sawsadhikar.com
Open in
urlscan Pro
50.28.1.103
Malicious Activity!
Public Scan
Submission: On April 30 via automatic, source phishtank
Summary
This is the only time sawsadhikar.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Xfinity (Consumer)Live information
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 50.28.1.103 50.28.1.103 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
1 | 54.82.173.247 54.82.173.247 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2607:ae80:2::230 2607:ae80:2::230 | 26558 (FREEWHEEL) (FREEWHEEL) | |
1 2 | 52.50.184.22 52.50.184.22 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 178.250.2.157 178.250.2.157 | 44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE) | |
3 | 2a02:26f0:6c0... 2a02:26f0:6c00:186::1b62 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 204.13.194.235 204.13.194.235 | 29990 (ASN-APPNEX) (ASN-APPNEX) | |
11 | 2.18.235.40 2.18.235.40 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 151.101.13.108 151.101.13.108 | 54113 (FASTLY) (FASTLY) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:18c::2c06 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
31 | 11 |
ASN32244 (LIQUIDWEB, US)
PTR: mango.exacthosting.com
sawsadhikar.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-173-247.compute-1.amazonaws.com
dmp.tidaltv.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-184-22.eu-west-1.compute.amazonaws.com
xfinitydigital.demdex.net |
ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com | |
px.moatads.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
moatads.com
z.moatads.com px.moatads.com |
97 KB |
10 |
sawsadhikar.com
sawsadhikar.com |
71 KB |
5 |
xfinity.com
sdx.xfinity.com oascentral.xfinity.com dl.cws.xfinity.com |
82 KB |
2 |
demdex.net
1 redirects
xfinitydigital.demdex.net |
2 KB |
1 |
adnxs.com
cdn.oas-c18.adnxs.com |
690 B |
1 |
criteo.com
rtax.criteo.com |
86 B |
1 |
fwmrm.net
7468.v.fwmrm.net |
399 B |
1 |
tidaltv.com
dmp.tidaltv.com |
706 B |
31 | 8 |
Domain | Requested by | |
---|---|---|
10 | px.moatads.com |
sawsadhikar.com
|
10 | sawsadhikar.com |
sawsadhikar.com
|
3 | sdx.xfinity.com |
sawsadhikar.com
|
2 | xfinitydigital.demdex.net |
1 redirects
sawsadhikar.com
|
1 | dl.cws.xfinity.com |
sawsadhikar.com
|
1 | cdn.oas-c18.adnxs.com |
sawsadhikar.com
|
1 | z.moatads.com |
oascentral.xfinity.com
|
1 | oascentral.xfinity.com |
sawsadhikar.com
|
1 | rtax.criteo.com |
sawsadhikar.com
|
1 | 7468.v.fwmrm.net |
sawsadhikar.com
|
1 | dmp.tidaltv.com |
sawsadhikar.com
|
31 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
oascentral.xfinity.com |
www.comcast.net |
www.surveymonkey.com |
idm.xfinity.com |
customer.xfinity.com |
my.xfinity.com |
xfinity.comcast.net |
customer.comcast.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.v.fwmrm.net DigiCert SHA2 High Assurance Server CA |
2017-11-01 - 2021-01-13 |
3 years | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
www.xfinity.comcast.net COMODO RSA Organization Validation Secure Server CA |
2020-02-24 - 2022-02-23 |
2 years | crt.sh |
moatads.com DigiCert SHA2 Secure Server CA |
2020-01-17 - 2021-03-17 |
a year | crt.sh |
*.cws.xfinity.com Sectigo RSA Organization Validation Secure Server CA |
2019-01-28 - 2021-01-27 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://sawsadhikar.com/loginxfinity/login
Frame ID: 4BA1AE63D3DFE2CD8969441A0285A604
Requests: 33 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
AppNexus (Advertising Networks) Expand
Detected patterns
- html /<(?:iframe|img)[^>]+adnxs\.(?:net|com)/i
Lodash (JavaScript Libraries) Expand
Detected patterns
- script /lodash.*\.js/i
Page Statistics
11 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Ad Info
Search URL Search Domain Scan URL
Title: Ad Feedback
Search URL Search Domain Scan URL
Title: username
Search URL Search Domain Scan URL
Title: password
Search URL Search Domain Scan URL
Title: Create one
Search URL Search Domain Scan URL
Title: Pay any balance
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 9- https://xfinitydigital.demdex.net/event?d_sid=4702129 HTTP 302
- https://xfinitydigital.demdex.net/firstevent?d_sid=4702129
31 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
login
sawsadhikar.com/loginxfinity/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lodash-slim.min.js
sawsadhikar.com/loginxfinity/static/js/data-layer/ |
23 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracking-aws.min.js
sawsadhikar.com/loginxfinity/static/js/data-layer/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracking-DTM.min.js
sawsadhikar.com/loginxfinity/static/js/data-layer/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tracking.min.js
sawsadhikar.com/loginxfinity/static/js/data-layer/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
sawsadhikar.com/assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles-light.minc816.css
sawsadhikar.com/loginxfinity/static/css/junket/ |
47 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vm-login-form-ad.js
sawsadhikar.com/loginxfinity/static/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
data.json
dmp.tidaltv.com/audience/browser/ |
162 B 706 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
u
7468.v.fwmrm.net/ad/ |
0 399 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
firstevent
xfinitydigital.demdex.net/ Redirect Chain
|
42 B 937 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.12.4.min.js
sawsadhikar.com/loginxfinity/static/js/libs/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts-responsive.minc816.js
sawsadhikar.com/loginxfinity/static/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rta.js
rtax.criteo.com/delivery/rta/ |
0 86 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XfinityStandard-Regular.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1377556847@x32
oascentral.xfinity.com/RealMedia/ads/adstream_jx.ads/comcast.net/login_secure/notve/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
moatad.js
z.moatads.com/comcastapn56341864860/ |
279 KB 95 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
empty.gif
cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/default/ |
43 B 690 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XfinityStandard-Medium.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
px.moatads.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
933 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XfinityStandard-Light.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
PUT H2 |
/
dl.cws.xfinity.com/event/ |
110 B 487 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
px.moatads.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
px.moatads.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
px.moatads.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
px.moatads.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
px.moatads.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
px.moatads.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
px.moatads.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
px.moatads.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel.gif
px.moatads.com/ |
43 B 253 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Xfinity (Consumer)34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| _ object| digitalData object| runtimeData object| adInfo boolean| isMobile string| OAS_rns string| OAS_query undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| Moat#PML#26#1.2 boolean| Moat#EVA undefined| ad undefined| x32adtag string| adtag_x32 function| $ function| jQuery object| login object| shared function| CircleLoader object| jQuery1124097730034938147743 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sawsadhikar.com/ | Name: currency Value: BDT |
|
.sawsadhikar.com/ | Name: language Value: en |
|
sawsadhikar.com/ | Name: PHPSESSID Value: cgrc7n5dlc3b6qbco8s11vl661 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
7468.v.fwmrm.net
cdn.oas-c18.adnxs.com
dl.cws.xfinity.com
dmp.tidaltv.com
oascentral.xfinity.com
px.moatads.com
rtax.criteo.com
sawsadhikar.com
sdx.xfinity.com
xfinitydigital.demdex.net
z.moatads.com
151.101.13.108
178.250.2.157
2.18.235.40
204.13.194.235
2607:ae80:2::230
2a02:26f0:6c00:186::1b62
2a02:26f0:6c00:18c::2c06
50.28.1.103
52.50.184.22
54.82.173.247
0df906e16d1ed57a686d542ac0e7a620eafb715c12ee0a0c648653b569e72a9b
11da464f86f5ff9850e1ef53dd13336cfbfd38a8f3808d7826d0c1a2d925563f
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
1bdca04f41b797a00f1ac403070d6ea18a459754c41d383ffddf5b0991f04d9d
2804c8eb469562e0265d432353da4f642b2170a02b76543180cb9f76bf5330ab
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3c3aad385bf572768f754413db5d71072dc7d3e6f87562868c309c2565895ae7
4059e3d6f8e253fb472c34896e61e444991eed1df770c41039127f94b35f5edb
49d0c079f8431833fb59275e68a7db8b9215dc52068ff63c179e32dfe618a8c4
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea
53c14b25c576da13c28dee3042b1c5ea4a814deab8d267f617cc53404ba9d2c5
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5
603f03540393202b164f307f767c15347b55e1c70f22fbd2813917d6e8e12617
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7a1f723f3e30c5e5ae413e28815bb419e374d0b50e03b25eeb53a25c1ac1c98f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1e2dfc4882d3951f8b5ce26f342fdbd83dcfc7c5d53cc455dc3703b706fc7c2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a
feb443b544ffe748134ddd3e9d5d69dd4353d3a226c1865800af10945387c029