login.xn--xfnity-4va.net Open in urlscan Pro Puny
login.xfínity.net IDN
3.10.141.13 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://login.xn--xfnity-4va.net/
Effective URL:
https://login.xn--xfnity-4va.net/login/index.php
Submission: On July 15 via automatic, source certstream-suspicious (July 15th 2022, 11:15:42 am UTC) — Scanned from GB

Summary HTTP 35 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 9 IPs in 4 countries across 6 domains to perform 35 HTTP transactions. The main IP is 3.10.141.13, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is login.xn--xfnity-4va.net.
TLS certificate: Issued by R3 on July 15th 2022. Valid for: 3 months.

This is the only time login.xn--xfnity-4va.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 15	3.10.141.13 3.10.141.13	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:ef:... 2a02:26f0:ef::5f65:4ddc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::30d4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	2a02:26f0:ef:... 2a02:26f0:ef:2ad::2c06	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	3.251.27.103 3.251.27.103	16509 (AMAZON-02) (AMAZON-02)
3	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.30.173.1 52.30.173.1	16509 (AMAZON-02) (AMAZON-02)
1	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
35	9

15 3.10.141.13 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com

login.xn--xfnity-4va.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5f65:4ddc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

login.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b2::30d4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

static.cimcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:26f0:ef:2ad::2c06 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dl.cws.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.251.27.103 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-251-27-103.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.173.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-173-1.eu-west-1.compute.amazonaws.com

comcast.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

comcastcom.d1.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	xn--xfnity-4va.net 1 redirects login.xn--xfnity-4va.net	318 KB
13	xfinity.com login.xfinity.com — Cisco Umbrella Rank: 20006 dl.cws.xfinity.com — Cisco Umbrella Rank: 27454	4 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 432	23 KB
2	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 213 comcast.demdex.net — Cisco Umbrella Rank: 3778	5 KB
2	cimcontent.net static.cimcontent.net — Cisco Umbrella Rank: 21368	59 KB
1	omtrdc.net comcastcom.d1.sc.omtrdc.net — Cisco Umbrella Rank: 59906	324 B
35	6

	Domain	Requested by
15	login.xn--xfnity-4va.net	1 redirects login.xn--xfnity-4va.net
12	dl.cws.xfinity.com	login.xn--xfnity-4va.net
3	assets.adobedtm.com	login.xn--xfnity-4va.net
2	static.cimcontent.net	login.xn--xfnity-4va.net
1	comcastcom.d1.sc.omtrdc.net	login.xn--xfnity-4va.net
1	comcast.demdex.net	login.xn--xfnity-4va.net
1	dpm.demdex.net	login.xn--xfnity-4va.net
1	login.xfinity.com	login.xn--xfnity-4va.net
35	8

This site contains links to these domains. Also see Links.

Domain
idm.xfinity.com
my.xfinity.com
xfinity.comcast.net
login.xfinity.com
www.xfinity.com
www.comcast.net
www.surveymonkey.com

Subject Issuer	Validity	Valid
login.xn--xfnity-4va.net R3	`2022-07-15` - `2022-10-13`	3 months	crt.sh
login.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2021-11-17` - `2022-11-17`	a year	crt.sh
static.cimcontent.net COMODO RSA Organization Validation Secure Server CA	`2022-04-06` - `2023-04-06`	a year	crt.sh
*.cws.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2022-04-21` - `2023-04-21`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-10` - `2022-09-10`	a year	crt.sh
*.d1.sc.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://login.xn--xfnity-4va.net/login/index.php
Frame ID: 2B842B353E14B9288FD3832333EED1AD
Requests: 29 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: 6898907010D6D3DBD2AA91C7426B9B8D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to Xfinity

Page URL History Show full URLs

https://login.xn--xfnity-4va.net/ HTTP 302
https://login.xn--xfnity-4va.net/login/index.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

35
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

9
IPs

4
Countries

409 kB
Transfer

913 kB
Size

6
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://idm.xfinity.com/myaccount/reset?continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26reqId%3D78dcb519-48ef-427d-8ff4-0340ae1cbe39%26r%3Dcomcast.net%26s%3Dportal%26deviceAuthn%3Dfalse%26continue%3Dhttp%253A%252F%252Fxfinity.comcast.net%252F%26forceAuthn%3D0%26lang%3Den%26rm%3D2&lang=en&ruid=aDS
Title: Forgot password?

Search URL Search Domain Scan URL

URL: http://my.xfinity.com/terms/web/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://xfinity.comcast.net/privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://login.xfinity.com/logout?s=portal&r=comcast.net&continue=https%3A%2F%2Flogin.xfinity.com%2Flogin%3FselectAccount%3Dfalse%26ipAddrAuthn%3Dfalse%26passive%3Dfalse%26reqId%3D78dcb519-48ef-427d-8ff4-0340ae1cbe39%26r%3Dcomcast.net%26s%3Dportal%26deviceAuthn%3Dfalse%26continue%3Dhttp%253A%252F%252Fxfinity.comcast.net%252F%26forceAuthn%3D0%26lang%3Den%26rm%3D2
Title: Sign in as someone else

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/privacy/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.comcast.net/adinformation
Title: Ad Info

Search URL Search Domain Scan URL

URL: https://www.surveymonkey.com/s.aspx?sm=FyNNVDhj_2f2FNc2KVOHQ4eg_3d_3d
Title: Ad Feedback

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/privacy/manage-preference
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://login.xn--xfnity-4va.net/ HTTP 302
https://login.xn--xfnity-4va.net/login/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.php Show response
login.xn--xfnity-4va.net/login/
Redirect Chain

https://login.xn--xfnity-4va.net/
https://login.xn--xfnity-4va.net/login/index.php

107 KB
16 KB

52ms
52ms

Document
text/html

3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.30 PleskLin
Resource Hash: 9ad4e29fdcd3b1bfe7e03bc27835318ae9c5910be80fc43a8138e71af05226ff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 16070
content-type: text/html; charset=UTF-8
date: Fri, 15 Jul 2022 11:15:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.30 PleskLin

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 15 Jul 2022 11:15:36 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /login/index.php
pragma: no-cache
server: nginx
x-powered-by: PHP/7.4.30 PleskLin

GET
H2 200 s09701756459148.js Show response
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 4 KB
1 KB 62ms
61ms Script
application/javascript 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/s09701756459148.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 4c8bc7bf9717b83c9f47cda9138658bb62ebb6b9266b540ea703b2d13d25eba8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/login/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
etag: W/"62649536-ecf"
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 comcast-common.js Show response
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 245 KB
126 KB 84ms
84ms Script
application/javascript 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/comcast-common.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 9fa3001e3162876988c148dfd40cae4b4d55e21e626fa4a7f7b1a5e8e47afc59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/login/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
etag: W/"62649536-3d5ca"
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 prism-ui-4440d1d.css
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 28 KB
4 KB 61ms
60ms Stylesheet
text/css 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/prism-ui-4440d1d.css
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 7732b415e9d948d679fcb57761cf02030eae505a4645824a837e67ff9454caa5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/login/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
etag: W/"62649536-6ea4"
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 bundle-4440d1d.css
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 26 KB
5 KB 55ms
55ms Stylesheet
text/css 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/bundle-4440d1d.css
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: a42f8ba03c7f801ad55f543f32e072b40bbcbff336c9101ef137387cf5a91323

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/login/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
etag: W/"62649536-68a7"
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 prism-ui.js Show response
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 9 KB
3 KB 109ms
109ms Script
application/javascript 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/prism-ui.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 0f9db66abfaa8e348c55765cc3ac7de9c76722235027200c3e3564eba67329e2

Request headers

Referer: https://login.xn--xfnity-4va.net/login/index.php
Origin: https://login.xn--xfnity-4va.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
etag: W/"62649536-22db"
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 AppMeasurement.js Show response
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 33 KB
12 KB 52ms
52ms Script
application/javascript 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/AppMeasurement.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/login/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
etag: W/"62649536-82b6"
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 AppMeasurement_Module_ActivityMap.js Show response
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 3 KB
2 KB 50ms
50ms Script
application/javascript 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/AppMeasurement_Module_ActivityMap.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/login/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
etag: W/"62649536-ce7"
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 AppMeasurement_Module_AudienceManagement.js Show response
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 25 KB
8 KB 54ms
53ms Script
application/javascript 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/AppMeasurement_Module_AudienceManagement.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/login/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
etag: W/"62649536-621b"
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 bundle-4440d1d.js Show response
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 3 KB
1 KB 50ms
49ms Script
application/javascript 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/bundle-4440d1d.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: caef883aac625912cf3b6c9cbe53f8633d85660356e0f2a6d374a12586c199b6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/login/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
etag: W/"62649536-cf9"
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 launch-46f715e51bac.js Show response
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 219 KB
59 KB 109ms
108ms Script
application/javascript 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/launch-46f715e51bac.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: e0659d5a63813e1e9c58bedbfaef5a15b4986c8f0b65a6334eeb928f094d6d6b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/login/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
etag: W/"62649536-36a70"
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 a Show response
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 81 KB
82 KB 109ms
109ms Script
application/octet-stream 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/a
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx / PleskLin
Resource Hash: 5edeef250247d74c873699ad768248976f9155485f63a043d16887e419a71202

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/login/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
last-modified: Sun, 24 Apr 2022 00:09:26 GMT
server: nginx
x-powered-by: PleskLin
etag: "62649536-14571"
content-type: application/octet-stream
accept-ranges: bytes
content-length: 83313

GET
H2 200 xfinity-logo-grey.svg
login.xfinity.com//static/images/global/ 939 B
771 B 1150ms
599ms Image
image/svg+xml 2a02:26f0:ef::5f65:4ddc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.xfinity.com//static/images/global/xfinity-logo-grey.svg

Requested by

Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:ef::5f65:4ddc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

15334e1a1a24d9f0f0a3daaedc6f438e3bdd6ef11d7fefb7d37e3208094c7089

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=63072000; includeSubDomains;
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 20:04:15 GMT
server: Apache
date: Fri, 15 Jul 2022 11:15:37 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 539
expires: Fri, 15 Jul 2022 11:15:37 GMT

GET
H2 200 dmsans-regular.woff2
static.cimcontent.net/common-web-assets/fonts/dm-sans/ 29 KB
30 KB 601ms
55ms Font
binary/octet-stream 2a02:26f0:6c00:2b2::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/common-web-assets/fonts/dm-sans/dmsans-regular.woff2
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/prism-ui-4440d1d.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40aefc09f33205666c2c42f20d54285147ae9434ef5f8018481950fd67ddcb68

Request headers

Referer: https://login.xn--xfnity-4va.net/
Origin: https://login.xn--xfnity-4va.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: GkqzN0jRZwlG3tiAqTt8UWrj_xYnyr1Z
last-modified: Wed, 01 Sep 2021 16:24:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
etag: "b9d5e5cad821648da76e2fedb6c6a680"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 15 Jul 2022 11:15:37 GMT
accept-ranges: bytes
content-length: 29920
x-amz-cf-id: mCc7VzTehKOF7h3h0xaN2WrxapkRPxR8-UnDJZMG8OiYTyqr5zho3g==

GET
H2 200 dmsans-medium.woff2
static.cimcontent.net/common-web-assets/fonts/dm-sans/ 29 KB
30 KB 657ms
118ms Font
binary/octet-stream 2a02:26f0:6c00:2b2::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/common-web-assets/fonts/dm-sans/dmsans-medium.woff2
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/prism-ui-4440d1d.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da319dcae9d21873bf2ad8b146767e023772a8f0a4fd7446156b3d61b9c83098

Request headers

Referer: https://login.xn--xfnity-4va.net/
Origin: https://login.xn--xfnity-4va.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id: 4PsddOg8bLvjHdiYBm2tGDXlNVaJeelo
last-modified: Wed, 01 Sep 2021 16:24:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
etag: "935dd4c230fc4105c9c5bca40e99f815"
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
date: Fri, 15 Jul 2022 11:15:37 GMT
accept-ranges: bytes
content-length: 29896
x-amz-cf-id: VZ9kiAUOWelfK1Eq6YeIvuMp9Z7AbFDPzdWJZeXSq54NGfH26R2OuA==

GET
H2 404 p-99cab0bb.js
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 0
0 54ms
54ms Script
text/html 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/p-99cab0bb.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/prism-ui.js
Origin: https://login.xn--xfnity-4va.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
last-modified: Sat, 02 Jul 2022 06:38:53 GMT
server: nginx
etag: W/"328-5e2ccc19d2309"
content-type: text/html

GET
H2 404 p-99abaaf3.js
login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/ 0
0 51ms
50ms Script
text/html 3.10.141.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/p-99abaaf3.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.10.141.13 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-141-13.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/prism-ui.js
Origin: https://login.xn--xfnity-4va.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: br
last-modified: Sat, 02 Jul 2022 06:38:53 GMT
server: nginx
etag: W/"328-5e2ccc19d2309"
content-type: text/html

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 1344ms
843ms Preflight
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://login.xn--xfnity-4va.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 15 Jul 2022 11:15:38 GMT
x-amz-apigw-id: VTjeFGwwoAMF_yA=
x-amz-cf-id: anL_qMiOVTnoixYae3X4HxTmyeL9k_x-T-IHwTU-fPHHSnUGJB9bXA==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 35d3e1cd-b1c5-478c-b9ae-63e9f971bbf8

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 1339ms
841ms Preflight
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://login.xn--xfnity-4va.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 15 Jul 2022 11:15:38 GMT
x-amz-apigw-id: VTjeFEKEoAMFljA=
x-amz-cf-id: m6Sku2fZVqGQi2MqttbtsQd66ynCsH8OJUJYJdSkO51EMz-AEmLwrw==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 598bb3f7-aa0e-4f0a-a429-1f81f25afe7f

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 3 KB
2 KB 234ms
59ms XHR
application/json 3.251.27.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1657883736708

Requested by

Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/comcast-common.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.251.27.103 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-251-27-103.eu-west-1.compute.amazonaws.com

Software

Resource Hash

75cc7dcf9cc6834214dfbc55665389f36777adb7d550307cbdf2cb41214056f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.xn--xfnity-4va.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v036-0dc9acda5.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 38chCSk6QTU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://login.xn--xfnity-4va.net
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1143
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 33 KB
12 KB 230ms
54ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/launch-46f715e51bac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login.xn--xfnity-4va.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12184
expires: Fri, 15 Jul 2022 12:15:36 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 3 KB
2 KB 234ms
58ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/launch-46f715e51bac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:52 GMT
server: AkamaiNetStorage
etag: "5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login.xn--xfnity-4va.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Fri, 15 Jul 2022 12:15:36 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 25 KB
9 KB 235ms
59ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/launch-46f715e51bac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://login.xn--xfnity-4va.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 15 Jul 2022 11:15:36 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 22:09:53 GMT
server: AkamaiNetStorage
etag: "c8afb92bc0d997ba5b673367e69b9ff1:1597270193.156081"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://login.xn--xfnity-4va.net
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8762
expires: Fri, 15 Jul 2022 12:15:36 GMT

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
489 B 223ms
222ms XHR
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f8a0385b6292e1df13c2bed6e2a009e711459a9e4db77c01c10c483d2ca6d8e7

Request headers

Referer: https://login.xn--xfnity-4va.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 15 Jul 2022 11:15:38 GMT
x-amz-cf-pop: FRA2-C1
x-amz-apigw-id: VTjeIEOyIAMF3AA=
x-amzn-requestid: c160d6eb-99ad-488d-ace5-61951e065494
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62d14c5a-23f28517734510800eeb95b5
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: MzhAymb87arPKfpNjW7kn_QBoBFwvq6sw_I3swHpgYMN0P0ICl-RRA==

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
489 B 173ms
172ms XHR
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 2aaae2d0d87df717ec0d34605e41dd140386f5856267fc76fc756b6f19bdb4a1

Request headers

Referer: https://login.xn--xfnity-4va.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 15 Jul 2022 11:15:38 GMT
x-amz-cf-pop: FRA2-C1
x-amz-apigw-id: VTjeHGY-IAMFhjw=
x-amzn-requestid: 513cee30-1e76-46d7-9a78-5bdc3f486087
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62d14c5a-5431a2bd0e760e420fda7465
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: EuyCjocVAGXYjaIE3jq-byBo1x9FhOHacgF1D-GGpVHCbHZcdlKf1Q==

GET
H/1.1 200
OK dest5.html Show response
comcast.demdex.net/ Frame 6898 7 KB
3 KB 234ms
55ms Document
text/html 52.30.173.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcast.demdex.net/dest5.html?d_nsid=0

Requested by

Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/index.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.173.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-173-1.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://login.xn--xfnity-4va.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v036-032efc0e8.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 0V23Y1SfS5w=
content-encoding: gzip
date: Fri, 15 Jul 2022 11:15:36 GMT
last-modified: Thu, 30 Jun 2022 15:43:27 GMT
vary: accept-encoding

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
488 B 364ms
364ms XHR
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3c7f05cb58cebdf8d86c9def6eac5bd183bcf059054ccc6ef72270df8aa9bb19

Request headers

Referer: https://login.xn--xfnity-4va.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 15 Jul 2022 11:15:38 GMT
x-amz-cf-pop: FRA2-C1
x-amz-apigw-id: VTjeHFuhoAMFnrA=
x-amzn-requestid: 853e6668-3bf9-4de9-a217-af7b57eca19d
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62d14c5a-4625742a11d7a1c65037cd70
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: QRuW7-ffpudhxtKXYFmD0BlS2hEE9nBkGqEX0nDWQtu65EdaK2aZyw==

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 1152ms
665ms Preflight
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://login.xn--xfnity-4va.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 15 Jul 2022 11:15:37 GMT
x-amz-apigw-id: VTjeEGWnIAMFg9g=
x-amz-cf-id: V6sLZlxirNedfXm7hvKbTro5vvk-ccIkuccHGllV3Ta-noyoPO65UQ==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: b8cbf726-e5a5-4100-81df-99b9c9871f98

GET
DATA 200
OK truncated
/ 89 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 id Show response
comcastcom.d1.sc.omtrdc.net/ 2 B
324 B 166ms
53ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=5.2.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=77297227557616007944259368720084064807&ts=1657883736950

Requested by

Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/comcast-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://login.xn--xfnity-4va.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 15 Jul 2022 11:15:37 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-69c8d8cc76-t6gqr
vary: Origin
x-c: main-1661.I2f39db.M0-585
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://login.xn--xfnity-4va.net
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 353ms
353ms Preflight
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://login.xn--xfnity-4va.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 15 Jul 2022 11:15:38 GMT
x-amz-apigw-id: VTjeHGs8IAMFWww=
x-amz-cf-id: WNCFRvg2xGNRo5rEASI56DIMZk0_R7eFHSLwBGfMVamzAbKXDwyTKg==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: f4d34ae5-20e6-4368-b776-7ad8019d2492

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 154ms
154ms Preflight
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://login.xn--xfnity-4va.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 15 Jul 2022 11:15:37 GMT
x-amz-apigw-id: VTjeFEXloAMFkKw=
x-amz-cf-id: 7Tus3CrqZJ0zpJ1Uuh09NI_FDxtb5IljDKbCYjzCHGM-b0RpGFUyHA==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: a993e015-94ef-4163-8d66-c8570b5fa64a

OPTIONS
H2 200 /
dl.cws.xfinity.com/event/ Frame 0
0 166ms
166ms Preflight
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://login.xn--xfnity-4va.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: HEAD,OPTIONS,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 15 Jul 2022 11:15:37 GMT
x-amz-apigw-id: VTjeFHhdoAMFh1g=
x-amz-cf-id: khBzQWz5WVx9M28H36ap2a94rLPVM44t9HDFK5ZXmcnMpN58dNTq4Q==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: e1970b4f-1aa3-479f-a08b-5d5e70393082

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
487 B 347ms
347ms XHR
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b0a274bedf3f0fd359c35dce5834954b0558e693ab498bd698f4f77ba988d66b

Request headers

Referer: https://login.xn--xfnity-4va.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 15 Jul 2022 11:15:38 GMT
x-amz-cf-pop: FRA2-C1
x-amz-apigw-id: VTjeKHNfIAMFcAg=
x-amzn-requestid: 21580e57-936f-40a6-9a4c-289c13074b1a
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62d14c5a-2ebbd6111c584ffa17c08da1
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: 4Lnq_tYl1f1mVdIa22Nom4wFERnnFj0FmogpwzGAmmO7IP7KCf61gQ==

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
490 B 165ms
164ms XHR
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: de4aba581a034e2a4a868b62024431ff708a68d5b06fdb3664261db1a48cb5fd

Request headers

Referer: https://login.xn--xfnity-4va.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 15 Jul 2022 11:15:38 GMT
x-amz-cf-pop: FRA2-C1
x-amz-apigw-id: VTjeGG7-IAMF6gg=
x-amzn-requestid: ae1b9a38-8086-4ad5-8190-faef3dcfedb0
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62d14c5a-73125c4629597064534ed62a
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: pyFHXLtC0YGVjnAeHVVEaU3p0o1zS4MVkTDhWKadPzX2xvTZ8l7SCA==

PUT
H2 200 / Show response
dl.cws.xfinity.com/event/ 110 B
490 B 344ms
344ms XHR
application/json 2a02:26f0:ef:2ad::2c06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.cws.xfinity.com/event/
Requested by: Host: login.xn--xfnity-4va.net
URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/comcast-common.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef:2ad::2c06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 55975a1a57307fc7a3149203c579aaafa32cd248b56a8cde93cf0dc4cc199a10

Request headers

Referer: https://login.xn--xfnity-4va.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 15 Jul 2022 11:15:38 GMT
x-amz-cf-pop: FRA2-C1
x-amz-apigw-id: VTjeIG5yoAMFjSw=
x-amzn-requestid: e68fb123-ff2c-4f29-a9ed-2748db9aa38f
access-control-max-age: 86400
access-control-allow-methods: GET,POST,PUT,HEAD
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62d14c5a-4f0729d27c64bd772502ab39
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 110
x-amz-cf-id: D867unDwjw66gyWOgYgtuzYdtt1Y0PBP-TLMUaE7qqpuZdT4niQfhQ==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
login.xn--xfnity-4va.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: i76k6g75uq3uofkg7smio58mjk
.demdex.net/	1970-01-20 08:50:35	Name: demdex Value: 77143898206131501414275648908943713920
.xn--xfnity-4va.net/	1969-12-31 23:59:59	Name: AMCVS_DA11332E5321D0550A490D45%40AdobeOrg Value: 1
.xn--xfnity-4va.net/	1970-01-20 22:04:02	Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19189%7CMCMID%7C77297227557616007944259368720084064807%7CMCAAMLH-1658488536%7C6%7CMCAAMB-1658488536%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1657890937s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.2.0
.xn--xfnity-4va.net/	1970-01-21 06:48:11	Name: s_pers Value: %20s_dfa%3D%7C1657885537055%3B%20s_dslv%3D1657883737950%7C1752491737950%3B
.xn--xfnity-4va.net/	1970-01-20 04:31:25	Name: gpv_Page Value: resi%7Cselfservice%7Clogin%7Cstepped-out%7Center%20password

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/p-99abaaf3.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://login.xn--xfnity-4va.net/login/Sign%20in%20to%20Xfinity_files/p-99cab0bb.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://comcast.demdex.net/dest5.html?d_nsid=0(Line 12) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://login.xfinity.com') does not match the recipient window's origin ('https://login.xn--xfnity-4va.net').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
comcast.demdex.net
comcastcom.d1.sc.omtrdc.net
dl.cws.xfinity.com
dpm.demdex.net
login.xfinity.com
login.xn--xfnity-4va.net
static.cimcontent.net
15.188.95.229
2a02:26f0:3500:587::1e80
2a02:26f0:6c00:2b2::30d4
2a02:26f0:ef:2ad::2c06
2a02:26f0:ef::5f65:4ddc
3.10.141.13
3.251.27.103
52.30.173.1
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0f9db66abfaa8e348c55765cc3ac7de9c76722235027200c3e3564eba67329e2
15334e1a1a24d9f0f0a3daaedc6f438e3bdd6ef11d7fefb7d37e3208094c7089
2aaae2d0d87df717ec0d34605e41dd140386f5856267fc76fc756b6f19bdb4a1
3c7f05cb58cebdf8d86c9def6eac5bd183bcf059054ccc6ef72270df8aa9bb19
40aefc09f33205666c2c42f20d54285147ae9434ef5f8018481950fd67ddcb68
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4c8bc7bf9717b83c9f47cda9138658bb62ebb6b9266b540ea703b2d13d25eba8
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
55975a1a57307fc7a3149203c579aaafa32cd248b56a8cde93cf0dc4cc199a10
5edeef250247d74c873699ad768248976f9155485f63a043d16887e419a71202
75cc7dcf9cc6834214dfbc55665389f36777adb7d550307cbdf2cb41214056f9
7732b415e9d948d679fcb57761cf02030eae505a4645824a837e67ff9454caa5
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
9ad4e29fdcd3b1bfe7e03bc27835318ae9c5910be80fc43a8138e71af05226ff
9fa3001e3162876988c148dfd40cae4b4d55e21e626fa4a7f7b1a5e8e47afc59
a42f8ba03c7f801ad55f543f32e072b40bbcbff336c9101ef137387cf5a91323
b0a274bedf3f0fd359c35dce5834954b0558e693ab498bd698f4f77ba988d66b
caef883aac625912cf3b6c9cbe53f8633d85660356e0f2a6d374a12586c199b6
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
da319dcae9d21873bf2ad8b146767e023772a8f0a4fd7446156b3d61b9c83098
de4aba581a034e2a4a868b62024431ff708a68d5b06fdb3664261db1a48cb5fd
e0659d5a63813e1e9c58bedbfaef5a15b4986c8f0b65a6334eeb928f094d6d6b
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
f8a0385b6292e1df13c2bed6e2a009e711459a9e4db77c01c10c483d2ca6d8e7

login.xn--xfnity-4va.net Open in urlscan Pro Puny login.xfínity.net IDN 3.10.141.13 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

100 %HTTPS

50 %IPv6

6 Domains

8 Subdomains

9 IPs

4 Countries

409 kBTransfer

913 kBSize

6 Cookies

8 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.xn--xfnity-4va.net Open in urlscan Pro Puny
login.xfínity.net IDN
3.10.141.13 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

8
Subdomains

9
IPs

4
Countries

409 kB
Transfer

913 kB
Size

6
Cookies

35 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!