xfinitys.pages.dev
Open in
urlscan Pro
2606:4700:310c::ac42:2d25
Malicious Activity!
Public Scan
Submission: On August 18 via automatic, source certstream-suspicious — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on August 18th 2023. Valid for: 3 months.
This is the only time xfinitys.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Xfinity (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 17 | 2606:4700:310... 2606:4700:310c::ac42:2d25 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a02:26f0:350... 2a02:26f0:3500:580::1b62 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2a02:26f0:350... 2a02:26f0:3500:58b::30d4 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
21 | 4 |
ASN20940 (AKAMAI-ASN1, NL)
static.cimcontent.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
pages.dev
1 redirects
xfinitys.pages.dev |
739 KB |
4 |
cimcontent.net
static.cimcontent.net — Cisco Umbrella Rank: 25452 |
107 KB |
1 |
xfinity.com
sdx.xfinity.com — Cisco Umbrella Rank: 47429 |
133 KB |
21 | 3 |
Domain | Requested by | |
---|---|---|
17 | xfinitys.pages.dev |
1 redirects
xfinitys.pages.dev
|
4 | static.cimcontent.net |
xfinitys.pages.dev
|
1 | sdx.xfinity.com |
xfinitys.pages.dev
|
21 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
xfinity.com |
customer.xfinity.com |
businessclass.comcast.net |
idm.xfinity.com |
my.xfinity.com |
xfinity.comcast.net |
www.xfinity.com |
www.comcast.net |
www.surveymonkey.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
xfinitys.pages.dev GTS CA 1P5 |
2023-08-18 - 2023-11-16 |
3 months | crt.sh |
www.xfinity.comcast.net COMODO RSA Organization Validation Secure Server CA |
2022-09-07 - 2023-09-07 |
a year | crt.sh |
static.cimcontent.net COMODO RSA Organization Validation Secure Server CA |
2023-03-30 - 2024-03-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://xfinitys.pages.dev/
Frame ID: 5570A9621216F87D1C0E44A281FA6523
Requests: 22 HTTP requests in this frame
Frame:
https://xfinitys.pages.dev/index_files/dest5
Frame ID: E63187BEBD416BA47E21965348069C18
Requests: 1 HTTP requests in this frame
12 Outgoing links
These are links going to different origins than the main page.
Title: Get help going virtual
Search URL Search Domain Scan URL
Title: quick bill pay
Search URL Search Domain Scan URL
Title: Sign in here
Search URL Search Domain Scan URL
Title: Xfinity ID
Search URL Search Domain Scan URL
Title: password
Search URL Search Domain Scan URL
Title: Create one
Search URL Search Domain Scan URL
Title: Terms of Service
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Ad Info
Search URL Search Domain Scan URL
Title: Ad Feedback
Search URL Search Domain Scan URL
Title: Do Not Sell My Personal Information
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 21- https://xfinitys.pages.dev/index_files/dest5.html HTTP 308
- https://xfinitys.pages.dev/index_files/dest5
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
xfinitys.pages.dev/ |
24 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s48574353027432
xfinitys.pages.dev/index_files/ |
6 KB 6 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comcast-common.js.download
xfinitys.pages.dev/index_files/ |
182 KB 182 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-46f715e51bac.min.js.download
xfinitys.pages.dev/index_files/ |
211 KB 211 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
saved_resource
xfinitys.pages.dev/index_files/ |
82 KB 82 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fonts-remote.min.css
xfinitys.pages.dev/index_files/ |
3 KB 635 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-light.min.css
xfinitys.pages.dev/index_files/ |
45 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AppMeasurement.min.js.download
xfinitys.pages.dev/index_files/ |
33 KB 33 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AppMeasurement_Module_ActivityMap.min.js.download
xfinitys.pages.dev/index_files/ |
3 KB 4 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
AppMeasurement_Module_AudienceManagement.min.js.download
xfinitys.pages.dev/index_files/ |
25 KB 25 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
RC0203eaed7e334f4faf2d584bda1e9893-source.min.js.download
xfinitys.pages.dev/index_files/ |
2 KB 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
0214c1dbd6e5109ad60a848425a8c655.png
xfinitys.pages.dev/index_files/ |
75 KB 75 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.3.1.min.js.download
xfinitys.pages.dev/index_files/ |
85 KB 85 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scripts-responsive.min.js.download
xfinitys.pages.dev/index_files/ |
7 KB 8 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
data-layer.jpg
xfinitys.pages.dev/index_files/ |
269 B 791 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a6eabf890bd17fbbea28fb13064329ba.jpg
sdx.xfinity.com/cms/data/cima/bin-202006/ |
132 KB 133 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
933 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ |
26 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XfinityStandard-Bold.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ |
26 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XfinityStandard-Medium.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
XfinityStandard-Light.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ |
27 KB 27 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dest5
xfinitys.pages.dev/index_files/ Frame E631 Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Xfinity (Consumer)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture object| runtimeData0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sdx.xfinity.com
static.cimcontent.net
xfinitys.pages.dev
2606:4700:310c::ac42:2d25
2a02:26f0:3500:580::1b62
2a02:26f0:3500:58b::30d4
020e9e48d93ba9d27e827e8246dd9f855c388ff4697ba14d647fcc4d9b1ccdef
032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
07b2db0fce04d776b610cc107b242077446abf65f2d3e5d2e09f487d5ddf7773
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
15efa7f76b851bbaae4982f92ab734ab468b8964c9dbf13ff788812dfbfa6112
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c665d88dc99f6861d2ca6433778a1ee0fbb7d847b54c151143033d1fc33d7d0
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
49687f4f5d9198657d1b28bb907d2192068f73afcfa30a9bb27c78eb9e8f9754
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea
4f6c8fe3d9d39c232c48874cb05e4b88fc313b703b4671333badf8c96ff9b130
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5
6e94570c8bfb0fb3d4a8db1a467402ac2e055536be41871c9479807ad4517bf4
81c0e023a93cca2725aaad095c0c9176e9bf7f09f9c926fee418bec302588cf1
8f76b4202a5a66eaba4bd9a372bb302287dab1f7b897a141a9f0bb9a10b1018d
a242719ced92c4a9873915f0d97859ce735dc8e7ccc65d99a37ebc3d6128c77d
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
dbdc913afccda63f7888675987f5bd3f341e71ca311f4999e1e557d1ad7d2cda
e158fca623b622e9c871fd913897596cfe4b2b11e3df2baacafcbcca14df8fa2
e5f0058d3d737d25b691728bce12a7d0b77183781c936ca8152e28cacf9e6e3f
f087c79b54ced888350a539e10ce79e6376fe68e1f24786073475712410677b7
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a