bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link Open in urlscan Pro
2602:fea2:2::1  Malicious Activity! Public Scan

Submitted URL: http://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Effective URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Submission: On February 03 via automatic, source openphish — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 9 HTTP transactions. The main IP is 2602:fea2:2::1, located in United States and belongs to PROTOCOL, US. The main domain is bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link.
TLS certificate: Issued by R3 on November 20th 2023. Valid for: 3 months.
This is the only time bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 2602:fea2:2::1 40680 (PROTOCOL)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a02:26f0:310... 20940 (AKAMAI-ASN1)
9 5
Apex Domain
Subdomains
Transfer
4 cimcontent.net
static.cimcontent.net — Cisco Umbrella Rank: 29703
173 KB
2 xfinity.com
login.xfinity.com — Cisco Umbrella Rank: 28653
2 dweb.link
bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
235 KB
1 comcast.com
cdn.comcast.com — Cisco Umbrella Rank: 36758
9 KB
9 4
Domain Requested by
4 static.cimcontent.net bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
cdn.comcast.com
2 login.xfinity.com bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
2 bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
1 cdn.comcast.com bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
9 4

This site contains no links.

Subject Issuer Validity Valid
dweb.link
R3
2023-11-20 -
2024-02-18
3 months crt.sh
login.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2023-10-18 -
2024-10-17
a year crt.sh
xapi.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2023-11-15 -
2024-11-14
a year crt.sh
static.cimcontent.net
COMODO RSA Organization Validation Secure Server CA
2023-03-30 -
2024-03-29
a year crt.sh

This page contains 1 frames:

Primary Page: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Frame ID: 3C04954CC1A373E9F2A9288253A02962
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Sign in to Xfinity

Page URL History Show full URLs

  1. http://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix HTTP 307
    https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix Page URL

Page Statistics

9
Requests

100 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

418 kB
Transfer

1028 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix HTTP 307
    https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request infinix
bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/
Redirect Chain
  • http://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
  • https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
593 KB
235 KB
Document
General
Full URL
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
0a94fc7dd2537dcee801fc5e6b31981ea892c6d0b105287d486671f37b0ce49e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type Range User-Agent X-Requested-With
access-control-allow-methods
GET HEAD OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
cache-control
public, max-age=29030400, immutable
content-encoding
br
content-type
text/html
date
Sat, 03 Feb 2024 13:14:19 GMT
etag
"QmVt5rhgo8txLCGq5361dRZzNzHnvnai5HUH2BhCrZrrWZ"
server
openresty
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
x-ipfs-lb-pop
gateway-bank2-fr2
x-ipfs-path
/ipfs/bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i/infinix
x-ipfs-pop
ipfs-bank5-fr2
x-ipfs-roots
bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i,QmVt5rhgo8txLCGq5361dRZzNzHnvnai5HUH2BhCrZrrWZ
x-proxy-cache
MISS

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Non-Authoritative-Reason
HSTS
prism-ui-cebc627.css
login.xfinity.com/static/resi/dist/prism-ui/
0
0
Stylesheet
General
Full URL
https://login.xfinity.com/static/resi/dist/prism-ui/prism-ui-cebc627.css
Requested by
Host: bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:1b::1724:a397 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

bundle-cebc627.css
login.xfinity.com/static/resi/dist/
0
0
Stylesheet
General
Full URL
https://login.xfinity.com/static/resi/dist/bundle-cebc627.css
Requested by
Host: bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:1b::1724:a397 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

cookie-consent.css
cdn.comcast.com/cmp/css/
55 KB
9 KB
Stylesheet
General
Full URL
https://cdn.comcast.com/cmp/css/cookie-consent.css
Requested by
Host: bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:590::2af2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ed3e6f6e4fd2a9cf28cf725c7eda293f69c67f5740a79dc58eca9ac914d18b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 13:14:19 GMT
content-encoding
br
last-modified
Wed, 31 Jan 2024 22:07:43 GMT
etag
"df713a0426607730a983610ffcc7f6ec:1692019053.597296"
content-type
text/css
cache-control
max-age=2364818
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
8936
expires
Fri, 01 Mar 2024 22:07:57 GMT
truncated
/
75 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f76b4202a5a66eaba4bd9a372bb302287dab1f7b897a141a9f0bb9a10b1018d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
132 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbdc913afccda63f7888675987f5bd3f341e71ca311f4999e1e557d1ad7d2cda

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/jpeg
xfinity-logo-grey.svg
bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/static/images/global/
217 B
217 B
Image
General
Full URL
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/static/images/global/xfinity-logo-grey.svg
Requested by
Host: bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fea2:2::1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
openresty /
Resource Hash
7707cb229c673c8a3c48af4f046ae0e66b8140fe8dc46500056eb15955f46f9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Sat, 03 Feb 2024 13:14:19 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
122
x-ipfs-pop
ipfs-bank5-fr2
server
openresty
x-ipfs-lb-pop
gateway-bank2-fr2
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-ipfs-path
/ipfs/bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i/static/images/global/xfinity-logo-grey.svg
timing-allow-origin
*
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
dmsans-medium.woff2
static.cimcontent.net/common-web-assets/fonts/dm-sans/
29 KB
29 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/dm-sans/dmsans-medium.woff2
Requested by
Host: bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:794::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da319dcae9d21873bf2ad8b146767e023772a8f0a4fd7446156b3d61b9c83098

Request headers

Referer
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/
Origin
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
4PsddOg8bLvjHdiYBm2tGDXlNVaJeelo
date
Sat, 03 Feb 2024 13:14:19 GMT
last-modified
Wed, 01 Sep 2021 16:24:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"935dd4c230fc4105c9c5bca40e99f815"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
29896
x-amz-cf-id
i_WDx81E-GltaBUfqTyGOou-AeyGFo2g4BYnGx2g7ZWipZ7mT0aYcg==
dmsans-regular.woff2
static.cimcontent.net/common-web-assets/fonts/dm-sans/
29 KB
30 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/dm-sans/dmsans-regular.woff2
Requested by
Host: bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:794::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40aefc09f33205666c2c42f20d54285147ae9434ef5f8018481950fd67ddcb68

Request headers

Referer
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/
Origin
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
eqDyU9EIxSCK7CgAZan.68AQPY6LisN8
date
Sat, 03 Feb 2024 13:14:19 GMT
last-modified
Thu, 15 Dec 2022 15:23:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
etag
"b9d5e5cad821648da76e2fedb6c6a680"
x-amz-server-side-encryption
AES256
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
29920
x-amz-cf-id
DU8wWsnCKCzEJhGes0mDSixA6kEepKmowD9pGkjMgLrq61FCz62Hmg==
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebec0a242eb62dac37ad10740e7797b748ff93103796ed6509414a751ce86820

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type
image/svg+xml
xfinitybrown-regular.woff2
static.cimcontent.net/common-web-assets/fonts/xfinity-brown-optimized/
84 KB
85 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/xfinity-brown-optimized/xfinitybrown-regular.woff2
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/cmp/css/cookie-consent.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:794::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac7ab1854db99c8278486132a7cef4a5d4f2992fd59488d02b4a5c5a071407d0

Request headers

Referer
https://cdn.comcast.com/
Origin
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
JV_1KoYVZhkjCPcZGZrb.Jzm5gmhB2.R
date
Sat, 03 Feb 2024 13:14:20 GMT
last-modified
Tue, 19 Jul 2022 15:07:37 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"7852867d778f90102ccdec973b475759"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
86524
x-amz-cf-id
MfEFSXkWZkA4HWOIW0iyNcGaRfCyoA-sIgKXCdyzl7nwvwueKFyvvw==
dmsans-bold.woff2
static.cimcontent.net/common-web-assets/fonts/dm-sans/
29 KB
29 KB
Font
General
Full URL
https://static.cimcontent.net/common-web-assets/fonts/dm-sans/dmsans-bold.woff2
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/cmp/css/cookie-consent.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:794::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4fc8ea1d0db62d19b2320e0299afe1c60abc0aacb7ba34d4169d56bcc828fe2

Request headers

Referer
https://cdn.comcast.com/
Origin
https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id
VlEEW_IstBdLzPa7r8nHikIZe4UbnKFZ
date
Sat, 03 Feb 2024 13:14:20 GMT
last-modified
Wed, 01 Sep 2021 16:24:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
"5f8fa708197e8666b28fecf16ab5c7f9"
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
29872
x-amz-cf-id
sWA0i0dN89sNwT0L9Bb-ThaYpp99xJSkY_6g5peFG9D6J5r6q2foCw==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Domain/Path Name / Value
login.xfinity.com/static/resi/dist/prism-ui Name: bid
Value: 4UaO6p09Q1O5VHlH7HQvSClbm7Y
login.xfinity.com/static/resi/dist Name: bid
Value: 9PlG8rD5R5CFs1-dTQEgwIyyfj8
login.xfinity.com/ Name: AWSALBCORS
Value: OoToF9K3kKAMeS+ap/kAzJYWTZYKrwPCC1ycfLt752IevuNbT0OTxHVaIIVI7thh8W57VmJxeGaXx1zX41TDJcJzgo46f2uJdRjM+A7ovIINFcnIdjx4B8j17o+z

8 Console Messages

Source Level URL
Text
security warning URL: about:blank
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/static/images/global/xfinity-logo-grey.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://login.xfinity.com/static/resi/dist/bundle-cebc627.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://login.xfinity.com/static/resi/dist/prism-ui/prism-ui-cebc627.css
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://bafybeidrp6jgytkx4itqh72x4esd5f4o72ug7io3wcm6pykmh7anfmvd7i.ipfs.dweb.link/infinix
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload