URL: https://login.xfinity.com/h/compromised_uid.html
Submission: On March 17 via manual from US — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 2a02:26f0:fb::5f64:9940, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is login.xfinity.com. The Cisco Umbrella rank of the primary domain is 18563.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on November 17th 2021. Valid for: a year.
This is the only time login.xfinity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
5 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
1 2001:558:fe14... 7922 (COMCAST-7922)
1 2a02:26f0:fb:... 20940 (AKAMAI-ASN1)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
10 5
Apex Domain
Subdomains
Transfer
7 xfinity.com
login.xfinity.com — Cisco Umbrella Rank: 18563
idm.xfinity.com — Cisco Umbrella Rank: 106401
sdx.xfinity.com — Cisco Umbrella Rank: 24734
251 KB
3 cimcontent.net
static.cimcontent.net — Cisco Umbrella Rank: 18927
80 KB
10 2
Domain Requested by
5 login.xfinity.com login.xfinity.com
3 static.cimcontent.net login.xfinity.com
1 sdx.xfinity.com login.xfinity.com
1 idm.xfinity.com login.xfinity.com
10 4

This site contains links to these domains. Also see Links.

Domain
idm.xfinity.com
www.xfinity.com
my.xfinity.com
Subject Issuer Validity Valid
login.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2021-11-17 -
2022-11-17
a year crt.sh
*.identity.xfinity.com
COMODO RSA Organization Validation Secure Server CA
2021-09-13 -
2022-09-13
a year crt.sh
www.xfinity.comcast.net
COMODO RSA Organization Validation Secure Server CA
2020-05-04 -
2022-05-04
2 years crt.sh
static.cimcontent.net
COMODO RSA Organization Validation Secure Server CA
2020-04-16 -
2022-04-16
2 years crt.sh

This page contains 1 frames:

Primary Page: https://login.xfinity.com/h/compromised_uid.html
Frame ID: 87DACAF36DDFD443FBF89CFF726E0C99
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Please reset your Xfinity password

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

10
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

4
Subdomains

5
IPs

2
Countries

332 kB
Transfer

482 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request compromised_uid.html
login.xfinity.com/h/
6 KB
2 KB
Document
General
Full URL
https://login.xfinity.com/h/compromised_uid.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f64:9940 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
596bd3acdb101a0e7a8ebb77ef2060a9ad6c44a35a57492cefc67c20b9ff7e47
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
Apache
strict-transport-security
max-age=63072000; includeSubDomains;
content-type
text/html;charset=iso-8859-1
vary
Accept-Encoding
content-encoding
gzip
content-length
1980
expires
Thu, 17 Mar 2022 16:42:28 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Thu, 17 Mar 2022 16:42:28 GMT
fonts-remote.min.css
login.xfinity.com/static/css/junket/
3 KB
503 B
Stylesheet
General
Full URL
https://login.xfinity.com/static/css/junket/fonts-remote.min.css?v=d5e5614
Requested by
Host: login.xfinity.com
URL: https://login.xfinity.com/h/compromised_uid.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f64:9940 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
032d8b49c68572a6136937e3f8f4fb10d94eefaf95418e557f44f1f04b715ba8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.xfinity.com/h/compromised_uid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains;
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 20:11:19 GMT
server
Apache
date
Thu, 17 Mar 2022 16:42:28 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=608
accept-ranges
bytes
content-length
307
expires
Thu, 17 Mar 2022 16:52:36 GMT
styles-light.min.css
idm.xfinity.com/myaccount/css/
113 KB
28 KB
Stylesheet
General
Full URL
https://idm.xfinity.com/myaccount/css/styles-light.min.css?v=2.65.0
Requested by
Host: login.xfinity.com
URL: https://login.xfinity.com/h/compromised_uid.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
2001:558:fe14:3:68:87:29:197 Bothell, United States, ASN7922 (COMCAST-7922, US),
Reverse DNS
Software
Apache /
Resource Hash
651ae290fd3ede582f16e33fb96d9605478aae0eacff647380261e4a24182049
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 16:42:28 GMT
Via
1.1 idm.xfinity.com
Last-Modified
Tue, 18 Jan 2022 18:14:32 GMT
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/css;charset=utf-8
Connection
Keep-Alive
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Accept-Ranges
bytes
Content-Encoding
gzip
Keep-Alive
timeout=5, max=500
Content-Length
28118
jquery-3.3.1.min.js
login.xfinity.com/static/js/libs/
85 KB
30 KB
Script
General
Full URL
https://login.xfinity.com/static/js/libs/jquery-3.3.1.min.js
Requested by
Host: login.xfinity.com
URL: https://login.xfinity.com/h/compromised_uid.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f64:9940 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.xfinity.com/h/compromised_uid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains;
content-encoding
gzip
last-modified
Tue, 11 Jan 2022 16:05:32 GMT
server
Apache
date
Thu, 17 Mar 2022 16:42:28 GMT
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30351
778bb7444839f78e0643e5e62795fbd8.gif
sdx.xfinity.com/cms/data/cima/bin-201909/
187 KB
188 KB
Image
General
Full URL
https://sdx.xfinity.com/cms/data/cima/bin-201909/778bb7444839f78e0643e5e62795fbd8.gif
Requested by
Host: login.xfinity.com
URL: https://login.xfinity.com/h/compromised_uid.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb:5b5::1b62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccae68859cc88abade7e7250fde707d4d070c06bb8bdc9def401d431036d9496
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.xfinity.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
kJtnmuK.MqaQEPa9XYR1qjHEOyruNV24
etag
"20f582a60081d15e74978704a3869a52"
x-amz-cf-pop
FRA50-C1
access-control-max-age
3000
x-amz-replication-status
COMPLETED
content-length
191169
last-modified
Tue, 17 Sep 2019 14:30:01 GMT
server
AmazonS3
date
Thu, 17 Mar 2022 16:42:29 GMT
strict-transport-security
max-age=86400
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-amz-cf-id
9oaNH8nvZ65jS-JQ2J6c-rce77P-u0no0qaSzaWlw2pZuIrFIw_ZsQ==
scripts-responsive.min.js
login.xfinity.com/static/js/
8 KB
3 KB
Script
General
Full URL
https://login.xfinity.com/static/js/scripts-responsive.min.js?v=d5e5614
Requested by
Host: login.xfinity.com
URL: https://login.xfinity.com/h/compromised_uid.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f64:9940 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
210ba1f34da2497720dbc4f24992c90ba0b20898d19f3574a741f24c4973c62d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.xfinity.com/h/compromised_uid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains;
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 20:11:24 GMT
server
Apache
date
Thu, 17 Mar 2022 16:42:28 GMT
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3117
$%7BdataLayerUrl%7D
login.xfinity.com/h/
0
151 B
Script
General
Full URL
https://login.xfinity.com/h/$%7BdataLayerUrl%7D
Requested by
Host: login.xfinity.com
URL: https://login.xfinity.com/h/compromised_uid.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:fb::5f64:9940 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://login.xfinity.com/h/compromised_uid.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=63072000; includeSubDomains;
cache-control
max-age=0, no-cache, no-store
server
Apache
date
Thu, 17 Mar 2022 16:42:28 GMT
content-length
0
expires
Thu, 17 Mar 2022 16:42:28 GMT
XfinityStandard-Light.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/
27 KB
27 KB
Font
General
Full URL
https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
Requested by
Host: login.xfinity.com
URL: https://login.xfinity.com/static/css/junket/fonts-remote.min.css?v=d5e5614
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

Request headers

Referer
https://login.xfinity.com/
Origin
https://login.xfinity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
wnCwOacXycelzt78IMkr55wWB9WkMd2W
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"f05d3ebe80809d82ab14d62a79da544e"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2144526
date
Thu, 17 Mar 2022 16:42:33 GMT
accept-ranges
bytes
content-length
27420
x-amz-cf-id
lHHI1IgBwXqQUKGGiRoC3TON4HlnTUiYe_eJTEzdiQhpsR-B5_5rsQ==
truncated
/
930 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b52bb9174b45f3e8d18370018d45cf3de063f4b08de8671890057665fe3349a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/
26 KB
26 KB
Font
General
Full URL
https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by
Host: login.xfinity.com
URL: https://login.xfinity.com/static/css/junket/fonts-remote.min.css?v=d5e5614
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Referer
https://login.xfinity.com/
Origin
https://login.xfinity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"e3e79cd377b28c1e7ffea64b194136cf"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1773879
date
Thu, 17 Mar 2022 16:42:33 GMT
accept-ranges
bytes
content-length
26768
x-amz-cf-id
JxslSHTV_FRD0OYWoPLXvgr7dnTI7FGo_Sxi1cgB9cEA_TJDAjUmUg==
XfinityStandard-Medium.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/
27 KB
27 KB
Font
General
Full URL
https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
Requested by
Host: login.xfinity.com
URL: https://login.xfinity.com/static/css/junket/fonts-remote.min.css?v=d5e5614
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2b2::30d4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228

Request headers

Referer
https://login.xfinity.com/
Origin
https://login.xfinity.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
etag
"13709eac065721ba8cd0e2d1b6fa8026"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2230115
date
Thu, 17 Mar 2022 16:42:33 GMT
accept-ranges
bytes
content-length
27152
x-amz-cf-id
z1uHrgwGQQ1Sd0FF048setQ2KSLS5MTbOVkGg3osyxArHxkKUATvlQ==

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery object| login object| shared function| CircleLoader

1 Cookies

Domain/Path Name / Value
idm.xfinity.com/ Name: BIGipServerp_loginxf-wcdc-ipv6_443
Value: !49rVBy3ma/peQYNYgMclgnLKC7lGzVMYWFEu8g0gGoCeUMOlK96kYFfE4YsfsGuouETjnsKjH+YMxg==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains;