pc2.mypreferences.com Open in urlscan Pro
162.253.104.96 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://emails.xfinity.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlYQGvI30W8zehn591czdUgk6jULLzfzgMA41S9zff3OetYzaeIkPfzczcJoNy5HzcXe...
Effective URL:
https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVyd...
Submission: On April 25 via api (April 25th 2022, 11:48:34 am UTC) from SE — Scanned from SE

Summary HTTP 16 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 16 HTTP transactions. The main IP is 162.253.104.96, located in United States and belongs to QTS-SUW1-ATL1, US. The main domain is pc2.mypreferences.com. The Cisco Umbrella rank of the primary domain is 305391.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on July 9th 2021. Valid for: a year.

This is the only time pc2.mypreferences.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.7.200.192 199.7.200.192	15334 (RESPONSYS) (RESPONSYS)
9	162.253.104.96 162.253.104.96	20141 (QTS-SUW1-...) (QTS-SUW1-ATL1)
2	188.114.96.7 188.114.96.7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.89.19.120 104.89.19.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
3 3	69.241.8.130 69.241.8.130	7922 (COMCAST-7922) (COMCAST-7922)
3	96.16.156.156 96.16.156.156	16625 (AKAMAI-AS) (AKAMAI-AS)
16	5

1 199.7.200.192 (United States) 1 redirects

ASN15334 (RESPONSYS, US)
PTR: emails.xfinity.com

emails.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.253.104.96 (United States)

ASN20141 (QTS-SUW1-ATL1, US)

pc2.mypreferences.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.7 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.19.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-19-120.deploy.static.akamaitechnologies.com

cdn.comcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.241.8.130 (United States) 3 redirects

ASN7922 (COMCAST-7922, US)
PTR: odol-atsec-bos-50.brockton.ma.boston.comcast.net

edge.static-assets.top.comcast.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 96.16.156.156 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-156-156.deploy.static.akamaitechnologies.com

static.cimcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	mypreferences.com pc2.mypreferences.com — Cisco Umbrella Rank: 305391	208 KB
3	cimcontent.net static.cimcontent.net — Cisco Umbrella Rank: 20984	86 KB
3	comcast.net 3 redirects edge.static-assets.top.comcast.net — Cisco Umbrella Rank: 34875	1 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 822	90 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	42 KB
1	comcast.com cdn.comcast.com — Cisco Umbrella Rank: 47720	821 B
1	xfinity.com 1 redirects emails.xfinity.com — Cisco Umbrella Rank: 321499	2 KB
16	7

	Domain	Requested by
9	pc2.mypreferences.com	pc2.mypreferences.com
3	static.cimcontent.net	pc2.mypreferences.com
3	edge.static-assets.top.comcast.net	3 redirects
2	use.fontawesome.com	pc2.mypreferences.com use.fontawesome.com
1	www.googletagmanager.com	pc2.mypreferences.com
1	cdn.comcast.com	pc2.mypreferences.com
1	emails.xfinity.com	1 redirects
16	7

This site contains links to these domains. Also see Links.

Domain
customer.xfinity.com
www.xfinity.com

Subject Issuer	Validity	Valid
pc.mypreferences.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2022-08-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
xapi.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2022-04-20` - `2023-04-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
Frame ID: 3FD2F7770EC8E56C99D4562AA2021462
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Manage Xfinity Communication Preferences

Page URL History Show full URLs

https://emails.xfinity.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlYQGvI30W8zehn591czdUgk6jULLzfzgMA41S9zff3OetYz... HTTP 302
https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

81 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

427 kB
Transfer

978 kB
Size

4
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://customer.xfinity.com/users/me/notifications
Title: My Account

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/rewards
Title: Join now.

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/privacy/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/privacy/manage-preference
Title: Cal.Civ.Code § 1798.135: Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://emails.xfinity.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlYQGvI30W8zehn591czdUgk6jULLzfzgMA41S9zff3OetYzaeIkPfzczcJoNy5HzcXebbed4YX2JFdIzaVXtpKX=UWTTRRDY&_ei_=EM6hiIRZ6IbTRQzpp7EgfWDv5wmb7wtZr_HKt4Y9565l73Y_PqZSaCEhvHs0mzNqB-gBgO3tuO3UzGxLd8-XUq76ZMc933xI6KE-OcN9i_7_vZ1nKFQzNpaL4RiL4mq9EOJepBHBH9Ka2UvEZBYn0GLwNUHY2xz2kUL42HrGepOz_rtUraFFsI1UbGpel71SoUC4JYl4W2WtLGWL_smg5J9SgOlmq3yPRKoTyTNkZs0ywiDMvzVv9oZGFgDomc-ADpmBGgKKXGDCMykhj-oxH82uaBqLlD92KAzCIiEW68WkZ5uRD4q4CWZESjsxf-PMkjrVFhI2a2AcIg4PNNtIvanJiLDuHJs-nXaVJxWO_k2Fu6Hdc2cWZ9bJcJfi_Qe20F-fHzrKHCGjujCQOiwpBb7qu3ZxxTGEmQ8hbSzboZjeQHWD2afx4Tn-2OOgPr-hE_wzXoHG2wxkBEyl1mJqhCLCqT4we6iZbG9s6GeJs6reYBc1T6Y4dzbzVXwM_aDP0Piz1FNU9lOse-TtoVqZsY_oSEAa1z01g9qN7HatpAlx1r8OUW-49ECnftnzPXOJP0dktV6U7S1q_gvQg_uRVcpOX-f3acXfXlSVaNsrIciNssq1FLQuXCGLajkd05OMD5rtJIfSUWhrjZ3wI3oozAXs5whyk4aNShpJTeRPSb7WozXlmydmbRfIl19-BgzJ8NL7XyrXIVzebtgDcRgrlvwNMTBmIobf43Gvo6I5-SQVDrqcWbl_UO5rQyQhkswr_GUV7l175wyyYbsTn5gp2lDl6befan1hS8wop8AANAlSm0V5cehAoCjToC_rGm4mG4JiweCBUDhovuY3ay-iY-JWtpW7p1xb3DNkwK8Q9w2MvVOBWxMoZSaHC5Up-9R-LxNpa49dZ4tzK8sV-bU-H_7IlsXJmg23RUou0nudtzcNmKNZN_LicFyiqBbpC3pHW6moRHsINgF3XWvjP5u-W0o.&_di_=7h3h3h4s6a6v5gd63dl8uce1vp5qk0osfpcqaq4m6q0ksip94m6g HTTP 302
https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2 HTTP 301
https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2

Request Chain 12

https://edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-ExtraLight.woff2 HTTP 301
https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-ExtraLight.woff2

Request Chain 13

https://edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2 HTTP 301
https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request ManagePreferences Show response
pc2.mypreferences.com/ComcastPrefCenter/
Redirect Chain

https://emails.xfinity.com/pub/cc?_ri_=X0Gzc2X=AQpglLjHJlYQGvI30W8zehn591czdUgk6jULLzfzgMA41S9zff3OetYzaeIkPfzczcJoNy5HzcXebbed4YX2JFdIzaVXtpKX=UWTTRRDY&_ei_=EM6hiIRZ6IbTRQzpp7EgfWDv5wmb7wtZr_HKt4Y...
https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D

58 KB
58 KB

1070ms
422ms

Document
text/html

162.253.104.96
QTS-SUW1-ATL1

General

Check archive.org

Show headers Download Go to

Full URL

https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.253.104.96 , United States, ASN20141 (QTS-SUW1-ATL1, US),

Reverse DNS

Software

Resource Hash

b666c3a42a8e2d7266ebdd704056a99a4808e9182bebf2ad62dcf8b888e87815

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Length: 58945
Content-Type: text/html; charset=utf-8
Date: Mon, 25 Apr 2022 11:48:25 GMT
Expires: Mon, 25 Apr 2022 11:48:25 GMT
Last-Modified: Mon, 25 Apr 2022 11:48:25 GMT
Strict-Transport-Security: max-age=16070400; includeSubDomains
X-Frame-Options: SAMEORIGIN

Redirect headers

Cache-Control: no-store, no-cache
Connection: close
Content-Type: text/plain; charset=UTF-8
Date: Mon, 25 Apr 2022 11:48:24 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
P3P: policyref="http://policy5.responsys.net/w3c/response.xml", CP="NON DSP COR IVAi IVDi OTRi IND ONL"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
12 KB 500ms
415ms Stylesheet
text/css 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: pc2.mypreferences.com
URL: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.7 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer: https://pc2.mypreferences.com/
Origin: https://pc2.mypreferences.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 11:48:26 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2T31N3VK9EYY94GX
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 7dVZLnBq+0m+ynGbdyHPPQ0hnpLsQaGHKBuh3oxCYc2FgIqfiI8wujNH7fk2lozmieSfu60wQHA=
last-modified: Wed, 30 Jun 2021 15:44:33 GMT
server: cloudflare
etag: W/"dc93d584e41f8417f6b7163320d34329"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvj%2FF5D1SrPdMljBdwxlqF1NE56hOXLmsl3A0yfbKRWDRI0UFrCVoEVyMYTQjBzje1lOZE%2FaXl6e5zUR6np%2BC3L3d%2BbGqwRoPQMwTVMX%2FdzHrQUubYX7Y76ZBKLqVJ2T6n%2BaieWe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 7016d97faec2d89d-CPH

GET
H/1.1 200
OK bootstrap.css
pc2.mypreferences.com/ComcastPrefCenter/Content/ 143 KB
21 KB 620ms
313ms Stylesheet
text/css 162.253.104.96
QTS-SUW1-ATL1

General

Check archive.org

Show headers Download Go to

Full URL

https://pc2.mypreferences.com/ComcastPrefCenter/Content/bootstrap.css

Requested by

Host: pc2.mypreferences.com
URL: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.253.104.96 , United States, ASN20141 (QTS-SUW1-ATL1, US),

Reverse DNS

Software

Resource Hash

7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 11:48:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Dec 2018 17:41:48 GMT
ETag: "0d6d720548ed41:0"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 21142

GET
H/1.1 200
OK site.css
pc2.mypreferences.com/ComcastPrefCenter/Content/ 30 KB
6 KB 627ms
317ms Stylesheet
text/css 162.253.104.96
QTS-SUW1-ATL1

General

Check archive.org

Show headers Download Go to

Full URL

https://pc2.mypreferences.com/ComcastPrefCenter/Content/site.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.253.104.96 , United States, ASN20141 (QTS-SUW1-ATL1, US),

Reverse DNS

Software

Resource Hash

c2545dcc0cc96f3ad07614be05a69aac6ce0bffa473cb6e9bb59394459d9c48c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 11:48:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 23 Oct 2020 17:25:40 GMT
ETag: "0423f8761a9d61:0"
Vary: Accept-Encoding
Content-Type: text/css
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 5184

GET
H/1.1 200
OK modernizr-2.8.3.js Show response
pc2.mypreferences.com/ComcastPrefCenter/Scripts/ 50 KB
16 KB 626ms
315ms Script
application/javascript 162.253.104.96
QTS-SUW1-ATL1

General

Check archive.org

Show headers Download Go to

Full URL

https://pc2.mypreferences.com/ComcastPrefCenter/Scripts/modernizr-2.8.3.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.253.104.96 , United States, ASN20141 (QTS-SUW1-ATL1, US),

Reverse DNS

Software

Resource Hash

7dfc3ef73c1284c7aff3c5cdac3812d212c8b899037d7860c8ba20a1defb9a7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 11:48:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Dec 2018 17:41:56 GMT
ETag: "08a9c25548ed41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 15781

GET
H2 200 E020F7373720426891AC068F01DA5A2A
cdn.comcast.com/-/media/ 944 B
821 B 247ms
56ms Image
image/svg+xml 104.89.19.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.comcast.com/-/media/E020F7373720426891AC068F01DA5A2A

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.89.19.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-89-19-120.deploy.static.akamaitechnologies.com

Software

Resource Hash

8f6e1abd2d0c7965b33e2520eb20b841fd3ed6a39c9292808e8d192e86e5b359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-xfnlog-site: XDS
content-disposition: inline; filename="xfinity-dark.svg"
content-length: 531
etag
last-modified: Tue, 27 Feb 2018 18:19:40 GMT
x-frame-options: SAMEORIGIN
date: Mon, 25 Apr 2022 11:48:27 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: private, max-age=31523982
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Tue, 25 Apr 2023 08:28:09 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
42 KB 210ms
73ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KPSSG3Z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

18b7b2800d8021623da60e9337e38d3f173f69de6890163ec580896ced9b942e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 11:48:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42541
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Apr 2022 11:48:27 GMT

GET
H/1.1 200
OK jquery-3.3.1.js Show response
pc2.mypreferences.com/ComcastPrefCenter/Scripts/ 265 KB
79 KB 158ms
157ms Script
application/javascript 162.253.104.96
QTS-SUW1-ATL1

General

Check archive.org

Show headers Download Go to

Full URL

https://pc2.mypreferences.com/ComcastPrefCenter/Scripts/jquery-3.3.1.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.253.104.96 , United States, ASN20141 (QTS-SUW1-ATL1, US),

Reverse DNS

Software

Resource Hash

d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 11:48:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Dec 2018 17:41:49 GMT
ETag: "806c7021548ed41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 80710

GET
H/1.1 200
OK bootstrap.js Show response
pc2.mypreferences.com/ComcastPrefCenter/Scripts/ 68 KB
15 KB 159ms
159ms Script
application/javascript 162.253.104.96
QTS-SUW1-ATL1

General

Check archive.org

Show headers Download Go to

Full URL

https://pc2.mypreferences.com/ComcastPrefCenter/Scripts/bootstrap.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.253.104.96 , United States, ASN20141 (QTS-SUW1-ATL1, US),

Reverse DNS

Software

Resource Hash

0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 11:48:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Dec 2018 17:41:48 GMT
ETag: "0d6d720548ed41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 14448

GET
H/1.1 200
OK sessionStorageManager.js Show response
pc2.mypreferences.com/ComcastPrefCenter/Scripts/ 372 B
832 B 160ms
159ms Script
application/javascript 162.253.104.96
QTS-SUW1-ATL1

General

Check archive.org

Show headers Download Go to

Full URL

https://pc2.mypreferences.com/ComcastPrefCenter/Scripts/sessionStorageManager.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.253.104.96 , United States, ASN20141 (QTS-SUW1-ATL1, US),

Reverse DNS

Software

Resource Hash

3fc775a41de34dbe8d1e1d3b537638eac0a15a7b37dcf0bfc734f6fd6cf4c9ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 11:48:26 GMT
Last-Modified: Mon, 14 Jan 2019 13:07:34 GMT
Accept-Ranges: bytes
ETag: "ffb7c1daacd41:0"
Content-Length: 372
Strict-Transport-Security: max-age=16070400; includeSubDomains
Content-Type: application/javascript

GET
H/1.1 200
OK jquery.validate.min.js Show response
pc2.mypreferences.com/ComcastPrefCenter/Scripts/ 23 KB
8 KB 159ms
158ms Script
application/javascript 162.253.104.96
QTS-SUW1-ATL1

General

Check archive.org

Show headers Download Go to

Full URL

https://pc2.mypreferences.com/ComcastPrefCenter/Scripts/jquery.validate.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.253.104.96 , United States, ASN20141 (QTS-SUW1-ATL1, US),

Reverse DNS

Software

Resource Hash

17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 11:48:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 07 Dec 2018 17:41:57 GMT
ETag: "80203526548ed41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 7522

GET
H/1.1 200
OK preferences.js Show response
pc2.mypreferences.com/ComcastPrefCenter/Scripts/ 15 KB
4 KB 294ms
157ms Script
application/javascript 162.253.104.96
QTS-SUW1-ATL1

General

Check archive.org

Show headers Download Go to

Full URL

https://pc2.mypreferences.com/ComcastPrefCenter/Scripts/preferences.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

162.253.104.96 , United States, ASN20141 (QTS-SUW1-ATL1, US),

Reverse DNS

Software

Resource Hash

14baf9730293b1f7df6a576da16dcb8302f1afc8522a9bd1d85a0e593609806f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/ComcastPrefCenter/ManagePreferences?params=ZW1haWw9dG9tLmJhcnJldHRAZXJpY3Nzb24uY29tJmN1c3RvbWVydHlwZT1DdXN0b21lciZzb3VyY2VpZD0yMDIyMDQxNV9BZGhvY19DTV9Vc2VNb3JlTkw%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 11:48:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Apr 2019 17:00:12 GMT
ETag: "0b63953ff5d41:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Strict-Transport-Security: max-age=16070400; includeSubDomains
Accept-Ranges: bytes
Content-Length: 3578

GET
H2

200

XfinityStandard-Light.woff2
static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/
Redirect Chain

https://edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2

27 KB
27 KB

446ms
61ms

Font
font/woff2

96.16.156.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
Requested by: Host: pc2.mypreferences.com
URL: https://pc2.mypreferences.com/ComcastPrefCenter/Content/site.css
Protocol: H2
Server: 96.16.156.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-156-156.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: wnCwOacXycelzt78IMkr55wWB9WkMd2W
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "f05d3ebe80809d82ab14d62a79da544e"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=320106
date: Mon, 25 Apr 2022 11:48:29 GMT
accept-ranges: bytes
content-length: 27420
x-amz-cf-id: pJVlp_4tR1YvGy9TwbJbXq6y8ghpdc6zQpeI3pUfBK1Uin6Xcatz4A==

Redirect headers

Date: Mon, 25 Apr 2022 11:48:29 GMT
Via: http/1.1 odol-atsec-bos-50.brockton.ma.boston.comcast.net (18.c0350c9.el7 [uSc s f p eN:tNc p s ])
Server: 18.c0350c9.el7
Location: https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
Content-Language: en
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 381

GET
H2

200

XfinityStandard-ExtraLight.woff2
static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/
Redirect Chain

https://edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-ExtraLight.woff2
https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-ExtraLight.woff2

32 KB
33 KB

502ms
117ms

Font
font/woff2

96.16.156.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-ExtraLight.woff2
Requested by: Host: pc2.mypreferences.com
URL: https://pc2.mypreferences.com/ComcastPrefCenter/Content/site.css
Protocol: H2
Server: 96.16.156.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-156-156.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8107d336fd1e5fee55e5a439af3165b98a39d84e25a0d55af1179d8e1b7b19ea

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: Bbube12IJwZsgLOR0dnsP3Zw8NdGE3DL
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "a626342f1fe2e8793440bc6f0882cb57"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=357236
date: Mon, 25 Apr 2022 11:48:29 GMT
accept-ranges: bytes
content-length: 33268
x-amz-cf-id: 5o2RhCqxJTs9M9gwfnKc-znOwLcX6S2RFLB2OyDqrsFIyDpARBc72w==

Redirect headers

Date: Mon, 25 Apr 2022 11:48:29 GMT
Via: http/1.1 odol-atsec-bos-50.brockton.ma.boston.comcast.net (18.c0350c9.el7 [uSc s f p eN:tNc p s ])
Server: 18.c0350c9.el7
Location: https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-ExtraLight.woff2
Content-Language: en
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 386

GET
H2

200

XfinityStandard-Regular.woff2
static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/
Redirect Chain

https://edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2

26 KB
26 KB

521ms
138ms

Font
font/woff2

96.16.156.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by: Host: pc2.mypreferences.com
URL: https://pc2.mypreferences.com/ComcastPrefCenter/Content/site.css
Protocol: H2
Server: 96.16.156.156 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a96-16-156-156.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://pc2.mypreferences.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

x-amz-version-id: kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
last-modified: Fri, 24 Jan 2020 21:23:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "e3e79cd377b28c1e7ffea64b194136cf"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=286199
date: Mon, 25 Apr 2022 11:48:29 GMT
accept-ranges: bytes
content-length: 26768
x-amz-cf-id: YO68MOq52obvKhru6Q5k_rOgizY3vGQDqfl1Hc2jwX_IXOuKs4TiHA==

Redirect headers

Date: Mon, 25 Apr 2022 11:48:29 GMT
Via: http/1.1 odol-atsec-bos-50.brockton.ma.boston.comcast.net (18.c0350c9.el7 [uSc s f p eN:tNc p s ])
Server: 18.c0350c9.el7
Location: https://static.cimcontent.net/staticsites/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Content-Language: en
Access-Control-Allow-Origin: *
Cache-Control: no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 383

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 242ms
241ms Font
font/woff2 188.114.96.7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.7 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Origin: https://pc2.mypreferences.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 11:48:27 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2T31VTF0DZEB689Z
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79100
x-amz-id-2: GGIAOd/takuipppp0+VEI6DFYTB1sX3IkZ7zhLY6KmX58o2GC7QazvdtghgqWNqFxq8VhHzVhUA=
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
server: cloudflare
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MQq%2B%2ByBVWZ19kzHmFnCSxlC2KzjOQ2hZCfbpsxTt5DcQ9gZ7UWqhi%2FwAUeWQSPLwlzxjXY%2BGiF4C0Mv6V1f0CCHWVb0%2FEe3ArdnuXMfi%2FxEaZjY6%2FPqwLWSHHWSRP5WFBHaoheju"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 7016d9843e3bd89d-CPH

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.xfinity.com/pub	1970-01-20 20:05:59	Name: 6.interact5.Mnn.....N.N... Value: _ri_=X0Gzc2X%3DAQpglLjHJlYQGvI30W8zehn591czdUgk6jULLzfzgMA41S9zff3OetYzaeIkPfzczcJoNy5HzcXebbed4YX2JFdIzaVXtpKX%3DUWTTRRDY&_ei_=EM6hiIRZ6IbTRQzpp7EgfWDv5wmb7wtZr_HKt4Y9565l73Y_PqZSaCEhvHs0mzNqB-gBgO3tuO3UzGxLd8-XUq76ZMc933xI6KE-OcN9i_7_vZ1nKFQzNpaL4RiL4mq9EOJepBHBH9Ka2UvEZBYn0GLwNUHY2xz2kUL42HrGepOz_rtUraFFsI1UbGpel71SoUC4JYl4W2WtLGWL_smg5J9SgOlmq3yPRKoTyTNkZs0ywiDMvzVv9oZGFgDomc-ADpmBGgKKXGDCMykhj-oxH82uaBqLlD92KAzCIiEW68WkZ5uRD4q4CWZESjsxf-PMkjrVFhI2a2AcIg4PNNtIvanJiLDuHJs-nXaVJxWO_k2Fu6Hdc2cWZ9bJcJfi_Qe20F-fHzrKHCGjujCQOiwpBb7qu3ZxxTGEmQ8hbSzboZjeQHWD2afx4Tn-2OOgPr-hE_wzXoHG2wxkBEyl1mJqhCLCqT4we6iZbG9s6GeJs6reYBc1T6Y4dzbzVXwM_aDP0Piz1FNU9lOse-TtoVqZsY_oSEAa1z01g9qN7HatpAlx1r8OUW-49ECnftnzPXOJP0dktV6U7S1q_gvQg_uRVcpOX-f3acXfXlSVaNsrIciNssq1FLQuXCGLajkd05OMD5rtJIfSUWhrjZ3wI3oozAXs5whyk4aNShpJTeRPSb7WozXlmydmbRfIl19-BgzJ8NL7XyrXIVzebtgDcRgrlvwNMTBmIobf43Gvo6I5-SQVDrqcWbl_UO5rQyQhkswr_GUV7l175wyyYbsTn5gp2lDl6befan1hS8wop8AANAlSm0V5cehAoCjToC_rGm4mG4JiweCBUDhovuY3ay-iY-JWtpW7p1xb3DNkwK8Q9w2MvVOBWxMoZSaHC5Up-9R-LxNpa49dZ4tzK8sV-bU-H_7IlsXJmg23RUou0nudtzcNmKNZN_LicFyiqBbpC3pHW6moRHsINgF3XWvjP5u-W0o
pc2.mypreferences.com/	1969-12-31 23:59:59	Name: __RequestVerificationToken_L0NvbWNhc3RQcmVmQ2VudGVy0 Value: 21sAutcWyb5iDOv__Et_Alk48bjRjoCVwMYakli0rbk4Qe7JYHv-nN0kQLsApU6BYG-rPLC0LvCALBpEWwQTqK4uiY9UXT2GEfveiSOPFdU1
pc2.mypreferences.com/	1969-12-31 23:59:59	Name: BIGipServerZSfR4CX9T8H3asIHr8Tmug Value: !C+n9tsUeXnqVv4KmE7I3W0fiXX2bmCq5rrJ2CAClXeswrYnK5+Q9EZUoWWRMznT1NqIWTtpzXSZ4UQ8=
.pc2.mypreferences.com/	1969-12-31 23:59:59	Name: TS01b2ef0f Value: 0141bd2f0ae1f3cf69b9508db5bb4d3a109f41b0fb1ba009b6f5564af745814a19ad82914ba3bbe1fc69d40d49665a505c21affcb2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.comcast.com
edge.static-assets.top.comcast.net
emails.xfinity.com
pc2.mypreferences.com
static.cimcontent.net
use.fontawesome.com
www.googletagmanager.com
104.89.19.120
142.250.186.104
162.253.104.96
188.114.96.7
199.7.200.192
69.241.8.130
96.16.156.156
0abe8deb334de1ba743b04d0399e99eba336afed9da72fc4c0a302c99f9238c8
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
14baf9730293b1f7df6a576da16dcb8302f1afc8522a9bd1d85a0e593609806f
17a879e50c3ab3078afaded288e257fb66e94806b76ff7e796b54226f9848f50
18b7b2800d8021623da60e9337e38d3f173f69de6890163ec580896ced9b942e
3fc775a41de34dbe8d1e1d3b537638eac0a15a7b37dcf0bfc734f6fd6cf4c9ab
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
7dfc3ef73c1284c7aff3c5cdac3812d212c8b899037d7860c8ba20a1defb9a7f
7e630d90c7234b0df1729f62b8f9e4bbfaf293d91a5a0ac46df25f2a6759e39a
8107d336fd1e5fee55e5a439af3165b98a39d84e25a0d55af1179d8e1b7b19ea
8f6e1abd2d0c7965b33e2520eb20b841fd3ed6a39c9292808e8d192e86e5b359
b666c3a42a8e2d7266ebdd704056a99a4808e9182bebf2ad62dcf8b888e87815
c2545dcc0cc96f3ad07614be05a69aac6ce0bffa473cb6e9bb59394459d9c48c
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

pc2.mypreferences.com Open in urlscan Pro 162.253.104.96 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

81 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

5 IPs

3 Countries

427 kBTransfer

978 kBSize

4 Cookies

4 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

12 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

pc2.mypreferences.com Open in urlscan Pro
162.253.104.96 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

81 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

427 kB
Transfer

978 kB
Size

4
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!