7de39c761d518cfe:1635883621.948762"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://my.xfinity.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
94195
expires
Wed, 03 Nov 2021 12:31:28 GMT
polaris.wc.js
polaris.xfinity.com/
122 KB
27 KB
Script
General
Full URL
https://polaris.xfinity.com/polaris.wc.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:558:fe02::2a , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
55.9435d7f.el7 /
Resource Hash
41bfc95ff2b0b626ffe0397a00c0fce925d7689f3ea120acee25e71c5ee2808b
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

Date
Wed, 03 Nov 2021 11:31:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
55.9435d7f.el7
Age
0
Vary
accept-language
Strict-Transport-Security
max-age=31540000
Content-Type
application/javascript
Via
http/1.1 cdn-mid-bad-01.whitemarsh.md.bad.comcast.net (52.d47d486.el7 [uScMsSfWpSeN:t cCMpSs ]), http/1.1 cdn-ec-bos-361.exeter.nh.boston.comcast.net (55.9435d7f.el7 [uScMsSfWpSeN:t cCMpSs ])
X-Vcap-Request-Id
b2fe0a27-4ddd-4241-7d20-5a90d24eeccf
Cache-Control
max-age=86400, s-maxage=1800, stale-if-error=3600
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 04 Nov 2021 11:31:30 GMT
XfinityStandard-Regular.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/
26 KB
26 KB
Font
General
Full URL
https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/channels/legal-69528c47ddc8578d5062ee5dc996b6fc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bb::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Referer
https://my.xfinity.com/
Origin
https://my.xfinity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

x-amz-version-id
kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"e3e79cd377b28c1e7ffea64b194136cf"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1912759
date
Wed, 03 Nov 2021 11:31:29 GMT
accept-ranges
bytes
content-length
26768
x-amz-cf-id
0GWwjsiBzJGe8MgjhwAySfDM5ZcxIZDt5ZhIKogVBzvLM4gAUddR3Q==
XfinityStandard-Thin.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/
32 KB
33 KB
Font
General
Full URL
https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Thin.woff2
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/channels/legal-69528c47ddc8578d5062ee5dc996b6fc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bb::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44f222333b4c6396b38f2e06dc73d385d243e2b36a30914fd10b6ddb4e831017

Request headers

Referer
https://my.xfinity.com/
Origin
https://my.xfinity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

x-amz-version-id
bxgN27mK5618uKSmNEOffcVgf2unEoWp
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"63971dfcbf18dc975adf178d85295f9c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1744490
date
Wed, 03 Nov 2021 11:31:29 GMT
accept-ranges
bytes
content-length
33252
x-amz-cf-id
XTFJTUbpOr1FjexvdGAPmSJDWTSI6dStHnNitO0BnsG0JciXs69Jgw==
/
my.xfinity.com/sso/oauth/iframe/ Frame 5FD2
Redirect Chain
  • https://auth.xfinity.com/oauth/login?passive=true&state=https://my.xfinity.com/sso/oauth/iframe/
  • https://oauth.xfinity.com/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.xfinity.com%2Foauth%2Fcallback&client_id=my-xfinity&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fi...
  • https://login.xfinity.com/login?r=comcast.net&s=oauth&continue=https%3A%2F%2Foauth.xfinity.com%2Foauth%2Fauthorize%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fauth.xfinity.com%252Fo...
  • https://oauth.xfinity.com/oauth/authorize?response_type=code&redirect_uri=https%3A%2F%2Fauth.xfinity.com%2Foauth%2Fcallback&client_id=my-xfinity&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fi...
  • https://auth.xfinity.com/oauth/callback?error=login_required&error_description=User%20login%20required&state=https%3A%2F%2Fmy.xfinity.com%2Fsso%2Foauth%2Fiframe%2F
  • https://my.xfinity.com/sso/oauth/iframe/
1 KB
863 B
Document
General
Full URL
https://my.xfinity.com/sso/oauth/iframe/
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/assets/application_top-e1e70700207cb68599ae03542a030498.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bd::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
240136ffc987721bc1563fcbe5b9ce20fd64418d87ef8a3e19af590c3e43a681
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/

Response headers

content-type
text/html;charset=utf-8
etag
W/"d131e84054774d532ad080add06a29fe"
fingerprint
_production_cf_g3_108232_1635939091632
x-frame-options
SAMEORIGIN
x-request-id
2fb007ef-84e3-4c10-b321-d5b7fa7607b0
x-runtime
0.003646
x-ua-compatible
IE=Edge
x-vcap-request-id
507e2a1b-222a-403a-69d3-5fc5ac217fd2
vary
Accept-Encoding
content-encoding
gzip
content-length
509
cache-control
public, max-age=272
date
Wed, 03 Nov 2021 11:31:31 GMT

Redirect headers

content-language
de-DE
content-length
0
location
https://my.xfinity.com/sso/oauth/iframe/
x-vcap-request-id
e84e42a6-158c-4348-706f-a68c49701575
date
Wed, 03 Nov 2021 11:31:31 GMT
5BF28DC6EBA54E929173CC7B0D9B6E69
www.xfinity.com/-/media/
269 B
2 KB
Image
General
Full URL
https://www.xfinity.com/-/media/5BF28DC6EBA54E929173CC7B0D9B6E69?ts=1635939089028
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::2af2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
4f6c8fe3d9d39c232c48874cb05e4b88fc313b703b4671333badf8c96ff9b130
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
x-xfnlog-site
XDS
last-modified
Thu, 31 May 2018 15:11:27 GMT
etag
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
date
Wed, 03 Nov 2021 11:31:29 GMT
content-disposition
inline; filename="data-layer.jpg"
accept-ranges
bytes
content-length
269
expires
Wed, 03 Nov 2021 11:31:29 GMT
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
33 KB
12 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/launch-29c49a6863fd.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:29 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://my.xfinity.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Wed, 03 Nov 2021 12:31:29 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
3 KB
2 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/launch-29c49a6863fd.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:29 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://my.xfinity.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Wed, 03 Nov 2021 12:31:29 GMT
AppMeasurement_Module_AudienceManagement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/
25 KB
9 KB
Script
General
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/launch-29c49a6863fd.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2a6::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:29 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:53 GMT
server
AkamaiNetStorage
etag
"c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://my.xfinity.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
8762
expires
Wed, 03 Nov 2021 12:31:29 GMT
json
fls.doubleclick.net/
40 B
723 B
Script
General
Full URL
https://fls.doubleclick.net/json?spot=4053494&src=1516422&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=3489207403097
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/331fbea29f79/f0c0e1a9ad11/launch-29c49a6863fd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60
x-xss-protection
0
pragma
no-cache
server
cafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=ISO-8859-1
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
wrapper.js
universal.iperceptions.com/
9 KB
4 KB
Script
General
Full URL
https://universal.iperceptions.com/wrapper.js
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 11:26:32 GMT
content-encoding
gzip
content-md5
d5YIeO59lrTqhttidyvULA==
age
549
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
access-control-allow-origin
*
last-modified
Mon, 22 Mar 2021 18:02:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
via
1.1 544049d1dc4d534822b40b9f9c7529db.cloudfront.net (CloudFront)
x-ms-request-id
80756346-901e-00e5-66a5-cce26a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
f6IpeYB8UFQWoIA6Wi2mQRGWm8Igj7gNBA8zgErO3hH26yDmkop_Rw==
js
www.googletagmanager.com/gtag/
87 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-4053494
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1bb96a240e2e4c2dfdf055d8ef9ad866a9a447ac4377241913e051838ff095f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:29 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35595
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Nov 2021 11:31:29 GMT
/
servedby.flashtalking.com/container/12345;91797;9487;iframe/ Frame F6F5
3 KB
4 KB
Document
General
Full URL
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app37.frk11 /
Resource Hash
a54b5f20ec8296ccaba7cf30da4f87d32c45190a5e2337d7d636796b3cb1d276

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/

Response headers

Date
Wed, 03 Nov 2021 11:31:29 GMT
Connection
close
Cache-Control
no-cache, no-store
Content-Type
text/html
Server
prod-xre-app37.frk11
Pragma
no-cache
X-HW
1635939089.dop231.fr8.t,1635939089.cds234.fr8.shn,1635939089.dop231.fr8.t,1635939089.cds204.fr8.sc,1635939089.cds204.fr8.p
activityi;src=4053494;type=comca517;cat=xfini022;ord=5300355023068;gtm=dar;auiddc=1122158991.1635939089;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F
4053494.fls.doubleclick.net/ Frame 8673
371 B
674 B
Document
General
Full URL
https://4053494.fls.doubleclick.net/activityi;src=4053494;type=comca517;cat=xfini022;ord=5300355023068;gtm=dar;auiddc=1122158991.1635939089;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-4053494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
62850cd57f3872dffac95948a48ac1f40aeeee953f88c5e544ee0536d9fc6d38
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Wed, 03 Nov 2021 11:31:29 GMT
expires
Wed, 03 Nov 2021 11:31:29 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=ISO-8859-1
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
306
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
servedby.flashtalking.com/segment/modify/uxf;;pixel/ Frame F6F5
42 B
510 B
Image
General
Full URL
https://servedby.flashtalking.com/segment/modify/uxf;;pixel/?name=ExistingCustomer__CustomerHomepage__MyXfinity__Xfinitycom_RTG_ACQ_3675199_LearnnLanding_MyXfinity2016
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app20.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
User-Agent
phishfarmer

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 11:31:29 GMT
Server
prod-xre-app20.frk11
X-HW
1635939089.dop215.fr8.shc,1635939089.dop215.fr8.t,1635939089.cds253.fr8.sc,1635939089.cds253.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
demconf.jpg
dpm.demdex.net/ Frame F6F5
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=3047&dpuuid=99999999999999&
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
42 B
961 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
Protocol
HTTP/1.1
Server
52.210.137.30 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-137-30.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/
User-Agent
phishfarmer

Response headers

DCS
dcs-prod-irl1-1-v019-0143259ca.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
104,303
X-TID
qXSrt93DT8w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v019-0886f2468.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
wPGtfnSISO0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=3047&dpuuid=99999999999999&
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
servedby.flashtalking.com/spot/8/12345;92909;9487/ Frame F6F5
42 B
355 B
Image
General
Full URL
https://servedby.flashtalking.com/spot/8/12345;92909;9487/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app22.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
User-Agent
phishfarmer

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 11:31:29 GMT
Server
prod-xre-app22.frk11
X-HW
1635939089.dop153.fr8.shc,1635939089.dop153.fr8.t,1635939089.cds264.fr8.sc,1635939089.cds264.fr8.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
/
servedby.flashtalking.com/spot/1/12345;108289;11135/ Frame F6F5
42 B
355 B
Image
General
Full URL
https://servedby.flashtalking.com/spot/1/12345;108289;11135/?spotName=Comcast_SiteVisit&ftXRef=&U7=https%253A//my.xfinity.com/terms/web/&cachebuster=120879.63666683188
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app25.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
User-Agent
phishfarmer

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 11:31:29 GMT
Server
prod-xre-app25.frk11
X-HW
1635939089.dop231.fr8.shc,1635939089.dop231.fr8.t,1635939089.cds004.fr8.sc,1635939089.cds004.fr8.p
Content-Type
image/gif
Cache-Control
no-cache,no-store
Connection
Keep-Alive
Content-Length
42
/
servedby.flashtalking.com/segment/modify/y41_;;pixel/ Frame F6F5
42 B
524 B
Image
General
Full URL
https://servedby.flashtalking.com/segment/modify/y41_;;pixel/?valuePairs=c_SV_12345
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app42.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
User-Agent
phishfarmer

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 11:31:29 GMT
Server
prod-xre-app42.frk11
X-HW
1635939089.dop133.fr8.shc,1635939089.dop133.fr8.t,1635939089.cds288.fr8.sc,1635939089.cds288.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
/
servedby.flashtalking.com/segment/2/read/a;;pixel/ Frame F6F5
42 B
496 B
Image
General
Full URL
https://servedby.flashtalking.com/segment/2/read/a;;pixel/?s=9487&d=my.xfinity.com&r=terms/web/
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.197.3.19 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
vip0x013.map2.ssl.hwcdn.net
Software
prod-xre-app23.frk11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://servedby.flashtalking.com/container/12345;91797;9487;iframe/?ft_referrer=https%3A//my.xfinity.com/terms/web/&ns=&cb=927286.699992048
User-Agent
phishfarmer

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 11:31:29 GMT
Server
prod-xre-app23.frk11
X-HW
1635939089.dop215.fr8.shc,1635939089.dop215.fr8.t,1635939089.cds216.fr8.sc,1635939089.cds216.fr8.p
Content-Type
image/gif
Cache-Control
no-cache, no-store
Connection
Keep-Alive
Content-Length
42
src=4053494;type=comca517;cat=xfini022;ord=5300355023068;gtm=dar;auiddc=*;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F
adservice.google.com/ddm/fls/z/ Frame 8673
42 B
494 B
Image
General
Full URL
https://adservice.google.com/ddm/fls/z/src=4053494;type=comca517;cat=xfini022;ord=5300355023068;gtm=dar;auiddc=*;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F
Requested by
Host: 4053494.fls.doubleclick.net
URL: https://4053494.fls.doubleclick.net/activityi;src=4053494;type=comca517;cat=xfini022;ord=5300355023068;gtm=dar;auiddc=1122158991.1635939089;~oref=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://4053494.fls.doubleclick.net/
User-Agent
phishfarmer

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 11:31:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/
26 KB
26 KB
Font
General
Full URL
https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Referer
https://my.xfinity.com/
Origin
https://my.xfinity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer

Response headers

x-amz-version-id
kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"e3e79cd377b28c1e7ffea64b194136cf"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1912758
date
Wed, 03 Nov 2021 11:31:30 GMT
accept-ranges
bytes
content-length
26768
x-amz-cf-id
JxslSHTV_FRD0OYWoPLXvgr7dnTI7FGo_Sxi1cgB9cEA_TJDAjUmUg==
orc.html
polaris.xfinity.com/ Frame D066
20 KB
8 KB
Document
General
Full URL
https://polaris.xfinity.com/orc.html?domain=my.xfinity.com
Requested by
Host: polaris.xfinity.com
URL: https://polaris.xfinity.com/polaris.wc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:558:fe02::2a , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
55.9435d7f.el7 /
Resource Hash
7fda360d9cf785dc6421a44bff9d84e0e8ddbd3eb003b2d0acd6439b0e1d7d05
Security Headers
Name Value
Strict-Transport-Security max-age=31540000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/

Response headers

Cache-Control
max-age=86400 s-maxage=1800, stale-if-error=3600
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 03 Nov 2021 11:17:23 GMT
Expires
Thu, 04 Nov 2021 11:17:23 GMT
Server
55.9435d7f.el7
Strict-Transport-Security
max-age=31540000
X-Content-Type-Options
nosniff
X-Vcap-Request-Id
1d734f65-2780-4c25-5d1e-7535bc2ed68c
Age
848
Content-Length
7411
Via
http/1.1 cdn-mid-bad-303.metrodr.md.bad.comcast.net (52.d47d486.el7 [uScRs f p eN:t cCHp s ]), http/1.1 cdn-ec-bos-361.exeter.nh.boston.comcast.net (55.9435d7f.el7 [uScRs f p eN:t cCHp s ])
Connection
keep-alive
xfinity_logo.svg
polaris.xfinity.com/images/svgs/
2 KB
2 KB
Image
General
Full URL
https://polaris.xfinity.com/images/svgs/xfinity_logo.svg
Requested by
Host: my.xfinity.com
URL: https://my.xfinity.com/terms/web/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:558:fe02::2a , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
55.9435d7f.el7 /
Resource Hash
c7affb9d47b42dd36ced3ce81637c6e0a4db02f8c6f8b47fce040d991cc13515

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

Date
Tue, 26 Oct 2021 00:59:04 GMT
Via
http/1.1 cdn-mid-njs-01.plainfield.nj.panjde.comcast.net (52.d47d486.el7 [uIcHs f p eN:t cCNp s ]), http/1.1 cdn-ec-bos-361.exeter.nh.boston.comcast.net (55.9435d7f.el7 [uScRs f p eN:t cCHp s ])
Last-Modified
Tue, 20 Oct 2020 13:02:52 GMT
Server
55.9435d7f.el7
Age
729147
Etag
"5f8edffc-622"
Content-Type
image/svg+xml
X-Vcap-Request-Id
dbcc475a-df79-4f13-4a5e-f830706d7f6a
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1570
Expires
Thu, 25 Nov 2021 00:59:04 GMT
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e37c20f26af4b3ee4798d520759362c4e530c9d436848dc72c10cfbd89615fce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
phishfarmer

Response headers

Content-Type
image/png
bluebarpackage.json
sdx.xfinity.com/cms/data/bluebar/unauthorized/clients/myxfinity/ Frame D066
21 B
394 B
Fetch
General
Full URL
https://sdx.xfinity.com/cms/data/bluebar/unauthorized/clients/myxfinity/bluebarpackage.json
Requested by
Host: polaris.xfinity.com
URL: https://polaris.xfinity.com/orc.html?domain=my.xfinity.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bb::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d658337681530c4bbeca6a59b71cf571ab24dbee929356e72b224522236ee89
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
application/json
Referer
https://polaris.xfinity.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer
Content-Type
application/json

Response headers

x-amz-version-id
null
etag
"9a4661fec145f8d2fce7c8266b7cebae"
x-amz-cf-pop
FRA53-C1
strict-transport-security
max-age=86400
content-length
21
last-modified
Mon, 08 Feb 2021 16:33:38 GMT
server
AmazonS3
date
Wed, 03 Nov 2021 11:31:31 GMT
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600
x-amz-meta-noderef
workspace://SpacesStore/bf90e5d4-5f6b-4c86-8101-a96ce565e4af
accept-ranges
bytes
x-amz-cf-id
WZjATJZbxmoDhohpySu2jdDQg5YOyw53RNWCtal5RIg0RR5k-E5IFQ==
bluebarpackage.json
sdx.xfinity.com/cms/data/bluebar/unauthorized/clients/myxfinity/ Frame
0
0
Preflight
General
Full URL
https://sdx.xfinity.com/cms/data/bluebar/unauthorized/clients/myxfinity/bluebarpackage.json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2bb::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://polaris.xfinity.com
User-Agent
phishfarmer
Sec-Fetch-Mode
cors

Response headers

content-length
0
access-control-allow-methods
GET
access-control-allow-headers
content-type
access-control-max-age
3000
server
AmazonS3
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
EuNrgaIywMCiEZq6QUz6Go0BrVEGM0nGflrvRMCAQz4IkVkugOvsww==
cache-control
max-age=600
date
Wed, 03 Nov 2021 11:31:31 GMT
strict-transport-security
max-age=86400
access-control-allow-origin
*
s51687627027437
metrics.xfinity.com/b/ss/comcastdotcomprod/10/JS-2.22.0-LBWB/
4 KB
4 KB
Script
General
Full URL
https://metrics.xfinity.com/b/ss/comcastdotcomprod/10/JS-2.22.0-LBWB/s51687627027437?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=3%2F10%2F2021%2011%3A31%3A31%203%200&d.&nsid=0&jsonv=1&.d&mid=37628063251496836255632528779663650597&ce=UTF-8&pageName=resi%7Cselfservice%7Cmyxfinity%7Clegal%7Cterms%3Aweb&g=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F&cc=USD&ch=myxfinity&events=event125%3D38&v1=existing&c25=resi%7Cselfservice%7Cmyxfinity%7Clegal%7Cterms%3Aweb%7Cpage%20load&v29=landscape%3Adesktop%20layout%3A1600x1200&c35=legal&v37=D%3DpageName&c44=responsive%7Cmy-xfinity%7Cproduction_cf_g3%20env&v44=responsive%7Cmy-xfinity%7Cproduction_cf_g3%20env&c45=existing&v46=New%20Visitor&c54=VisitorAPI%20Present&c55=resi%7Cselfservice&c60=en&c73=AA%20Hosted%20by%20Adobe%20Launch%20%7C%2011182020&v86=unauthenticated%7Cunrecognized&v91=nc&v99=comcast%7Cweb&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&AQE=1
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
a64f8cd8a2a5e1b06f0bc0b766f0264ccc5fac0b40ccdd18dad780c6db370aa6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-aam-tid
8xiktC5vQiw=
date
Wed, 03 Nov 2021 11:31:31 GMT
x-content-type-options
nosniff
x-c
main-1540.I13d07b.M0-522
p3p
CP="This is not a P3P policy"
vary
*
content-length
3962
x-xss-protection
1; mode=block
dcs
dcs-prod-irl1-2-v019-0abf208d3.edge-irl1.demdex.com UNKNOWN
pragma
no-cache
last-modified
Thu, 04 Nov 2021 11:31:31 GMT
server
jag
xserver
anedge-b4c7fdd79-jtj58
etag
3513152447642992640-4619892207277791147
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Tue, 02 Nov 2021 11:31:31 GMT
iFrame.html
universal.iperceptions.com/ Frame 6344
2 KB
1 KB
Document
General
Full URL
https://universal.iperceptions.com/iFrame.html
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
phishfarmer
Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/

Response headers

content-type
text/html
content-md5
Vmg/mBwwVR6Kl52r4KoGqg==
last-modified
Tue, 28 Jan 2020 16:03:04 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id
f1858ea9-b01e-0131-3b9b-cbed1f000000
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin
*
content-encoding
gzip
date
Wed, 03 Nov 2021 11:27:22 GMT
vary
Accept-Encoding
via
1.1 544049d1dc4d534822b40b9f9c7529db.cloudfront.net (CloudFront)
age
366
cache-control
public,max-age=7200
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
3TfzdLosagG-YEIMynu9zFs7IhZhRauo32Xi6TFL76o48SSDoU7EyA==
xfn-cloud
melee.sed.dh.comcast.net/v2/unstructured/
0
114 B
XHR
General
Full URL
https://melee.sed.dh.comcast.net/v2/unstructured/xfn-cloud
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/datalayer-resi-slim.min.js?appID=resi_myxfn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:336:b300:ca1e:4102:aa2c:1d89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Melee /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

melee-token
AD7BE0B7-120E-4CA2-B58F-C71B46AAB7E7
Referer
https://my.xfinity.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
phishfarmer
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 03 Nov 2021 11:31:32 GMT
x-client-id
myxfinity
x-elastic-write-status
TotalFailure
server
Melee
xfn-cloud
melee.sed.dh.comcast.net/v2/unstructured/ Frame
0
0
Preflight
General
Full URL
https://melee.sed.dh.comcast.net/v2/unstructured/xfn-cloud
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:336:b300:ca1e:4102:aa2c:1d89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Melee /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,melee-token
Origin
https://my.xfinity.com
User-Agent
phishfarmer
Sec-Fetch-Mode
cors

Response headers

date
Wed, 03 Nov 2021 11:31:32 GMT
content-type
application/octet-stream
content-length
0
server
Melee
access-control-allow-origin
*
access-control-allow-methods
POST, GET
access-control-allow-headers
content-type,melee-token
InviteTriggers
api.iperceptions.com/
241 B
305 B
XHR
General
Full URL
https://api.iperceptions.com/InviteTriggers
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/datalayer-resi-slim.min.js?appID=resi_myxfn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
cb0ad0ac8ef6706549db405ac195086a5165b057a66fdcf0ca914f4457db1bf5

Request headers

Referer
https://my.xfinity.com/
Accept-Language
de-DE,de;q=0.9
SecurityToken
410f8076-db76-454d-bfc2-c724a5fc59b0
User-Agent
phishfarmer

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 11:31:32 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
content-length
241
expires
-1
InviteTriggers
api.iperceptions.com/ Frame
0
0
Preflight
General
Full URL
https://api.iperceptions.com/InviteTriggers
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.138.200.61 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
securitytoken
Origin
https://my.xfinity.com
User-Agent
phishfarmer
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache
pragma
no-cache
expires
-1
server
Microsoft-IIS/10.0
access-control-allow-origin
*
access-control-allow-headers
securitytoken
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Wed, 03 Nov 2021 11:31:32 GMT
content-length
0
IpEngine_v78.0.js
universal.iperceptions.com/core/
11 KB
4 KB
Script
General
Full URL
https://universal.iperceptions.com/core/IpEngine_v78.0.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 11:31:22 GMT
content-encoding
gzip
content-md5
ofN/a2/Vf6dAsat1lPzqnA==
age
68
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
access-control-allow-origin
*
last-modified
Mon, 22 Mar 2021 17:01:33 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
via
1.1 544049d1dc4d534822b40b9f9c7529db.cloudfront.net (CloudFront)
x-ms-request-id
0c7a7970-e01e-0040-35a9-cbd973000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
U1UdYUMWgQnSt-7b1ClL6B-rCmtrmF9D4eV1YNDVbMj84Z29y_5ijg==
22299_637693032682509108
sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/
147 KB
11 KB
Script
General
Full URL
https://sd.iperceptions.com/ius-359cd6b861125d638f6cea04ffb14739/22299_637693032682509108
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f600:18:ee0c:6e00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ECAcc (frc/8F7A) /
Resource Hash
5fdb2b4bd611a7aad7c1197dc86396f5feeacd1123acc51b6c8f0ef9d37af8be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 03 Nov 2021 11:19:55 GMT
content-encoding
gzip
content-md5
+bzsljhckFbFhf3KRYOv4A==
age
713
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
10188
x-ms-lease-status
unlocked
access-control-allow-origin
*
last-modified
Fri, 08 Oct 2021 15:21:08 GMT
server
ECAcc (frc/8F7A)
etag
0x8D98A6F40D7AE05
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3072267d18c4d0ed9e535752800364e0.cloudfront.net (CloudFront)
x-ms-request-id
ee4f1798-e01e-0097-5bb8-c7a646000000
cache-control
x-ms-blob-cache-control: public, max-age=900
x-ms-version
2009-09-19
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
x-amz-cf-id
WIEVFTFJz2XPgmSWC7LIwaa93oz8LTfBURwWK-vgYP0NUfKLWBrhEg==
harvest_22299.js
universal.iperceptions.com/harvest/
4 KB
2 KB
Script
General
Full URL
https://universal.iperceptions.com/harvest/harvest_22299.js
Requested by
Host: universal.iperceptions.com
URL: https://universal.iperceptions.com/wrapper.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8e00:8:e7ba:7440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7879f21d7d53bb16ef1ab30a7e6d3823482777ecdf86db4beca37ca74487d259

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 01 Nov 2021 03:29:04 GMT
content-encoding
gzip
content-md5
1pUI4YsQw8rhGZNGyRSvdw==
age
201747
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-ms-lease-status
unlocked
access-control-allow-origin
*
last-modified
Fri, 20 Sep 2019 17:46:11 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
vary
Accept-Encoding
content-type
application/javascript
via
1.1 544049d1dc4d534822b40b9f9c7529db.cloudfront.net (CloudFront)
x-ms-request-id
d55211fe-001e-0123-40d0-ced903000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=2592000
x-ms-version
2009-09-19
x-amz-cf-pop
FRA60-P4
x-amz-cf-id
lzVp74bXQzSEDP88J0s4ZM_4VX7U9yBadgzpZDdSWOSt1RtPEJkv_A==
ip.gif
post.iperceptions.com/
32 B
572 B
XHR
General
Full URL
https://post.iperceptions.com/ip.gif?sid=9a38213a-3a64-fbd0-1b9a-94929d4cdf8f&vid=a1a0bc15-8708-f120-621f-5abc92938abc&tkid=410f8076-db76-454d-bfc2-c724a5fc59b0&url=https%3A%2F%2Fmy.xfinity.com%2Fterms%2Fweb%2F&title=Xfinity%20%7C%20Terms%20of%20Service
Requested by
Host: static.cimcontent.net
URL: https://static.cimcontent.net/data-layer/datalayer-resi-slim.min.js?appID=resi_myxfn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ca00:15:bf9a:3f00:93a1 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://my.xfinity.com/
User-Agent
phishfarmer

Response headers

date
Wed, 03 Nov 2021 11:31:32 GMT
via
1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="IDC DSP COR ADMa DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cross-origin-resource-policy
cross-origin
content-length
32
last-modified
Mon, 06 Nov 2017 18:05:13 GMT
server
Apache
etag
"576fcca2957d31:0"
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
cOx4AEBNFInC8zGviM520pkvDMkpSXrR5t7naG1E73cK-FsXHdvorw==

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| SURF_N_PERF object| CIM boolean| trackingDebug object| digitalData object| Oauth object| __core-js_shared__ function| XapiLib function| Events object| CIMA object| hostParts string| cookieSubDomain string| cookieRootDomain function| $ function| jQuery object| async function| $Ostrich function| get_cache_response function| get_cache_count function| cleanup_zip function| format_date function| parse_user_response function| get_cached_response function| get_cached_count function| parse_response function| check_prefs_cache function| count_keys function| parse_prefs_response object| polaris object| $xfn function| _ object| CIM_browser object| CIM_cookie object| CIM_storage function| CityList object| sticky_thing object| dynamicReplacements object| Tracking function| LocationFinder function| moment string| f_ADTARGET_ZIP string| f_AM_CID boolean| f_ENABLE_ADTARGETING object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| Flickerlessly function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| DIL object| s function| AppMeasurement_Module_Integrate object| s_Integrate_DFA string| v object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| iperceptionskey object| dataLayer object| iPerceptions object| google_tag_manager object| google_tag_data object| s_3_Integrate_DFA_get_0 string| key object| throttlePromise number| throttleStatus object| s_i_comcastdotcomprod object| logParams object| ipDef function| initharvest boolean| result number| j object| trigger number| rate object| SEAC

33 Cookies

Domain/Path Name / Value
.my.xfinity.com/sso/oauth/iframe Name: offnet
Value: true
.my.xfinity.com/assets/channels Name: offnet
Value: true
.my.xfinity.com/terms/web Name: offnet
Value: true
.my.xfinity.com/assets Name: offnet
Value: true
oauth.xfinity.com/oauth/ Name: SESSION
Value: e9b0d9cf-5024-4e65-9b73-58a524ce0af8
.my.xfinity.com/ Name: userZip
Value:
.xfinity.com/ Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg
Value: 359503849%7CMCMID%7C37628063251496836255632528779663650597%7CMCAID%7CNONE%7CvVersion%7C5.0.1
.xfinity.com/ Name: mbox
Value: session#cb3b445e77124ce891def7a587b01651#1635940950
.xfinity.com/ Name: _gcl_au
Value: 1.1.1122158991.1635939089
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=50557ED2A4B0C3|segment=(uxf)"
.doubleclick.net/ Name: IDE
Value: AHWqTUl3AOHifxwOvY6d0RlW2IfiJz_kXv4B--FVFv3sTf6fG2teflbMrrSjLDDDMWo
.demdex.net/ Name: demdex
Value: 11001004921820474044526036897337162398
.dpm.demdex.net/ Name: dpm
Value: 11001004921820474044526036897337162398
.xfinity.com/ Name: PSC
Value: UCID=5f96364a-7913-4994-a8a6-23465fa03c59
.xfinity.com/ Name: SC
Value: RC.USID=a9044171-8ef5-4d0c-9a2f-e52653880951&VA=1025
www.xfinity.com/ Name: www-prd_wc
Value: LOBLFHEE
.xfinity.com/ Name: _abck
Value: CD55FA529A371DAE3C890B7933DA6A37~-1~YAAQ9LoQArrhxdl8AQAA+HuR5QY30E2rLpddM5mW6JOFUTup3HjWLJwTtZDD6irvUfOjQz2jMV+m+Qz44xmEXoc8WfXTXRai9QmiUIor9jZMvY/6nGNfbl43Zo5obyQr5FRJmUw0+kN/HdakurgRzu0psV4bwup9hqrnp6Rc4cIpBKm6cOLAu3nfUKBZm9MKt/Y9s+RF2MIAgGxfV9TSn3DfZOR9aC0KjUman0p/FqdfolHsPIRD5u2+of89zETpz6t9sOGLD2yCMZ4q4rrVxQs55rwhc8KWwxPw+1Xm++BYbebGZUZqvmEvp0VhMrAl6cjDG+/N6Rr6nkLf6bZieGie7aPLtwXmNQ4YCHhXqgUGHFs7K3SmPcmj~-1~-1~-1
.xfinity.com/ Name: bm_sz
Value: 689D69E1D6140FAE50665B13FBBA31E3~YAAQ9LoQArvhxdl8AQAA+HuR5Q2NfJj5WWuJhWFVjteT9/NY/rPCg+/O0Q/4OasQ+FXFu4YbcPXm4MBEZoEi3axaVHml868B7Unj9H9fIaFQ/qOwAe+joMINzvGcg6cik54Pzz393CwLDN57IRrvJeTf0mVFvCrT/TfzylyUAY8BwcqxTG1lKs0oL8VSHHRpuq8R6yEjEYl9IegmLcGfDzfxYAn1PoANHLYIqFqvbt818vDRaLR0LL6e0prxV5EUSVDuBz3cEh80WIZ8AfwLtESKSRAk2qXnsQYYHC1sVngms3mW~3354672~3160118
oauth.xfinity.com/ Name: BIGipServerp_loginxf-wcdc-ipv6_443
Value: !T2dtTqpsEJ8yvMiKyLJrj5P6dcteJXnHRDwB1WSAdGPP/QlLNIig5TseMlY1HAflQXvRFI24o45RPhc=
login.xfinity.com/ Name: bid
Value: WzBGp66GQ1mMteXv1sF3n6_Cl44
.xfinity.com/ Name: isAuth
Value: 0
.my.xfinity.com/ Name: ipa_failed
Value: 1
.my.xfinity.com/ Name: usp_v
Value: 1635939091705
.xfinity.com/ Name: s_pers
Value: %20s_dfa%3Dcomcastdotcomprod%7C1635940889103%3B%20stc18%3D%7C1635940891717%3B%20s_dslv%3D1635939091719%7C1730547091719%3B%20gpv_Page%3Dresi%257Cselfservice%257Cmyxfinity%257Clegal%257Cterms%253Aweb%7C1635940891721%3B
.xfinity.com/ Name: s_sess
Value: %20s_cc%3Dtrue%3B
.my.xfinity.com/ Name: aam_sc
Value: aamsc%3D8163787
.my.xfinity.com/ Name: fltk
Value: segID%3D2450016%2CsegID%3D6804930%2CsegID%3D6804829
.my.xfinity.com/ Name: aam_sitecore
Value: existing_customer%3Dtrue%2C1898505%3Dy%2C2450016%3Dy
my.xfinity.com/ Name: ipe_s
Value: 9a38213a-3a64-fbd0-1b9a-94929d4cdf8f
my.xfinity.com/ Name: ipe.22299.pageViewedCount
Value: 1
my.xfinity.com/ Name: ipe.22299.pageViewedDay
Value: 307
my.xfinity.com/ Name: ipe_22299_fov
Value: %7B%22numberOfVisits%22%3A1%2C%22sessionId%22%3A%229a38213a-3a64-fbd0-1b9a-94929d4cdf8f%22%2C%22expiry%22%3A%222021-12-03T11%3A31%3A32.340Z%22%2C%22lastVisit%22%3A%222021-11-03T11%3A31%3A32.340Z%22%7D
my.xfinity.com/ Name: ipe_v
Value: a1a0bc15-8708-f120-621f-5abc92938abc

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4053494.fls.doubleclick.net
adservice.google.com
api.iperceptions.com
assets.adobedtm.com
auth.xfinity.com
dpm.demdex.net
fls.doubleclick.net
login.xfinity.com
melee.sed.dh.comcast.net
metrics.xfinity.com
my.xfinity.com
oauth.xfinity.com
polaris.xfinity.com
post.iperceptions.com
sd.iperceptions.com
sdx.xfinity.com
servedby.flashtalking.com
static.cimcontent.net
universal.iperceptions.com
www.googletagmanager.com
www.xfinity.com
142.250.186.134
15.188.95.229
2001:558:fe02::2a
2001:558:fe14:3:68:87:29:197
209.197.3.19
2600:1f18:336:b300:ca1e:4102:aa2c:1d89
2600:9000:223c:ca00:15:bf9a:3f00:93a1
2600:9000:2250:f600:18:ee0c:6e00:93a1
2600:9000:225e:8e00:8:e7ba:7440:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:809::2008
2a02:26f0:6c00:2a6::1e80
2a02:26f0:6c00:2ae::2af2
2a02:26f0:6c00:2b2::30d4
2a02:26f0:6c00:2bb::1b62
2a02:26f0:6c00:2bd::1b62
2a02:26f0:6c00::210:bab1
52.138.200.61
52.210.137.30
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
185b0dde3b4401b5c9e5ed71d8a39dbb601fd06b2894dbf090752dd353104c04
1982e8cbe6846d3a9d033a9a755b2dc4e43c0006fbb1a17ae13937916f64507a
1bb96a240e2e4c2dfdf055d8ef9ad866a9a447ac4377241913e051838ff095f0
1f55a052b29d0f04d49b5724c064c6601cd77f553ad71f6a8abb50c9c216fc0f
240136ffc987721bc1563fcbe5b9ce20fd64418d87ef8a3e19af590c3e43a681
286f65bc79eb7fec2ddc2e26c91a4c1d222f90a6ff46e77a60c5d335554c0d11
3d658337681530c4bbeca6a59b71cf571ab24dbee929356e72b224522236ee89
41bfc95ff2b0b626ffe0397a00c0fce925d7689f3ea120acee25e71c5ee2808b
44f222333b4c6396b38f2e06dc73d385d243e2b36a30914fd10b6ddb4e831017
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4f6c8fe3d9d39c232c48874cb05e4b88fc313b703b4671333badf8c96ff9b130
5089bf7e3a332fdfc24435e0a09602ff7e306c4d877da091e7e65557dd458262
5fdb2b4bd611a7aad7c1197dc86396f5feeacd1123acc51b6c8f0ef9d37af8be
61d11073de2bebb34c236311ec9031f6a420c03f97192c122aa6e6b257ca7676
62850cd57f3872dffac95948a48ac1f40aeeee953f88c5e544ee0536d9fc6d38
63f3b6f4301ee30fbc15aa65fdc463e948cfa581930dda3ef38268aa5d466aa9
70dc97a60ab824c4b4f362341733bde439ac6bd7534d2b5b193fbd37d9413ea6
7879f21d7d53bb16ef1ab30a7e6d3823482777ecdf86db4beca37ca74487d259
7d0bae598799d3c42ca5d7d7c8a8b79b67de62afe2e9d3dcee258328e40f39eb
7fda360d9cf785dc6421a44bff9d84e0e8ddbd3eb003b2d0acd6439b0e1d7d05
816f0c1e7d06fa3c17fee7bffeb51d87485df627dde9a00e6535c8a667dcfd97
81aedb8b8a300c346eeae360f6cc9de22c93e79e95e7255c73a1ec687468d2fd
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
962d83de183651c6c15d9dce622d311455a9e6bd8cf09dd1cbf9ec3a3892a1ab
a54b5f20ec8296ccaba7cf30da4f87d32c45190a5e2337d7d636796b3cb1d276
a64f8cd8a2a5e1b06f0bc0b766f0264ccc5fac0b40ccdd18dad780c6db370aa6
c7affb9d47b42dd36ced3ce81637c6e0a4db02f8c6f8b47fce040d991cc13515
cb0ad0ac8ef6706549db405ac195086a5165b057a66fdcf0ca914f4457db1bf5
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e37c20f26af4b3ee4798d520759362c4e530c9d436848dc72c10cfbd89615fce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629