pc2.mypreferences.com
Open in
urlscan Pro
162.253.104.96
Malicious Activity!
Public Scan
Effective URL: https://pc2.mypreferences.com/Comcast/OptDown/opt-down/
Submission: On June 19 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 5th 2019. Valid for: 2 years.
This is the only time pc2.mypreferences.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Xfinity (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 199.7.200.192 199.7.200.192 | 15334 (RESPONSYS) (RESPONSYS) | |
12 | 162.253.104.96 162.253.104.96 | 20141 (QTS-SUW1-...) (QTS-SUW1-ATL1) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:1b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 2606:4700::68... 2606:4700::6810:85e5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:801::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2001:558:fe03... 2001:558:fe03:4b::2 | 7922 (COMCAST-7922) (COMCAST-7922) | |
2 | 2a00:1450:400... 2a00:1450:4001:81d::200e | 15169 (GOOGLE) (GOOGLE) | |
23 | 6 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
mypreferences.com
pc2.mypreferences.com |
57 KB |
4 |
comcast.net
edge.static-assets.top.comcast.net |
121 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
59 KB |
2 |
google-analytics.com
www.google-analytics.com |
18 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
26 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
20 KB |
1 |
xfinity.com
1 redirects
emails.xfinity.com |
2 KB |
23 | 7 |
Domain | Requested by | |
---|---|---|
12 | pc2.mypreferences.com |
pc2.mypreferences.com
cdnjs.cloudflare.com |
4 | edge.static-assets.top.comcast.net |
pc2.mypreferences.com
|
3 | cdnjs.cloudflare.com |
pc2.mypreferences.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
pc2.mypreferences.com |
1 | www.googletagmanager.com |
pc2.mypreferences.com
|
1 | maxcdn.bootstrapcdn.com |
pc2.mypreferences.com
|
1 | emails.xfinity.com | 1 redirects |
23 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.xfinity.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
pc.mypreferences.com DigiCert SHA2 Extended Validation Server CA |
2019-08-05 - 2021-08-09 |
2 years | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
cloudflare.com CloudFlare Inc ECC CA-2 |
2020-01-07 - 2020-10-09 |
9 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-05-26 - 2020-08-18 |
3 months | crt.sh |
edge.static-assets.top.comcast.net COMODO RSA Organization Validation Secure Server CA |
2019-03-19 - 2021-03-18 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://pc2.mypreferences.com/Comcast/OptDown/opt-down/
Frame ID: 2BABA4F9D99C7D823DD011733BCB254B
Requests: 23 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://emails.xfinity.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGN29MblRzaTdqqkfd7IukcGoUvUBeBasEuE2SrLEsp...
HTTP 302
https://pc2.mypreferences.com/Comcast/OptDown/opt-down/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- script /\/([\d.]+(?:-?rc[.\d]*)*)\/angular(?:\.min)?\.js/i
- script /angular.*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://emails.xfinity.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGN29MblRzaTdqqkfd7IukcGoUvUBeBasEuE2SrLEspuMGpWG949yzfaOVXtpKX%3DUTYDASBY&_ei_=Eg6hiIRZ6IbTRQzpp7EgfWDv5wmb7wtZr_HKt4Y9565l73Y_PqZSaCEhvHs0mzNqB_YnaIJe71CzaNklDYVga24JzcfuVrWYaLyOPgXgODBg_6d9EE-SIGs-ucFcmv4FPL2KRkHjK9AnMoJwcW79jM4zYGKyFqsHnIuHxqpIUbJZtKzQXNBt8r8yyKTdPt99Kkvdq9o8nknlpxcQHXI7Bbimaqwj7y73Pw1P5o2jxrfD4vpIz54BBcJM6gKarZgb-ymYfETLiLnxQHmWftfsoN8Io2v5ezSOGSuNZ87pYiTUAJ6kutCc9w9l0X6yXWwTqxE0aoc6uuoRfXkunYRyticWHsvsZqYUhJdpcfZ6sleFjlAGfLIoywZ6O2B_C6Gj7UF1sUtdNglfVQd-28jRW8sCCzlwN9j_wQoBylJnxEsnALZv5s28pDHb7nFiwAjPdwLwcvdUMijvGuOw_Oe_9NbUPFBSmM-lEAdqGP9YJOA4DWW5WA24N6KB6YSWpOU9ilZK2GOgV67SIRn4CXMswSphTseIlPmHXdzJV8us6C-aqpMwnaTGVGyVHkg291wwQmkFFtCMEzqBuobD1GN3mY1m7lJeau4huhU_SgVGtkergzGoMOH0MhZdZ1rqBiA6yCpyf6ya3zgLAJFXY9RPvKV2IgCy3k962ClCl81z61HwOvvBrVFNK0I2ODFPN4GCmn0KCYyCxtTJQjGc-sqhdD-8B7CXSl1y4d4bgOZCxA4qe3fEVvDwwe2QggzHMvNz4C05_StGPjEapHie1l014Ias2UDsl7g540OzladWqns1MjSabyPHgwEXnclP7oKm3SreiiaenEkXlj3Gyz6TkXVPkR2yKqwIdksi_5XbBXtILgaullxDBg.&_di_=aqleq73fq61jdamlofvc64rltvfl06fcrmh3iuh58ukr8qi56sng
HTTP 302
https://pc2.mypreferences.com/Comcast/OptDown/opt-down/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
pc2.mypreferences.com/Comcast/OptDown/opt-down/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
pc2.mypreferences.com/Comcast/OptDown/opt-down/styles/ |
18 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xfinity-logo.svg
pc2.mypreferences.com/Comcast/OptDown/opt-down/img/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.6.5/ |
165 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-route.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.6.5/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.6.5/ |
1 KB 920 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui-bootstrap-tpls-2.5.0.min.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/libs/ |
123 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular-base64.min.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/libs/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
addPreferenceService.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/services/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
filterHeaderService.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/services/ |
816 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mainController.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/controllers/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
managePreferenceController.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/controllers/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
74 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getappconfiguration
pc2.mypreferences.com/Comcast/OptDown/api/configurationservice/ |
85 B 452 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.html
pc2.mypreferences.com/Comcast/OptDown/opt-down/views/ |
4 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XfinityStandard-Light.woff2
edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/ |
27 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collect
www.google-analytics.com/r/ |
35 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XfinityStandard-Thin.woff2
edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/ |
32 KB 33 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XfinityStandard-ExtraLight.woff2
edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/ |
32 KB 33 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XfinityStandard-Regular.woff2
edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/ |
26 KB 27 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Xfinity (Consumer)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| dataLayer object| angular object| app number| ng339 object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
pc2.mypreferences.com/ | Name: f5avr0154425110aaaaaaaaaaaaaaaa_cspm_ Value: NDPEADICFMLOLLEHKNJEEODLPOBDNLPLBGNJENHJMPAJLNJOOHAPBMBONAMNAFHNEIECMMCHCCGBNKJNGBBAPFELBPPECOPOCDGIOFEBIIKDFDHCFMAIOEGDAPABFICO |
|
pc2.mypreferences.com/Comcast/OptDown/opt-down | Name: f5_cspm Value: 1234 |
|
.pc2.mypreferences.com/ | Name: _gid Value: GA1.3.651544979.1592574687 |
|
.pc2.mypreferences.com/ | Name: _gat_UA-80692612-1 Value: 1 |
|
.pc2.mypreferences.com/ | Name: _ga Value: GA1.3.1151378256.1592574687 |
|
.pc2.mypreferences.com/ | Name: TS01b2ef0f Value: 0141bd2f0ab6f88f92d08e9055a2583ef91df8e0e927a129cfa98d1a941edfec699bb71891dc091e8fb4ead5fc7dbd835a32798295 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
edge.static-assets.top.comcast.net
emails.xfinity.com
maxcdn.bootstrapcdn.com
pc2.mypreferences.com
www.google-analytics.com
www.googletagmanager.com
162.253.104.96
199.7.200.192
2001:4de0:ac19::1:b:1b
2001:558:fe03:4b::2
2606:4700::6810:85e5
2a00:1450:4001:801::2008
2a00:1450:4001:81d::200e
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
13a5ee6dc813e1aeb4d7defb6593f8630ff4502076fc4c7e05acecb7e251c355
240531fa18269549886883217f66eda8f07c59c9febf1dcf83b736312e2c9d7d
31613372f424dbb06560720991a065d0504f983d5819e7b177f062d00753a6d6
44f222333b4c6396b38f2e06dc73d385d243e2b36a30914fd10b6ddb4e831017
56352fb65a5354f283bc3296d081706ebde84c3f68f3747d43d33c2d05e1c32d
5e9104e4010b6a351b7d1a6605490c74894b31091842e5ea5e4fb5d97b799bee
7199148b765dfa60105b77dda6bb6ee464418022f2a4f4667928135079d80b1a
74819e3d9ea37eee6bb287be5db214ad534a730c3bb52914c7ea179700e3c3ac
8107d336fd1e5fee55e5a439af3165b98a39d84e25a0d55af1179d8e1b7b19ea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85d28cc51bbd70627f70feb8a98f3d7ece293193a24eadad683ff58e73e48f68
89d830f9a292946c2e95db042207889f217bdc335af08c3f5df71e0ec2d82e48
b138b3716eb706de9283b15da3e82ea052569a57c75098f22cada06b333c3d44
b55be76d4930829af02e599c2b2c7afddcfe2a27ea492278d6fbd41af2fbd903
b727d65b62ed250348fa5dc5d21eb10d5fe28fa31f9fc97048a1d63ac9848173
c2437e0d46c0a11ab671d024fd26e421b14d6ca6a19d696b0b9e57fad5214671
cc1cb5976581021daf3c5f2b9e314c517ba3b1f90a8f26b4272e63eb22a3d3e4
d7b5ca29586f2d85d5fb0c2a7cf388a317c3f72f794cc3adadc66393c0cb8edc
eb04123dc6aeeb58e0045498ef9b13e209749d8a037d5428b48cea2b9daed658
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955