urlscan.io logo urlscan.io
SecurityTrails logo

niskioglasi.com Open in urlscan Pro
2400:cb00:2048:1::6812:2746  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://niskioglasi.com/xfinty/index.htm
Submission: On August 29 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 31 HTTP transactions. The main IP is 2400:cb00:2048:1::6812:2746, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is niskioglasi.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 14th 2018. Valid for: 6 months.
This is the only time niskioglasi.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 2400:cb00:204... 13335 (CLOUDFLAR...)
11 2001:558:fe21... 7922 (COMCAST-7922)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
2 52.85.183.121 16509 (AMAZON-02)
1 178.250.2.100 44788 (ASN-CRITE...)
1 18.184.254.112 16509 (AMAZON-02)
1 52.36.158.250 16509 (AMAZON-02)
1 3 204.13.194.235 29990 (ASN-APPNEXUS)
1 172.227.89.134 16625 (AKAMAI-AS)
2 69.173.144.140 26667 (RUBICONPR...)
2 69.173.144.152 26667 (RUBICONPR...)
1 2.18.235.40 16625 (AKAMAI-AS)
1 151.101.113.108 54113 (FASTLY)
1 35.168.165.225 14618 (AMAZON-AES)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a03:2880:f12... 32934 (FACEBOOK)
31 16
1    2400:cb00:2048:1::6812:2746 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
niskioglasi.com
11    2001:558:fe21:2:69:252:205:24 (United States)

ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US)
login.comcast.net
1    2400:cb00:2048:1::6813:c497 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com
2    52.85.183.121 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-85-183-121.fra50.r.cloudfront.net
privacy-policy.truste.com
1    178.250.2.100 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: rtax.criteo.com
rtax.criteo.com
1    18.184.254.112 (Cambridge, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-184-254-112.eu-central-1.compute.amazonaws.com
pixel.quantserve.com
1    52.36.158.250 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-36-158-250.us-west-2.compute.amazonaws.com
dmp.tidaltv.com
3    204.13.194.235 (New York, United States)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
oascentral.comcast.net
1    172.227.89.134 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a172-227-89-134.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
2    69.173.144.140 (Smithfield, United States)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
optimized-by.rubiconproject.com
2    69.173.144.152 (Smithfield, United States)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
beacon-eu2.rubiconproject.com
1    2.18.235.40 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
1    151.101.113.108 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
cdn.oas-c18.adnxs.com
1    35.168.165.225 (Seattle, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-168-165-225.compute-1.amazonaws.com
s.update.rubiconproject.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    2a03:2880:f12d:86:face:b00c:0:50fb (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
11 login.comcast.net niskioglasi.com
ajax.cloudflare.com
login.comcast.net
3 oascentral.comcast.net 1 redirects ajax.cloudflare.com
2 beacon-eu2.rubiconproject.com niskioglasi.com
2 optimized-by.rubiconproject.com ajax.cloudflare.com
2 privacy-policy.truste.com niskioglasi.com
ajax.cloudflare.com
1 www.facebook.com connect.facebook.net
1 staticxx.facebook.com connect.facebook.net
1 connect.facebook.net niskioglasi.com
1 s.update.rubiconproject.com ajax.cloudflare.com
1 cdn.oas-c18.adnxs.com niskioglasi.com
1 z.moatads.com ajax.cloudflare.com
1 ads.rubiconproject.com ajax.cloudflare.com
1 dmp.tidaltv.com ajax.cloudflare.com
1 pixel.quantserve.com ajax.cloudflare.com
1 rtax.criteo.com niskioglasi.com
1 ajax.cloudflare.com niskioglasi.com
1 niskioglasi.com
31 17
Subject Issuer Validity Valid
sni221294.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-08-14 -
2019-02-20		 6 months crt.sh
login.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2016-12-16 -
2018-12-16		 2 years crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-04-14 -
2018-10-21		 6 months crt.sh
*.truste.com
Go Daddy Secure Certificate Authority - G2		 2018-01-26 -
2021-03-06		 3 years crt.sh
*.criteo.com
DigiCert SHA2 Secure Server CA		 2017-11-21 -
2018-11-26		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2015-08-05 -
2018-11-02		 3 years crt.sh
*.tidaltv.com
Go Daddy Secure Certificate Authority - G2		 2017-07-11 -
2020-07-11		 3 years crt.sh
oascentral.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2017-05-18 -
2019-05-18		 2 years crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2016-01-12 -
2019-03-01		 3 years crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-01-09 -
2019-01-09		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2018-07-13 -
2019-06-07		 a year crt.sh
kazfv.com
COMODO ECC Domain Validation Secure Server CA		 2018-07-20 -
2019-07-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh

This page contains 3 frames:

Primary Page: https://niskioglasi.com/xfinty/index.htm
Frame ID: 6896FD0E67BA7BD99A3D860C4B303263
Requests: 29 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
Frame ID: C9D0B591822921D02B99AFC6F1C228DA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/connect/ping?client_id=161991040493541&domain=niskioglasi.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df4a4c3fd63408%26domain%3Dniskioglasi.com%26origin%3Dhttps%253A%252F%252Fniskioglasi.com%252Ff282cab091e9c3c%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey&version
Frame ID: E431959B2B3752AD691FB959E9843371
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

31
Requests

100 %
HTTPS

31 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

365 kB
Transfer

882 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://oascentral.comcast.net/RealMedia/ads/adstream_lx.ads/comcast.net/RubiconSIPassback/L29/303479690/x32/Comcast/CIM_2018Q1_SIG_300_FILLERB/300x250_IMG_XFHomeSecurity_08292018.jpg/6c5073742f6c7547367a4d4143533668?_OAS_GEO_OVERRIDE_=US:UNKNOWN&am=NONE&qsg=D&kw=noloopback_smr HTTP 302
  • https://cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/CIM_2018Q1_SIG_300_FILLERB/300x250_IMG_XFHomeSecurity_08292018.jpg/1535555793

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.htm
niskioglasi.com/xfinty/ 		31 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://niskioglasi.com/xfinty/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6812:2746 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1638a32657a55c2c5fe16f0bf5795692d40dc277a7f94cd00a6d4aeb750b2507

Request headers

:method
GET
:authority
niskioglasi.com
:scheme
https
:path
/xfinty/index.htm
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6896FD0E67BA7BD99A3D860C4B303263

Response headers

status
200
date
Wed, 29 Aug 2018 18:51:27 GMT
content-type
text/html
set-cookie
__cfduid=d0bb8c326b80e589bc1baeff22e8c79f81535568687; expires=Thu, 29-Aug-19 18:51:27 GMT; path=/; domain=.niskioglasi.com; HttpOnly
last-modified
Wed, 29 Aug 2018 15:19:11 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
45213589883263f7-FRA
content-encoding
gzip
styles.min.css
login.comcast.net/static/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/css/styles.min.css?v=22ccc70
Requested by
Host: niskioglasi.com
URL: https://niskioglasi.com/xfinty/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
847ec2bbe06b316899e011a0abdd47e14a5620dd8fa83e59f02b7edb955ae54c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 18:51:28 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Aug 2018 20:02:19 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/css
Cache-Control
max-age=157079450
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
4532
Expires
Mon, 21 Aug 2023 20:02:19 GMT
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Requested by
Host: niskioglasi.com
URL: https://niskioglasi.com/xfinty/index.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c497 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 29 Aug 2018 18:51:27 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 28 Aug 2018 12:10:38 GMT
server
cloudflare-nginx
etag
W/"5b853bbe-2ba8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
45213589bcf79738-FRA
expires
Fri, 31 Aug 2018 18:51:27 GMT
fb_btn.png
login.comcast.net/static/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.comcast.net/static/images/fb_btn.png
Requested by
Host: niskioglasi.com
URL: https://niskioglasi.com/xfinty/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
d67b537d58287ab31a1a901e12b55660dc722ea88e77a18598ec9f7622b89ac0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Encoding
gzip
Server
Apache
Date
Wed, 29 Aug 2018 18:51:28 GMT
Vary
accept-language,accept-charset,Accept-Encoding
Content-Language
en
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
text/html; charset=iso-8859-1
Keep-Alive
timeout=5, max=500
Content-Length
691
seal
privacy-policy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privacy-policy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/seal?rid=9426d53b-42b1-4587-8d55-c57322ccb60d
Requested by
Host: niskioglasi.com
URL: https://niskioglasi.com/xfinty/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.183.121 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-183-121.fra50.r.cloudfront.net
Software
TXS /
Resource Hash
fccf0b671af9aaa565fb04ab72d41cecd99f5a0cb8cc3dc9d7b1da77a85fa5fa
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 14 Aug 2018 18:57:18 GMT
Via
1.1 7922e01ab53e8f36477272573223ab35.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff, nosniff
Server
TXS
Age
65609
ETag
W/"2861-1517501402000"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2861
X-Xss-Protection
1; mode=block, 1; mode=block
X-Amz-Cf-Id
R29947Bg1xPibsCpE7KeOfpwPRrVoePQTjo3yQ5OOOx40a5OXUFXgg==
rta.js
rtax.criteo.com/delivery/rta/ 		148 B
640 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtax.criteo.com/delivery/rta/rta.js?netId=2528&cookieName=crtg_comcast&rnd=68197744702&varName=crtg_content
Requested by
Host: niskioglasi.com
URL: https://niskioglasi.com/xfinty/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
178.250.2.100 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
rtax.criteo.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
64a1959022eac7b947f94940f33e7983df1fce15be5a8386ca4212ddcaf22b52

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 18:51:28 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
148
segments.json
pixel.quantserve.com/api/ 		39 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.254.112 Cambridge, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-184-254-112.eu-central-1.compute.amazonaws.com
Software
QS /
Resource Hash
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 29 Aug 2018 18:51:28 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
39
Expires
Thu, 30 Aug 2018 18:51:28 GMT
data.json
dmp.tidaltv.com/audience/browser/ 		117 B
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.tidaltv.com/audience/browser/data.json?a=ea88754cd14d442091b4a4ae31437756&callback=_vdlg.comcastOASCallback
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.158.250 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-36-158-250.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e9d7f3e0c6da70dd4da639829d35aeeb7c1f139ee90020a61ecbda557e912230
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 29 Aug 2018 18:51:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
Apache-Coyote/1.1
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Connection
close
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
0
1291692746@x32
oascentral.comcast.net/RealMedia/ads/adstream_jx.ads/comcast.net/login_secure/notve/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oascentral.comcast.net/RealMedia/ads/adstream_jx.ads/comcast.net/login_secure/notve/1291692746@x32?target=normal&_OAS_GEO_OVERRIDE_=US:UNKNOWN&am=NONE&qsg=D&
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.13.194.235 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
534d56bd673065577c1eb30ce347dc1ec01c65f7e66d3d1784ff9ec9f4bf55e8

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 29 Aug 2018 18:51:31 GMT
Content-Encoding
gzip
Server
nginx/1.13.10
Vary
Accept-Encoding
P3P
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Cache-Control
no-cache,no-store,private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
Expires
Fri, 30 Oct 1998 14:19:41 GMT
11648.js
ads.rubiconproject.com/ad/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/11648.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.227.89.134 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a172-227-89-134.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
688f5aa0394adf2ac86f94d7150aaaa8f36e5470f26d787d073e2a857d6b2cb5

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 29 Aug 2018 18:51:29 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=9850
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
7578
Expires
Wed, 29 Aug 2018 21:35:39 GMT
150582-10.js
optimized-by.rubiconproject.com/a/11648/36314/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.8616687994051511&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=36314_10&rp_secure=1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.140 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
d85a2d40b1bbc55f69d90df209e6f5f50c28f76bf0e4b4af3c40819126767159

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 29 Aug 2018 18:51:29 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=5, max=49
Content-Length
1029
Expires
Wed, 17 Sep 1975 21:32:10 GMT
65e83f50-f276-49d5-ab54-07d3a594d125
beacon-eu2.rubiconproject.com/beacon/d/ 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu2.rubiconproject.com/beacon/d/65e83f50-f276-49d5-ab54-07d3a594d125?oo=0&accountId=11648&siteId=36314&zoneId=150582&sizeId=10&e=6A1E40E384DA563BCA7CDBF791CD297F18B39C9A2C9E1CAC8982525ABEF12F7C40741E5C395302022C08D5201A9D806A729C3974A64F77AFEED8D4935E3F3674F9B2532C64B8A48EB972F8C4BA397DD168670CCDB54A6D2EDDC930FAFC1D767137A74D0541EE6AFCC75F25091874CCF5F6CD52246EBD26AD1E5F542474BBDCCE3B22BBF4B8D91D8E
Requested by
Host: niskioglasi.com
URL: https://niskioglasi.com/xfinty/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.152 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Aug 2018 18:51:29 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/webp
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
150582-15.js
optimized-by.rubiconproject.com/a/11648/36314/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.13346350525361128&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=36314_15&rp_secure=1
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.140 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
792ee0d3b74d01753a1267a211af90bd6c19005cd5c9103b1f106fefddbe0b71

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 29 Aug 2018 18:51:29 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=5, max=7
Content-Length
1720
Expires
Wed, 17 Sep 1975 21:32:10 GMT
a7dd1059-0689-4088-9abe-60b81f5e1f03
beacon-eu2.rubiconproject.com/beacon/d/ 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-eu2.rubiconproject.com/beacon/d/a7dd1059-0689-4088-9abe-60b81f5e1f03?oo=0&accountId=11648&siteId=36314&zoneId=150582&sizeId=15&e=6A1E40E384DA563BEE719B1D5FEC351E0B79394064F66C2C1C66EDEF93E8E436CB8D902416E42F188D12FDAD5D55D2ECABCC67E9E609CD7C68335219EE4EED80F9B2532C64B8A48EB972F8C4BA397DD168670CCDB54A6D2EDDC930FAFC1D767137A74D0541EE6AFCC75F25091874CCF5F6CD52246EBD26AD1E5F542474BBDCCE3B22BBF4B8D91D8E
Requested by
Host: niskioglasi.com
URL: https://niskioglasi.com/xfinty/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.152 Smithfield, United States, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 29 Aug 2018 18:51:29 GMT
Cache-Control
private, max-age=0, no-cache
Server
Rubicon Project
Content-Type
image/webp
Content-Length
43
Expires
01 Jan 1970 10:00:00 GMT
1322696283@x32
oascentral.comcast.net/RealMedia/ads/adstream_jx.ads/comcast.net/RubiconSIPassback/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oascentral.comcast.net/RealMedia/ads/adstream_jx.ads/comcast.net/RubiconSIPassback/1322696283@x32?_OAS_GEO_OVERRIDE_=US:UNKNOWN&am=NONE&qsg=D&kw=noloopback_smr
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.13.194.235 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
871f071a36bac21c1e6e59e800d662e79b7ce6941402ef1b2fd515c016dfc2ec

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Wed, 29 Aug 2018 18:51:32 GMT
Content-Encoding
gzip
Server
nginx/1.13.10
Vary
Accept-Encoding
P3P
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Cache-Control
no-cache,no-store,private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
Expires
Fri, 30 Oct 1998 14:19:41 GMT
moatad.js
z.moatads.com/comcastapn56341864860/ 		250 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/comcastapn56341864860/moatad.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.235.40 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4f3e599eee38189123ac76731eb2ec5c9fc1673db29697854607dea2aa28b144

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 29 Aug 2018 18:51:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Aug 2018 16:40:07 GMT
Server
AmazonS3
x-amz-request-id
4783FD6B9A205A8B
ETag
"85faed74c4adbe1ff11129de254cb02a"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=37251
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78380
x-amz-id-2
TtkxdSmAfjJd0Fbvnf/OECFVhEl8obf2Ay0MZb3+nfhnlDDBOTJUP7Ghw20uh1WMC4WlpZ+Fk5Q=
1535555793
cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/CIM_2018Q1_SIG_300_FILLERB/300x250_IMG_XFHomeSecurity_08292018.jpg/
Redirect Chain
  • https://oascentral.comcast.net/RealMedia/ads/adstream_lx.ads/comcast.net/RubiconSIPassback/L29/303479690/x32/Comcast/CIM_2018Q1_SIG_300_FILLERB/300x250_IMG_XFHomeSecurity_08292018.jpg/6c5073742f6c7...
  • https://cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/CIM_2018Q1_SIG_300_FILLERB/300x250_IMG_XFHomeSecurity_08292018.jpg/1535555793
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/CIM_2018Q1_SIG_300_FILLERB/300x250_IMG_XFHomeSecurity_08292018.jpg/1535555793
Requested by
Host: niskioglasi.com
URL: https://niskioglasi.com/xfinty/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
e7e83e7ad8e5ce60615de32eff20ac0296ec266e680722698159c58fec4b545d

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 18:51:30 GMT
Via
1.1 varnish, 1.1 varnish
Age
12301
X-Cache
HIT, HIT
P3P
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Connection
keep-alive
Content-Length
28488
X-Served-By
cache-jfk8132-JFK, cache-hhn1540-HHN
Last-Modified
Wed, 29 Aug 2018 15:16:33 GMT
Server
nginx/1.13.10
X-Timer
S1535568690.262179,VS0,VE0
ETag
"2bc224-6f48-5749471931640"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
2, 2

Redirect headers

Pragma
no-cache
Date
Wed, 29 Aug 2018 18:51:32 GMT
Server
nginx/1.13.10
P3P
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location
https://cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/CIM_2018Q1_SIG_300_FILLERB/300x250_IMG_XFHomeSecurity_08292018.jpg/1535555793
Cache-Control
no-cache,no-store,private
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
411
Expires
Fri, 30 Oct 1998 14:19:41 GMT
analytics.js
s.update.rubiconproject.com/2/873648/ 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.rubiconproject.com/2/873648/analytics.js?si=36314&di=niskioglasi.com&ap=&dm=10&pi=150582&ti=65e83f50-f276-49d5-ab54-07d3a594d125&r5=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_13_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F67.0.3396.87%20Safari%2F537.36&dt=8736481428691810142000
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
35.168.165.225 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-168-165-225.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 18:51:30 GMT
Content-Length
0
xfinity-logo.png
login.comcast.net/static/images/global/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.comcast.net/static/images/global/xfinity-logo.png
Requested by
Host: niskioglasi.com
URL: https://niskioglasi.com/xfinty/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
f2cbb9c684c7244f1098767b9b4e12521777afee1fd2c93aae1e762f1a1ff85d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://login.comcast.net/static/css/styles.min.css?v=22ccc70
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 18:51:30 GMT
Last-Modified
Sat, 14 Apr 2018 00:32:35 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
image/png
Cache-Control
max-age=145777264
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
7836
Expires
Thu, 13 Apr 2023 00:32:35 GMT
omniture.js
login.comcast.net/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/omniture.js?v=22ccc70
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Encoding
gzip
Server
Apache
Date
Wed, 29 Aug 2018 18:51:30 GMT
Vary
accept-language,accept-charset,Accept-Encoding
Content-Language
en
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
text/html; charset=iso-8859-1
Keep-Alive
timeout=5, max=499
Content-Length
691
jquery.tools-1.2.6.min.js
login.comcast.net/static/js/libs/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/libs/jquery.tools-1.2.6.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
a90f02a9856bdf24568f35cf996e0cb5d6831a77958b628854162e81edaa4911
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 18:51:30 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Apr 2018 00:32:35 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/javascript
Cache-Control
max-age=145777264
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
15784
Expires
Thu, 13 Apr 2023 00:32:35 GMT
jquery-1.7.min.js
login.comcast.net/static/js/libs/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/libs/jquery-1.7.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
09b3d1d373b566ce6a958d0f089607510592619f028081822696b387da06d703
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 18:51:30 GMT
Content-Encoding
gzip
Last-Modified
Sat, 14 Apr 2018 00:32:35 GMT
Server
Apache
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
text/javascript
Cache-Control
max-age=145777264
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
33279
Expires
Thu, 13 Apr 2023 00:32:35 GMT
asc
privacy-policy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/ 		17 B
575 B 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy-policy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/asc?rid=b537c389-7be1-4331-bb73-03a71788bc12
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.85.183.121 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-85-183-121.fra50.r.cloudfront.net
Software
TXS /
Resource Hash
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 28 Aug 2018 20:25:54 GMT
Via
1.1 7922e01ab53e8f36477272573223ab35.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff, nosniff
Server
TXS
Age
80736
X-Frame-Options
SAMEORIGIN, SAMEORIGIN
X-Cache
Hit from cloudfront
Content-Type
text/plain;charset=ISO-8859-1
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
17
X-Xss-Protection
1; mode=block, 1; mode=block
X-Amz-Cf-Id
-O_VZwmVcXGCNCKF327GJEAxKOnjElue6j1SRmaPlk3sYGrs6pbkhQ==
nc.min.js
login.comcast.net/proxy/captcha/resource/33376/v6/skins/open-comcast-cima-2/ 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/proxy/captcha/resource/33376/v6/skins/open-comcast-cima-2/nc.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
/
Resource Hash
184bdd403c5676cf483b4a891b60c54fa4a0644892e328cbbad706cf4449bc04
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 16:17:18 GMT
Via
1.1 eec1058ad81fe534dcf337d8a7a32916.cloudfront.net (CloudFront), 1.1 login.comcast.net
Last-Modified
Fri, 17 Apr 2015 22:20:47 GMT
Age
9253
ETag
"5c6a433c480792f16558fee54d2a5d14"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
Keep-Alive
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=5, max=498
X-Amz-Cf-Id
L64lMxT4uHm8x23dU1U10kxthvES7hXiE24yoFMERgdD_NCIwQnn3w==
/
login.comcast.net/proxy/captcha/data/track/ 		501 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/proxy/captcha/data/track/?type=GIF&lang=eng&index=0&token=2.5916.206358.1443975889.2.Rs_OvndLribyF1dGG83oEw,,.jnAw-nO2RmDVuskpqrFYk1uvYQKsnTIlT4PxchxpNd9qyqIyG9ylcIN2kd382BA-Uw7dgJ8-pIUHjpVzLXs0_hph360B5TabdC9xxlplyTrFWa3otphbYipPS_KjqeB2ILKpfUF_Pgv9slsKtCh2fuGqKMcuWFHmjzGnA5FVTkHYHWN_Gy29SBBysrV8seGM-Rv1e43XkOQthLaGNanOPgWCyO_XoqPzhOAahi8xBIxP5XXOLT-29TsnnB_N9NWdBP4iqa557Iufk7bYo31M9kYscaW9qRNkajtNQdjEPqxTUsI1r8ZawAPyG6OqJyWyKYwGrmTiVBNMzF50rLiwFwZbenrYkriySAGDCGpZfhGxq3o4M7J_RMaDV7bKfr1lnJNQvqTpo_PutEuQALDV_pOmCJol78fmKNshW4O_Y3GwbZT5f5Avz4F_rbCgZ2odBXqC2PbzFbo4GVU1Q6Q_NXt3a6O08cH510eqlScMMUw,.d0N3RHQ4dE1NWmZOYzRyZnFTd1REM2JEb0t4MmdrNXpHY0E4Qm9oYkRueUJ1WGFBMGtZNm45R2pCT1pndlVsOE1IdVJ5akw5SFQ3cEExeE9tUW9BT2tmU0dCS0RKcklNbWZ0VERsK2s5UktIUXlYZXMyalc0cWd3eGxKWmJITTc1N0Z2d2xZQnBtMi9oRlBraFFKQWhWb3lIa2xIT1BDRHA4aEk5OFFEcWdjPQ,,&ptype=SCRIPT
Requested by
Host: login.comcast.net
URL: https://login.comcast.net/proxy/captcha/resource/33376/v6/skins/open-comcast-cima-2/nc.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
/ PHP/5.3.3
Resource Hash
67e36111036a3b8af2b119c97586f3092845324f5feed7c4a4ec63d2b0e322b6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 18:51:30 GMT
Via
1.1 login.comcast.net
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
application/x-javascript
Connection
Keep-Alive
Content-Encoding
gzip
Keep-Alive
timeout=5, max=497
Content-Length
422
all.js
connect.facebook.net/en_US/ 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: niskioglasi.com
URL: https://niskioglasi.com/xfinty/index.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
75ef67a999c50dc8a2d76c12dc711f801a00ea6f4fa6ff19fb7e645b7920b826
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
2WyI4wU40r30IWGfJ6zVdQ==
status
200
content-length
68573
x-xss-protection
0
x-fb-debug
BYtEcln+1wwRjaaGROj2IZkNRTv8UrVVtT22PonbUgJgbUaAVX4l3cff/s3x8ZpLDK1APbcqWPyTq6XAOXVyjw==
x-fb-content-md5
805c948867d338873f77e7d08f0ef072
x-frame-options
DENY
date
Wed, 29 Aug 2018 18:51:30 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"5340fb215cde36415c1f2f792e986602"
timing-allow-origin
*
expires
Wed, 29 Aug 2018 19:02:10 GMT
omniture.js
login.comcast.net/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/omniture.js?v=22ccc70
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/2448a7bd/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Encoding
gzip
Server
Apache
Date
Wed, 29 Aug 2018 18:51:30 GMT
Vary
accept-language,accept-charset,Accept-Encoding
Content-Language
en
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Type
text/html; charset=iso-8859-1
Keep-Alive
timeout=5, max=499
Content-Length
691
QX17B8fU-Vm.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame C9D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/QX17B8fU-Vm.js?version=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://niskioglasi.com/xfinty/index.htm
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6896FD0E67BA7BD99A3D860C4B303263
Referer
https://niskioglasi.com/xfinty/index.htm

Response headers

status
200
expires
Mon, 26 Aug 2019 18:28:09 GMT
cache-control
public,max-age=31536000,immutable
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection
0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
x-fb-debug
n+B5pdawZl1QzwsFwtwaQBdgBRZO2gVsXex7KncqpQc10dxvlehF/QwwS4Tc9MG5hCmmxnSf0peOfZSZlNWLWw==
content-length
13927
date
Wed, 29 Aug 2018 18:51:30 GMT
ping
www.facebook.com/connect/ Frame E431 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/connect/ping?client_id=161991040493541&domain=niskioglasi.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df4a4c3fd63408%26domain%3Dniskioglasi.com%26origin%3Dhttps%253A%252F%252Fniskioglasi.com%252Ff282cab091e9c3c%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey&version
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f12d:86:face:b00c:0:50fb , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/connect/ping?client_id=161991040493541&domain=niskioglasi.com&origin=1&redirect_uri=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FQX17B8fU-Vm.js%3Fversion%3D42%23cb%3Df4a4c3fd63408%26domain%3Dniskioglasi.com%26origin%3Dhttps%253A%252F%252Fniskioglasi.com%252Ff282cab091e9c3c%26relation%3Dparent&response_type=token%2Csigned_request&sdk=joey&version
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://niskioglasi.com/xfinty/index.htm
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
6896FD0E67BA7BD99A3D860C4B303263
Referer
https://niskioglasi.com/xfinty/index.htm

Response headers

status
200
x-xss-protection
0
pragma
no-cache
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
cache-control
private, no-cache, no-store, must-revalidate
expect-ct
max-age=86400, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html; charset="utf-8"
x-fb-debug
mtb0ZWB9fUUhk2aPzKmAxwDbBlWb6bUOeTJ1hYlSa1kSg7psNzv6HrQc7l13Pa4e6JyZxfGU+ZgSIxYRRMqnRw==
date
Wed, 29 Aug 2018 18:51:31 GMT
home.png
login.comcast.net/static/images/sprites/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.comcast.net/static/images/sprites/home.png
Requested by
Host: login.comcast.net
URL: https://login.comcast.net/static/js/libs/jquery-1.7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
aea1b1b66ea361a8235c838811585c1c052b69faccdc879bb50540b99e0d7316
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://login.comcast.net/static/css/styles.min.css?v=22ccc70
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 18:51:31 GMT
Last-Modified
Sat, 14 Apr 2018 00:32:35 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
image/png
Cache-Control
max-age=145777263
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=498
Content-Length
18298
Expires
Thu, 13 Apr 2023 00:32:35 GMT
/
login.comcast.net/proxy/captcha/data/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.comcast.net/proxy/captcha/data/?type=GIF&lang=eng&index=0&token=2.5916.206358.1443975889.2.Rs_OvndLribyF1dGG83oEw,,.jnAw-nO2RmDVuskpqrFYk1uvYQKsnTIlT4PxchxpNd9qyqIyG9ylcIN2kd382BA-Uw7dgJ8-pIUHjpVzLXs0_hph360B5TabdC9xxlplyTrFWa3otphbYipPS_KjqeB2ILKpfUF_Pgv9slsKtCh2fuGqKMcuWFHmjzGnA5FVTkHYHWN_Gy29SBBysrV8seGM-Rv1e43XkOQthLaGNanOPgWCyO_XoqPzhOAahi8xBIxP5XXOLT-29TsnnB_N9NWdBP4iqa557Iufk7bYo31M9kYscaW9qRNkajtNQdjEPqxTUsI1r8ZawAPyG6OqJyWyKYwGrmTiVBNMzF50rLiwFwZbenrYkriySAGDCGpZfhGxq3o4M7J_RMaDV7bKfr1lnJNQvqTpo_PutEuQALDV_pOmCJol78fmKNshW4O_Y3GwbZT5f5Avz4F_rbCgZ2odBXqC2PbzFbo4GVU1Q6Q_NXt3a6O08cH510eqlScMMUw,.d0N3RHQ4dE1NWmZOYzRyZnFTd1REM2JEb0t4MmdrNXpHY0E4Qm9oYkRueUJ1WGFBMGtZNm45R2pCT1pndlVsOE1IdVJ5akw5SFQ3cEExeE9tUW9BT2tmU0dCS0RKcklNbWZ0VERsK2s5UktIUXlYZXMyalc0cWd3eGxKWmJITTc1N0Z2d2xZQnBtMi9oRlBraFFKQWhWb3lIa2xIT1BDRHA4aEk5OFFEcWdjPQ,,&ptype=SCRIPT&ak=36565
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
/ PHP/5.3.3
Resource Hash
8c7bded1e63c944f1b283692e90afcd6218bdb8b1d0eb1151752a3a67875ab8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://niskioglasi.com/xfinty/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 29 Aug 2018 18:51:31 GMT
Via
1.1 login.comcast.net
X-Powered-By
PHP/5.3.3
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
image/gif
Content-Transfer-Encoding
binary
Connection
Keep-Alive
Keep-Alive
timeout=5, max=496
Content-Length
52473

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

393 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| f_ADTARGET_ZIP string| f_AM_CID boolean| f_ENABLE_ADTARGETING string| crtg_nid string| crtg_cookiename string| crtg_varname function| crtg_getCookie string| crtg_content number| crtg_rnd function| qc_results string| quantSegs object| _vdlg object| opts string| OAS_query object| OAS_rn string| OAS_rns string| first_time string| OAS_type string| OAS_sitepage string| OAS_listpos undefined| rp_account undefined| rp_site undefined| rp_zonesize undefined| rp_adtype string| rp_smartfile object| rp_account_config object| RubiconAdServing object| rp_requests number| rubicon_cb string| rubicon_rurl string| rubicon_ad string| rubicon_creative string| rubicon_tag_code undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G26 object| MoatSuperV26 object| callbacks object| Moat#PML#26#1.2 boolean| Moat#EVA undefined| ad string| x32adtag string| adtag_x32 object| __cfQR object| time function| ncsII1 function| ncslIl11l1l111l function| ncsI111 object| ncs1Il1I1Il function| ncsIlII function| ncsI111l function| ncsII1IlII function| ncsII11 number| ncs11ll1II string| ncs11ll object| ncs1Il1I1I function| ncslIl111I function| ncsI111llll function| ncsl11l111 function| ncsllll1II function| ncslIl1 function| ncsl11l string| NC_FLASHEVENT_CONNECT string| NC_FLASHEVENT_START string| NC_FLASHEVENT_COMPLETE string| NC_FLASHEVENT_DOWNLOAD_COMPLETE string| NC_FLASHEVENT_DOWNLOAD_RETRY string| NC_FLASHEVENT_DOWNLOAD_FAILURE string| NC_FLASHEVENT_PLAY_CLICKED string| NC_FLASHEVENT_PLAY_WAITING string| NC_FLASHEVENT_REPLAY_CLICKED string| NC_FLASHEVENT_REPLAY_WAITING function| ncFOnEvent string| NC_FLASHEVENT_SEND_MUTE string| NC_FLASHEVENT_SEND_PLAY string| NC_FLASHEVENT_SEND_SETPLAYMODE function| ncFSendFlashEvent function| ncFCmdError function| ncFSetRegion function| ncsII11I function| ncsllll1I function| ncslIl111I1 function| ncsl1llI1ll function| ncsl11 boolean| isIE boolean| isWin boolean| isOpera function| ncsllll1III function| ncsllll function| ncsII11I11 function| ncsII11I11I function| ncsIlII1l1I function| ncsl11l111l function| ncsI111lll function| ncsIlI function| ncslIl11 function| ncsII1Il function| ncsII1IlIII function| ncsII1IlI function| ncsI111ll function| ncsIlII1l1 function| ncslIl111 object| ncJSON object| ncWaitForDOMCallbacks number| ncsl1llI111 number| ncs11Il1l function| ncWaitForDOM object| ncInitData function| ncLoadPlayerExternal function| lmLoadPlayerExternal function| ncReinitializePlayer function| lmReinitializePlayer function| ncGetValidationFields function| lmGetValidationFields function| ncOnTrackLoaded function| ncNotifyWidgetLoaded object| ncLanguages object| ncLanguageDict function| ncsllll1 function| ncslll string| ncsI1III111 string| ncsl1lI string| ncsl1lI1ll string| ncs1Il1I1 boolean| ncsl1lI1 number| ncs1IlIl string| ncSkin string| ncs11ll1II1 string| ncs11Il1lIl string| ncs11l string| ncsIllI string| ncsI1III1 string| ncPlayerType string| ncs1Il1I string| ncs11Il1 string| ncsIll string| ncDataType string| ncs11I string| ncsIllII1 string| ncsI1II string| ncDeliveryMethodDefault string| ncsl1lI1llI string| ncs11Il string| ncStateInit string| ncStateVideo string| ncStateAudio string| ncStateVideo_SubLoading string| ncStateVideo_SubPlaying string| ncs11ll1I string| ncsI1I string| ncsl1l number| ncsI1III string| ncsIllII1I string| ncTrackStateTrack string| ncsIllII string| ncs1IlI string| ncsIllII1II string| ncs1Il string| ncsl1llI11 string| ncs11ll1 string| ncsl1llI string| ncs1IlIlIIl string| ncs1Il1 string| ncs11Il1lI object| ncsl1ll object| ncs1IlIlI boolean| ncs1IlIlII number| ncVideoWidth number| ncVideoHeight number| ncsI1III11 string| ncsl1lI1l string| ncsl1llI1 number| ncslIlIII boolean| ncslIlIII11 string| ncsI1I11 string| ncsIl11IIl string| ncslIlII string| ncs1lI1I1 string| ncsl1IlIl1I string| ncslI1l string| ncsI1IlI string| ncsI1Il string| ncs1lI1 string| ncslIlI string| ncs1lI1I1lI string| ncs1lI string| ncslI1ll1 number| ncs1lI1I number| ncsI1I1 string| ncsIl11II string| ncsI1I11lI string| ncsl1Il object| ncsl1I number| ncslI1ll11l number| ncs1lI1I1l string| ncslI1ll number| ncs1lI11lI number| ncsl1IlIl boolean| ncslIl string| ncsIl11IIll boolean| ncslI1ll11 boolean| ncsl1IlIl1 string| ncslI1 object| ncsIl11 object| ncsI1IlIl object| ncsI1IlIlI object| ncsI1I11l object| ncsl1IlI boolean| ncs1lI11 object| ncsI1I11lI1 string| ncsIl1 string| ncs1lI11lI1 object| ncClusterEntries string| ncs1lI11l boolean| ncsI1IlIlII number| ncsIl11I object| ncslIlIII1 boolean| ncs111ll1ll number| ncTrackRequestTimeout object| ncs11I1 string| ncslII1ll object| ncsII1l1 number| ncDisplayFlag_Directions number| ncDisplayFlag_DirectionsVerbose number| ncDisplayFlag_ButtonHelp number| ncDisplayFlag_ButtonNewChallenge number| ncDisplayFlag_ButtonAudioChallenge number| ncDisplayFlag_ButtonMute number| ncDisplayFlag_PoweredBy number| ncDisplayFlags object| ncs11I1lll object| ncs11I1lll1 object| ncs111ll1l string| ncsI11l string| ncsI11 string| ncs1II string| ncslII1ll1 string| ncsII1l boolean| ncsII1l1l11 string| ncsII1l1l1 function| ncPlayerInitState function| ncsl1llI1l function| ncsII11I1 function| ncsl11l11 function| ncsIlII1l function| ncOnExitState function| ncOnEnterState function| ncOnEnterSubState function| ncOnExitSubState function| ncsIlII1 function| ncsII1I function| ncsl1IlI1 function| ncOnFlashEvent function| ncs11Il1111 function| ncs1111lIl number| ncsll1 object| ncs11I1l function| ncs11Il11 function| ncSetTrackData string| ncslII1 function| ncsI11Il1I function| ncsI11I function| ncs1Il1l1 function| ncs1Il1l11 function| ncSaveGlobals function| ncGetCustomSWF function| ncAppendFlashVars function| ncRenderExtDirections function| ncRenderExtDirectionsVerbose function| ncRenderExtButtons function| ncRenderExtAnswerInput function| ncRenderExtPrivate function| ncRenderExtFooter function| ncslIII function| ncRenderExtMedia function| ncRenderScriptPlayer function| ncBindScriptPlayer function| ncslIIIll1 function| ncsIlIlIll1 function| ncs1111lI function| ncsI11Il function| ncs1Il1l111 function| ncsIlIlI function| ncLoadTrackRetryEnabled function| ncs11Il111 function| ncs1111lIlI function| ncsIlIl function| ncsI11Il1 function| ncslIIIll object| ncs1IIl object| ncsll1l1lll object| ncsI11l1 string| ncs1lI1I1I string| ncsll1l1ll function| ncslIIIll1l function| ncsl1IlI1I function| ncs1llIl function| ncs1111l function| ncsIlIlIl function| ncs1llIl1 function| ncslIIIl function| ncsIlIlIll function| ncs1llIl11 function| ncs1llI function| ncs1ll function| ncs1llIl111 function| ncGetDataParams function| ncsI11Il1Il function| ncGetDirectionsText function| ncFilterCmd function| ncCmdNewChallenge function| ncCmdRefresh function| ncCmdReplay function| ncCmdHelp function| ncCmdToggleAudio function| ncCmdSetPlayerMode function| ncCmdLeaveAnswerBox function| ncCmdEnterAnswerBox function| ncCmdClickAnswerBox function| ncCmdError function| ncs1Il1l function| ncs1111 function| ncsl1IlI1I1 function| ncs11lI function| ncs1I1IIl1I function| ncs1I1II function| ncs11lIIl1l function| ncs111l1l function| ncslIll1Il function| ncs11l1I111 function| ncs1ll11I1 function| ncs1111I1 function| ncs11l1 string| ncsll1l string| ncsI11l11Il string| ncs1IIll1 string| ncs11I1ll string| ncs111ll1 string| ncsI11l11I string| ncs1lI1I1I1 string| ncs1IIll string| ncsII1l1l string| ncsll1l1l number| ncslII1l number| ncslII1ll11 string| ncsll1l1 object| ncs111 object| ncslII object| ncs1IIll1l number| ncs1IIll1lI object| ncsI11l11 string| ncs111l string| ncs111ll function| ncs1I1IIl function| ncs111l1lI1 function| ncslIll1I function| ncslIll1Ill function| ncs11l1I11 function| ncs11lIIl1 object| nucaptcha function| ncOpenSkinRenderScriptPlayer function| ncGetDirectionsText_Skin function| ncRenderScriptPlayer_Skin function| ncLoadPlayer function| lmLoadPlayer object| data number| ncEnterStateTime string| ck object| Moat#PSCB73972863 function| MoatPxIOPT16258624 object| Moat#PSCB20641370 function| MoatPxIOPT394128 object| Moat#PSCB65730049 function| MoatPxIOPT75848414 object| Moat#PSCB46738753 function| MoatPxIOPT37968955 number| customInviewPercentThreshold function| $ function| jQuery function| flashembed object| jQuery1708254603598970243 object| login function| fblogin function| callServer function| fbAsyncInit object| FB undefined| s_code object| ncPrivateTrackData

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.rubiconproject.com
ajax.cloudflare.com
beacon-eu2.rubiconproject.com
cdn.oas-c18.adnxs.com
connect.facebook.net
dmp.tidaltv.com
login.comcast.net
niskioglasi.com
oascentral.comcast.net
optimized-by.rubiconproject.com
pixel.quantserve.com
privacy-policy.truste.com
rtax.criteo.com
s.update.rubiconproject.com
staticxx.facebook.com
www.facebook.com
z.moatads.com
151.101.113.108
172.227.89.134
178.250.2.100
18.184.254.112
2.18.235.40
2001:558:fe21:2:69:252:205:24
204.13.194.235
2400:cb00:2048:1::6812:2746
2400:cb00:2048:1::6813:c497
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:86:face:b00c:0:50fb
35.168.165.225
52.36.158.250
52.85.183.121
69.173.144.140
69.173.144.152
09b3d1d373b566ce6a958d0f089607510592619f028081822696b387da06d703
1638a32657a55c2c5fe16f0bf5795692d40dc277a7f94cd00a6d4aeb750b2507
184bdd403c5676cf483b4a891b60c54fa4a0644892e328cbbad706cf4449bc04
3493abbdef3202f502f59b11be045f3b4df6d94f047d882da751dc36087a31b0
4f3e599eee38189123ac76731eb2ec5c9fc1673db29697854607dea2aa28b144
534d56bd673065577c1eb30ce347dc1ec01c65f7e66d3d1784ff9ec9f4bf55e8
64a1959022eac7b947f94940f33e7983df1fce15be5a8386ca4212ddcaf22b52
67e36111036a3b8af2b119c97586f3092845324f5feed7c4a4ec63d2b0e322b6
688f5aa0394adf2ac86f94d7150aaaa8f36e5470f26d787d073e2a857d6b2cb5
75ef67a999c50dc8a2d76c12dc711f801a00ea6f4fa6ff19fb7e645b7920b826
792ee0d3b74d01753a1267a211af90bd6c19005cd5c9103b1f106fefddbe0b71
847ec2bbe06b316899e011a0abdd47e14a5620dd8fa83e59f02b7edb955ae54c
871f071a36bac21c1e6e59e800d662e79b7ce6941402ef1b2fd515c016dfc2ec
8c7bded1e63c944f1b283692e90afcd6218bdb8b1d0eb1151752a3a67875ab8a
a90f02a9856bdf24568f35cf996e0cb5d6831a77958b628854162e81edaa4911
aea1b1b66ea361a8235c838811585c1c052b69faccdc879bb50540b99e0d7316
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
d67b537d58287ab31a1a901e12b55660dc722ea88e77a18598ec9f7622b89ac0
d85a2d40b1bbc55f69d90df209e6f5f50c28f76bf0e4b4af3c40819126767159
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7e83e7ad8e5ce60615de32eff20ac0296ec266e680722698159c58fec4b545d
e9d7f3e0c6da70dd4da639829d35aeeb7c1f139ee90020a61ecbda557e912230
f2cbb9c684c7244f1098767b9b4e12521777afee1fd2c93aae1e762f1a1ff85d
fccf0b671af9aaa565fb04ab72d41cecd99f5a0cb8cc3dc9d7b1da77a85fa5fa