urlscan.io logo urlscan.io
SecurityTrails logo

thundersoftball.org Open in urlscan Pro
192.254.233.101  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://thundersoftball.org/.login/%7B%7D/57468363733/%7B%7D/xfinity/%7B%7D/comcast-logon/2e6d54765685db57ce9073ab896aa5c1
Effective URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Submission Tags: 6624733
Submission: On June 11 via api from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 9 domains to perform 22 HTTP transactions. The main IP is 192.254.233.101, located in Houston, United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is thundersoftball.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 6th 2020. Valid for: 3 months.
This is the only time thundersoftball.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2 192.254.233.101 46606 (UNIFIEDLA...)
7 2001:558:fe21... 7922 (COMCAST-7922)
2 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 2001:558:fe03... 7922 (COMCAST-7922)
2 2 18.214.153.204 14618 (AMAZON-AES)
2 4 108.161.128.85 55045 (TEKTONIC)
2 52.208.194.150 16509 (AMAZON-02)
1 2.19.47.84 20940 (AKAMAI-ASN1)
3 54.76.99.142 16509 (AMAZON-02)
1 15.236.175.233 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
1 18.200.164.57 16509 (AMAZON-02)
22 12
2    192.254.233.101 (Houston, United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 192-254-233-101.unifiedlayer.com
thundersoftball.org
7    2001:558:fe21:2:69:252:205:24 (United States)

ASN7922 (COMCAST-7922, US)
login.comcast.net
2    2a02:26f0:eb:3aa::1e80 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
assets.adobedtm.com
1    2a02:26f0:eb:38a::2af2 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
cdn.comcast.com
1    2001:558:fe03:4b::2 (United States)

ASN7922 (COMCAST-7922, US)
edge.static-assets.top.comcast.net
2    18.214.153.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-153-204.compute-1.amazonaws.com
privacy.truste.com
4    108.161.128.85 (Collegeville, United States)

ASN55045 (TEKTONIC, US)
www.truste.com
trustarc.com
2    52.208.194.150 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-194-150.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2.19.47.84 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-19-47-84.deploy.static.akamaitechnologies.com
cdn.tt.omtrdc.net
3    54.76.99.142 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
comcastresidentialservices.tt.omtrdc.net
1    15.236.175.233 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-175-233.eu-west-3.compute.amazonaws.com
comcastcom.d1.sc.omtrdc.net
1    66.117.28.86 (United States)

ASN15224 (OMNITURE, US)
cm.everesttech.net
1    18.200.164.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-164-57.eu-west-1.compute.amazonaws.com
comcast.demdex.net
Domain Requested by
7 login.comcast.net thundersoftball.org
3 comcastresidentialservices.tt.omtrdc.net cdn.comcast.com
2 dpm.demdex.net assets.adobedtm.com
thundersoftball.org
2 trustarc.com thundersoftball.org
2 www.truste.com 2 redirects
2 privacy.truste.com 2 redirects
2 assets.adobedtm.com thundersoftball.org
assets.adobedtm.com
2 thundersoftball.org 1 redirects
1 comcast.demdex.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 comcastcom.d1.sc.omtrdc.net assets.adobedtm.com
1 cdn.tt.omtrdc.net cdn.comcast.com
1 edge.static-assets.top.comcast.net thundersoftball.org
1 cdn.comcast.com thundersoftball.org
22 14
Subject Issuer Validity Valid
www.thundersoftball.org
Let's Encrypt Authority X3		 2020-05-06 -
2020-08-04		 3 months crt.sh
login.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2018-10-29 -
2020-10-28		 2 years crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-10-22 -
2021-10-01		 2 years crt.sh
xapi.xfinity.com
COMODO RSA Organization Validation Secure Server CA		 2020-05-07 -
2022-05-07		 2 years crt.sh
edge.static-assets.top.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2019-03-19 -
2021-03-18		 2 years crt.sh
www.trustarc.com
RapidSSL RSA CA 2018		 2020-04-16 -
2022-04-16		 2 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.tt.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2017-10-26 -
2020-11-25		 3 years crt.sh
*.d1.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2020-02-28 -
2022-03-04		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Frame ID: 1755C7425046E81CDCDB5615DBB55B36
Requests: 23 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: 8E231A60B61B8EC07D92620646FD603D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://thundersoftball.org/.login/%7B%7D/57468363733/%7B%7D/xfinity/%7B%7D/comcast-logon/2e6d54765685db... HTTP 301
    https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/assets.adobedtm.com\//i
Overall confidence: 100%
Detected patterns
  • script /lodash.*\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/s[_-]code.*\.js/i

Page Statistics

22
Requests

100 %
HTTPS

31 %
IPv6

9
Domains

14
Subdomains

12
IPs

4
Countries

324 kB
Transfer

641 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://thundersoftball.org/.login/%7B%7D/57468363733/%7B%7D/xfinity/%7B%7D/comcast-logon/2e6d54765685db57ce9073ab896aa5c1 HTTP 301
    https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://privacy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/asc?rid=b537c389-7be1-4331-bb73-03a71788bc12 HTTP 302
  • https://www.truste.com/ HTTP 301
  • https://trustarc.com/
Request Chain 9
  • https://privacy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/seal?rid=9426d53b-42b1-4587-8d55-c57322ccb60d HTTP 302
  • https://www.truste.com/ HTTP 301
  • https://trustarc.com/
Request Chain 16
  • https://cm.everesttech.net/cm/dd?d_uuid=14249894457488367951387636703706113813 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XuK4YAAAA1u2bFL0

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Redirect Chain
  • https://thundersoftball.org/.login/%7B%7D/57468363733/%7B%7D/xfinity/%7B%7D/comcast-logon/2e6d54765685db57ce9073ab896aa5c1
  • https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.254.233.101 Houston, United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
192-254-233-101.unifiedlayer.com
Software
Apache /
Resource Hash
350a407ae1e69ef38a51652b92df856d488d0885683f87a5f08eb67c2e7d87eb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
thundersoftball.org
:scheme
https
:path
/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Thu, 11 Jun 2020 23:03:59 GMT
server
Apache
last-modified
Wed, 10 Jun 2020 20:09:37 GMT
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-length
6070
content-type
text/html

Redirect headers

status
301
date
Thu, 11 Jun 2020 23:03:59 GMT
server
Apache
location
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
content-length
331
content-type
text/html; charset=iso-8859-1
lodash-slim.min.js
login.comcast.net/static/js/data-layer/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/data-layer/lodash-slim.min.js
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
tracking-aws.min.js
login.comcast.net/static/js/data-layer/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/data-layer/tracking-aws.min.js
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
tracking-DTM.min.js
login.comcast.net/static/js/data-layer/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/data-layer/tracking-DTM.min.js
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
tracking.min.js
login.comcast.net/static/js/data-layer/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/data-layer/tracking.min.js
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/ 		126 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:3aa::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
8a1929508923b26986f60a9e9ae537375afab2651a0e3624de672c95046ac381

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 23:03:59 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 20:53:24 GMT
server
AkamaiNetStorage
etag
"f6ad8e583a31aabc7083057f25133dac:1581368004.807065"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
39001
expires
Fri, 12 Jun 2020 00:03:59 GMT
styles-light.min.css
login.comcast.net/static/css/junket/ 		44 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/css/junket/styles-light.min.css?v=3b44011
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
9f0b93d0bbfb7b752c7aa3254f290442661bd8ca50da75094df5fef7fdc1fb26
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 23:04:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jun 2020 14:13:16 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/css
Cache-Control
max-age=157475355
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
11064
Expires
Sun, 08 Jun 2025 14:13:16 GMT
Mbox.js
cdn.comcast.com/~/Media/Javascripts/Omniture/ 		37 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.comcast.com/~/Media/Javascripts/Omniture/Mbox.js?vs=3
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:38a::2af2 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
00ba8b3d7a8ef26dddc51f64b4f722fae14e57f22b003a748299ecc32ea70664
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 23:03:59 GMT
content-encoding
br
x-xfnlog-site
XDS
last-modified
Tue, 02 Jun 2020 21:30:37 GMT
status
200
etag
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
private, max-age=31339505
content-disposition
inline; filename="Mbox.js"
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
9070
expires
Wed, 09 Jun 2021 16:29:04 GMT
b1372fb33a8af099efbde90184076f9b.png
edge.static-assets.top.comcast.net/cms/data/assets/bin-201705/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edge.static-assets.top.comcast.net/cms/data/assets/bin-201705/b1372fb33a8af099efbde90184076f9b.png
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2001:558:fe03:4b::2 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
ATS/8.0.6 /
Resource Hash
de29ba0f5c0f48f9e1470e94dbf1db5c9f9d0ac12b752f8d750f29fea7e1d6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 30 May 2020 01:20:24 GMT
Via
1.1 05ce646a2ff6febe063c256476b18a9c.cloudfront.net (CloudFront), http/1.1 odol-atsmid-pan-08.newcastle.de.panjde.comcast.net (ApacheTrafficServer/8.0.6 [uScHs f p eN:t cCHp s ]), http/1.1 odol-atsec-bos-03.woburn.ma.boston.comcast.net (ApacheTrafficServer/8.0.6 [uScHs f p eN:t cCHp s ])
Age
1115018
X-Cache
Miss from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
173524
Last-Modified
Tue, 10 Oct 2017 00:07:21 GMT
Server
ATS/8.0.6
Etag
"6f24826f1b29f767c2618e9555e87b64"
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1296000
X-Amz-Cf-Pop
ORD52-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
hm1U2JhJWPNOD6hhuYgPnlbFepAIrCyEEGG1ah2YrOfskCTB5XNUXQ==
Expires
Sun, 14 Jun 2020 01:20:24 GMT
/
trustarc.com/
Redirect Chain
  • https://privacy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/asc?rid=b537c389-7be1-4331-bb73-03a71788bc12
  • https://www.truste.com/
  • https://trustarc.com/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://trustarc.com/
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.128.85 Collegeville, United States, ASN55045 (TEKTONIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
https://trustarc.com/
Date
Thu, 11 Jun 2020 23:04:01 GMT
Server
Apache
Connection
close
Content-Length
229
Content-Type
text/html; charset=iso-8859-1
/
trustarc.com/
Redirect Chain
  • https://privacy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/seal?rid=9426d53b-42b1-4587-8d55-c57322ccb60d
  • https://www.truste.com/
  • https://trustarc.com/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trustarc.com/
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.128.85 Collegeville, United States, ASN55045 (TEKTONIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Location
https://trustarc.com/
Date
Thu, 11 Jun 2020 23:04:01 GMT
Server
Apache
Connection
close
Content-Length
229
Content-Type
text/html; charset=iso-8859-1
jquery-1.7.min.js
login.comcast.net/static/js/libs/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/libs/jquery-1.7.min.js
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
09b3d1d373b566ce6a958d0f089607510592619f028081822696b387da06d703
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 23:04:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jun 2020 14:08:50 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/javascript
Cache-Control
max-age=157475089
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
33279
Expires
Sun, 08 Jun 2025 14:08:50 GMT
scripts-responsive.min.js
login.comcast.net/static/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/scripts-responsive.min.js
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
aceb470e2f0767fe13270d4f84dc14e347889dd34762dd6eb095db9581051e89
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 11 Jun 2020 23:04:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 09 Jun 2020 14:13:16 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/javascript
Cache-Control
max-age=157475355
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
2883
Expires
Sun, 08 Jun 2025 14:13:16 GMT
id
dpm.demdex.net/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1591916640349
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.194.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-194-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b5cc09db68fce69625d39981e210a9902d5c180ec86f7ad95461246e30e49119
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v072-0354ee6e2.edge-irl1.demdex.com 5.73.2.20200611122118 3ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
hkvL94wRSWc=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://thundersoftball.org
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1422
Expires
Thu, 01 Jan 1970 00:00:00 GMT
target.js
cdn.tt.omtrdc.net/cdn/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tt.omtrdc.net/cdn/target.js
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/~/Media/Javascripts/Omniture/Mbox.js?vs=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.47.84 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-19-47-84.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7ecf3bf86151cd72036fb67feb8fcbd8c80359e0ca871e1aeb955428ed43c26d

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Thu, 11 Jun 2020 23:04:00 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Oct 2019 05:03:41 GMT
Server
Apache
ETag
"1fcda-aa3e-593d246a6d5b9"
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
must-revalidate, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14200
ajax
comcastresidentialservices.tt.omtrdc.net/m2/comcastresidentialservices/mbox/ 		246 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://comcastresidentialservices.tt.omtrdc.net/m2/comcastresidentialservices/mbox/ajax?mboxHost=thundersoftball.org&mboxPage=1591916640438-175446&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=120&colorDepth=24&mboxSession=1591916640438-175446&mboxXDomain=enabled&mboxCount=1&mboxTime=1591923840441&mboxMCSDID=12E3D72887E0AC4F-420DFF4B0F8ABA86&mbox=target-global-mbox&mboxId=0&mboxURL=https%3A%2F%2Fthundersoftball.org%2F.login%2F%257b%257d%2F57468363733%2F%257b%257d%2Fxfinity%2F%257b%257d%2Fcomcast-logon%2F2e6d54765685db57ce9073ab896aa5c1%2F&mboxReferrer=&mboxVersion=57
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/~/Media/Javascripts/Omniture/Mbox.js?vs=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3a59f359eec70c13c121b94a56ee9458f395c465fddc4f0dd67d3f1d02285669

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 23:04:00 GMT
content-type
text/javascript;charset=utf-8
p3p
CP="NOI DSP CURa OUR STP COM"
status
200
cache-control
no-cache
timing-allow-origin
*
content-length
246
x-request-id
080717c31724afc848e7926437b7b312
id
comcastcom.d1.sc.omtrdc.net/ 		2 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=14087614662893540121372359242615839666&ts=1591916640613
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.236.175.233 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-236-175-233.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Thu, 11 Jun 2020 23:04:00 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-6f7565dc8b-lqs4b
vary
Origin
x-c
master-1308.I3d0a82.M0-421
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://thundersoftball.org
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=XuK4YAAAA1u2bFL0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=14249894457488367951387636703706113813
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XuK4YAAAA1u2bFL0
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XuK4YAAAA1u2bFL0
Requested by
Host: thundersoftball.org
URL: https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.194.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-194-150.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v072-01640faa2.edge-irl1.demdex.com 5.73.2.20200611122118 0ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
pyHzyN0MQCw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Thu, 11 Jun 2020 23:04:00 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XuK4YAAAA1u2bFL0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
standard
comcastresidentialservices.tt.omtrdc.net/m2/comcastresidentialservices/mbox/ 		91 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://comcastresidentialservices.tt.omtrdc.net/m2/comcastresidentialservices/mbox/standard?mboxHost=thundersoftball.org&mboxPage=1591916640438-175446&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=120&colorDepth=24&mboxSession=1591916640438-175446&mboxXDomain=enabled&mboxCount=2&mboxTime=1591923840687&s=oauth&destination=https%3A%2F%2Flogin.comcast.net%2Foauth%2Fauthorize%3Fclient_id%3Dmy-account-web%26amp%3Bprompt%3Dlogin%26amp%3Bredirect_uri%3Dhttps%253A%252F%252Fcustomer.xfinity.com%252Foauth%252Fcallback%26amp%3Bresponse_type%3Dcode%26amp%3Bstate%3D%2523%252F%26amp%3Bresponse%3D1&mboxPC=1591916640438-175446.37_0&mboxMCGVID=14087614662893540121372359242615839666&mboxMCSDID=12E3D72887E0AC4F-420DFF4B0F8ABA86&mbox=login_page&mboxId=0&mboxURL=https%3A%2F%2Fthundersoftball.org%2F.login%2F%257b%257d%2F57468363733%2F%257b%257d%2Fxfinity%2F%257b%257d%2Fcomcast-logon%2F2e6d54765685db57ce9073ab896aa5c1%2F&mboxReferrer=&mboxVersion=57
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/~/Media/Javascripts/Omniture/Mbox.js?vs=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c1b6beb1809cc71ece0c986f180076035f7dd6369a9af5ff47c0be5b072ccff9

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 23:04:00 GMT
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache
timing-allow-origin
*
content-length
91
x-request-id
d417e992e9c0287d7c7d17a17cca3cce
Cookie set dest5.html
comcast.demdex.net/ Frame 8E23 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://comcast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.164.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-164-57.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
comcast.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=14249894457488367951387636703706113813
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 11 Jun 2020 14:07:12 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=14249894457488367951387636703706113813;Path=/;Domain=.demdex.net;Expires=Tue, 08-Dec-2020 23:04:00 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
7tZKgV0WRsU=
Content-Length
2785
Connection
keep-alive
standard
comcastresidentialservices.tt.omtrdc.net/m2/comcastresidentialservices/mbox/ 		93 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://comcastresidentialservices.tt.omtrdc.net/m2/comcastresidentialservices/mbox/standard?mboxHost=thundersoftball.org&mboxPage=1591916640438-175446&screenHeight=1200&screenWidth=1600&browserWidth=1600&browserHeight=1200&browserTimeOffset=120&colorDepth=24&mboxSession=1591916640438-175446&mboxXDomain=enabled&mboxCount=3&mboxTime=1591923840765&mboxPC=1591916640438-175446.37_0&mboxMCGVID=14087614662893540121372359242615839666&mboxMCSDID=12E3D72887E0AC4F-420DFF4B0F8ABA86&mbox=login_page_1&mboxId=0&mboxURL=https%3A%2F%2Fthundersoftball.org%2F.login%2F%257b%257d%2F57468363733%2F%257b%257d%2Fxfinity%2F%257b%257d%2Fcomcast-logon%2F2e6d54765685db57ce9073ab896aa5c1%2F&mboxReferrer=&mboxVersion=57
Requested by
Host: cdn.comcast.com
URL: https://cdn.comcast.com/~/Media/Javascripts/Omniture/Mbox.js?vs=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.99.142 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-99-142.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cb9ce064edb9be003da85661de111ee3b30e82bd99796c78729ca449a9142f03

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Thu, 11 Jun 2020 23:04:00 GMT
content-type
text/javascript;charset=utf-8
status
200
cache-control
no-cache
timing-allow-origin
*
content-length
93
x-request-id
2799e4dd71c78c6244e93edc8a5e1526
truncated
/ 		933 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:3aa::1e80 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
25b929df07cf5a58b7ffdb4b4bf3886b79c2e79034510720744cd845f251d003

Request headers

Referer
https://thundersoftball.org/.login/%7b%7d/57468363733/%7b%7d/xfinity/%7b%7d/comcast-logon/2e6d54765685db57ce9073ab896aa5c1/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 11 Jun 2020 23:04:01 GMT
content-encoding
gzip
last-modified
Mon, 10 Feb 2020 20:53:25 GMT
server
AkamaiNetStorage
etag
"7c44e613d67e21f6a1c3afd5985988da:1581368005.559228"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
34525
expires
Fri, 12 Jun 2020 00:04:01 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Visitor object| _satellite object| s_c_il number| s_c_in object| runtimeData string| mboxCopyright object| TNT function| mboxUrlBuilder function| mboxStandardFetcher function| mboxAjaxFetcher function| mboxMap function| mboxFactory function| mboxSignaler function| mboxList function| mboxLocatorDefault function| mboxLocatorNode function| mboxCreate function| mboxDefine function| mboxUpdate function| mbox function| mboxOfferContent function| mboxOfferAjax function| mboxOfferDefault function| mboxCookieManager function| mboxSession function| mboxPC function| mboxGetPageParameter function| mboxSetCookie function| mboxGetCookie function| mboxCookiePageDomain function| mboxShiftArray function| mboxGenerateId function| mboxScreenHeight function| mboxScreenWidth function| mboxBrowserWidth function| mboxBrowserHeight function| mboxBrowserTimeOffset function| mboxScreenColorDepth function| mboxScPluginFetcher function| mboxLoadSCPlugin function| mboxVizTargetUrl object| mboxFactories object| mboxFactoryDefault number| mboxVersion object| _AT function| getSizzleForTarget function| $ function| jQuery object| login object| shared function| CircleLoader object| jQuery1707226691428734784 string| upDate undefined| s_account object| s function| s_doPlugins undefined| c_rspers undefined| c_r undefined| c_w function| s_getLoadTime function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID

2 Cookies

Domain/Path Name / Value
.demdex.net/ Name: dextp
Value: 771-1-1591916641534|1123-1-1591916641635|903-1-1591916641736|1957-1-1591916641837|3047-1-1591916641938|80742-1-1591916642039|144228-1-1591916642146|144229-1-1591916642247|144230-1-1591916642347|144232-1-1591916642449|144233-1-1591916642549|144234-1-1591916642650|144235-1-1591916642751
.demdex.net/ Name: demdex
Value: 14249894457488367951387636703706113813

1 Console Messages

Source Level URL
Text
console-api log URL: https://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js(Line 755)
Message:
Error, missing Report Suite ID in AppMeasurement initialization

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cdn.comcast.com
cdn.tt.omtrdc.net
cm.everesttech.net
comcast.demdex.net
comcastcom.d1.sc.omtrdc.net
comcastresidentialservices.tt.omtrdc.net
dpm.demdex.net
edge.static-assets.top.comcast.net
login.comcast.net
privacy.truste.com
thundersoftball.org
trustarc.com
www.truste.com
108.161.128.85
15.236.175.233
18.200.164.57
18.214.153.204
192.254.233.101
2.19.47.84
2001:558:fe03:4b::2
2001:558:fe21:2:69:252:205:24
2a02:26f0:eb:38a::2af2
2a02:26f0:eb:3aa::1e80
52.208.194.150
54.76.99.142
66.117.28.86
00ba8b3d7a8ef26dddc51f64b4f722fae14e57f22b003a748299ecc32ea70664
09b3d1d373b566ce6a958d0f089607510592619f028081822696b387da06d703
25b929df07cf5a58b7ffdb4b4bf3886b79c2e79034510720744cd845f251d003
350a407ae1e69ef38a51652b92df856d488d0885683f87a5f08eb67c2e7d87eb
3a59f359eec70c13c121b94a56ee9458f395c465fddc4f0dd67d3f1d02285669
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5
7ecf3bf86151cd72036fb67feb8fcbd8c80359e0ca871e1aeb955428ed43c26d
8a1929508923b26986f60a9e9ae537375afab2651a0e3624de672c95046ac381
9f0b93d0bbfb7b752c7aa3254f290442661bd8ca50da75094df5fef7fdc1fb26
aceb470e2f0767fe13270d4f84dc14e347889dd34762dd6eb095db9581051e89
b5cc09db68fce69625d39981e210a9902d5c180ec86f7ad95461246e30e49119
c1b6beb1809cc71ece0c986f180076035f7dd6369a9af5ff47c0be5b072ccff9
cb9ce064edb9be003da85661de111ee3b30e82bd99796c78729ca449a9142f03
de29ba0f5c0f48f9e1470e94dbf1db5c9f9d0ac12b752f8d750f29fea7e1d6aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629