www.americanburnoutchallenge.com
Open in
urlscan Pro
107.180.48.113
Malicious Activity!
Public Scan
URL:
http://www.americanburnoutchallenge.com/dlc/@@@@@@@@@@@/4638234986/info.php?ip=188.166.98.249
Submission: On November 04 via automatic, source openphish
Submission: On November 04 via automatic, source openphish
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 9 HTTP transactions.
The main IP is 107.180.48.113, located in
Scottsdale, United States and
belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US.
The main domain is www.americanburnoutchallenge.com.
This is the only time www.americanburnoutchallenge.com was scanned on urlscan.io!
This is the only time www.americanburnoutchallenge.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Xfinity (Consumer)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 4 | 107.180.48.113 107.180.48.113 | 26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com) | |
| 5 | 2a02:26f0:f1:... 2a02:26f0:f1:181::30d4 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 9 | 3 |
4
107.180.48.113
(Scottsdale, United States)
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-48-113.ip.secureserver.net
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-48-113.ip.secureserver.net
| www.americanburnoutchallenge.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 5 |
cimcontent.net
static.cimcontent.net |
146 KB |
| 4 |
americanburnoutchallenge.com
www.americanburnoutchallenge.com |
63 KB |
| 9 | 2 |
| Domain | Requested by | |
|---|---|---|
| 5 | static.cimcontent.net | |
| 4 | www.americanburnoutchallenge.com |
www.americanburnoutchallenge.com
|
| 9 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| my.xfinity.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| static.cimcontent.net COMODO RSA Organization Validation Secure Server CA |
2018-04-18 - 2020-04-17 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://www.americanburnoutchallenge.com/dlc/@@@@@@@@@@@/4638234986/info.php?ip=188.166.98.249
Frame ID: 19B9F2708A0B5D720E7D5F3540FDC9B5
Requests: 12 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
URL: https://my.xfinity.com/?cid=cust
Title: Cancel
Title: Cancel
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
info.php
www.americanburnoutchallenge.com/dlc/@@@@@@@@@@@/4638234986/ |
36 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bb.css
www.americanburnoutchallenge.com/dlc/@@@@@@@@@@@/4638234986/css/ |
54 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
lb.css
www.americanburnoutchallenge.com/dlc/@@@@@@@@@@@/4638234986/css/ |
114 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
www.americanburnoutchallenge.com/dlc/@@@@@@@@@@@/4638234986/css/ |
141 KB 29 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ |
26 KB 26 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
194 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
803 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
935 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
XfinityStandard-Light.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ |
27 KB 27 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
XfinityStandard-Medium.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ |
27 KB 27 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
XfinityStandard-ExtraLight.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ |
32 KB 33 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET S |
XfinityStandard-Thin.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ |
32 KB 33 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Xfinity (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
static.cimcontent.net
www.americanburnoutchallenge.com
107.180.48.113
2a02:26f0:f1:181::30d4
0a468887e9dc29ce2f7bf7d335c9bfaab005f7807b368ec979bccf4d34611a8e
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
33334f9570433022429c5bf482204947d8526638535fbde7acee35bd09dfbb79
44f222333b4c6396b38f2e06dc73d385d243e2b36a30914fd10b6ddb4e831017
4899118bfe9747b3f6a5867c4140260a52bcfe9811c12627bb7cec78a5735ee2
791bc5cafc55ed34b4f495fc9481d2ec756aea1531487ad1eb0e3c2f5c94b1de
8107d336fd1e5fee55e5a439af3165b98a39d84e25a0d55af1179d8e1b7b19ea
91f0da852553a448e2f024298c87464b3ec8d3bd7745a38107dc2c31f3f2d11a
9fa9a5dd7702d14574417221a210b07c55bea87995796e1ac175864254bc0b16
fa109f973d00415f6d033a7184f1ab83d9c6ca6ca884e72fd6354e67b36eed3e
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a