urlscan.io logo urlscan.io
SecurityTrails logo

gastrophoria.com Open in urlscan Pro
64.6.254.96  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd...
Submission: On March 16 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 6 domains to perform 9 HTTP transactions. The main IP is 64.6.254.96, located in United States and belongs to WEBINT, US. The main domain is gastrophoria.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 30th 2023. Valid for: 3 months.
This is the only time gastrophoria.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

IP Address AS Autonomous System
2 64.6.254.96 11989 (WEBINT)
1 1 2001:558:fe36... 7922 (COMCAST-7922)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 13.225.214.68 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2600:141b:1c0... 20940 (AKAMAI-ASN1)
9 6
2    64.6.254.96 (United States)

ASN11989 (WEBINT, US)
PTR: cp33.machighway.com
gastrophoria.com
1    2001:558:fe36:100::1a (Portland, United States)

ASN7922 (COMCAST-7922, US)
edge.static-assets.top.comcast.net
1    2600:141b:1c00:38f::30d4 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
static.cimcontent.net
2    13.225.214.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-68.ewr50.r.cloudfront.net
privacy-policy.truste.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    2600:141b:1c00:2296::1b62 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
sdx.xfinity.com
Apex Domain
Subdomains		 Transfer
3 xfinity.com
sdx.xfinity.com — Cisco Umbrella Rank: 69086
80 KB
2 truste.com
privacy-policy.truste.com — Cisco Umbrella Rank: 11973
5 KB
2 gastrophoria.com
gastrophoria.com
56 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 253
64 KB
1 cimcontent.net
static.cimcontent.net — Cisco Umbrella Rank: 30063
170 KB
1 comcast.net
edge.static-assets.top.comcast.net — Cisco Umbrella Rank: 50442
452 B
9 6
Domain Requested by
3 sdx.xfinity.com gastrophoria.com
2 privacy-policy.truste.com gastrophoria.com
2 gastrophoria.com gastrophoria.com
1 cdnjs.cloudflare.com gastrophoria.com
1 static.cimcontent.net gastrophoria.com
1 edge.static-assets.top.comcast.net 1 redirects
9 6

This site contains links to these domains. Also see Links.

Domain
privacy.truste.com
Subject Issuer Validity Valid
gastrophoria.com
cPanel, Inc. Certification Authority		 2023-07-30 -
2023-10-28		 3 months crt.sh
*.truste.com
Amazon RSA 2048 M02		 2023-11-18 -
2024-12-15		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
www.xfinity.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2023-08-30 -
2024-08-29		 a year crt.sh

This page contains 1 frames:

Primary Page: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/login?country.x=US&safeAuth-KeY=%20191502i74co17Xs$t948iXiCYYCX$9nn161805s$tYX$$t00n6$m4F5tXs1XFs2mX0iTCT$sc8i5n779
Frame ID: 96F1E1C21FD8096CEF2F154D9C395FB4
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign in to XFIN

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

9
Requests

67 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

6
IPs

1
Countries

375 kB
Transfer

566 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://edge.static-assets.top.comcast.net/cms/data/assets/bin-201705/b1372fb33a8af099efbde90184076f9b.png HTTP 301
  • https://static.cimcontent.net/cms/data/assets/bin-201705/b1372fb33a8af099efbde90184076f9b.png

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/login?country.x=US&safeAuth-KeY=%20191502i74co17Xs$t948iXiCYYCX$9nn161805s$tYX$$t00n6$m4F5tXs1XFs2mX0iTCT$sc8i5n779
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.6.254.96 , United States, ASN11989 (WEBINT, US),
Reverse DNS
cp33.machighway.com
Software
Apache /
Resource Hash
bc55362b581fffb0af8a0e226a26dae3b7f4d2b8930a81ed15f1492e404e19a2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Mar 2024 15:39:28 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
styles-light.css
gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/css/ 		45 KB
45 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/css/styles-light.css?v=5d096b4
Requested by
Host: gastrophoria.com
URL: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/login?country.x=US&safeAuth-KeY=%20191502i74co17Xs$t948iXiCYYCX$9nn161805s$tYX$$t00n6$m4F5tXs1XFs2mX0iTCT$sc8i5n779
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.6.254.96 , United States, ASN11989 (WEBINT, US),
Reverse DNS
cp33.machighway.com
Software
Apache /
Resource Hash
adf6758f9c4e5d981137b208cc62e652f26b61d9fbf38b6a47f1d01f36c70897

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/login?country.x=US&safeAuth-KeY=%20191502i74co17Xs$t948iXiCYYCX$9nn161805s$tYX$$t00n6$m4F5tXs1XFs2mX0iTCT$sc8i5n779
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 15:39:29 GMT
Last-Modified
Sun, 27 Aug 2023 15:57:05 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
46270
b1372fb33a8af099efbde90184076f9b.png
static.cimcontent.net/cms/data/assets/bin-201705/
Redirect Chain
  • https://edge.static-assets.top.comcast.net/cms/data/assets/bin-201705/b1372fb33a8af099efbde90184076f9b.png
  • https://static.cimcontent.net/cms/data/assets/bin-201705/b1372fb33a8af099efbde90184076f9b.png
169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cimcontent.net/cms/data/assets/bin-201705/b1372fb33a8af099efbde90184076f9b.png
Requested by
Host: gastrophoria.com
URL: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/login?country.x=US&safeAuth-KeY=%20191502i74co17Xs$t948iXiCYYCX$9nn161805s$tYX$$t00n6$m4F5tXs1XFs2mX0iTCT$sc8i5n779
Protocol
H2
Server
2600:141b:1c00:38f::30d4 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de29ba0f5c0f48f9e1470e94dbf1db5c9f9d0ac12b752f8d750f29fea7e1d6aa
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gastrophoria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
70
x-amz-version-id
null
date
Sat, 16 Mar 2024 15:37:56 GMT
strict-transport-security
max-age=86400
x-amz-cf-pop
EWR53-C2
x-edgeconnect-midmile-rtt
0
content-length
173524
last-modified
Tue, 01 Dec 2020 14:59:59 GMT
server
AmazonS3
etag
"6f24826f1b29f767c2618e9555e87b64"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-amz-cf-id
nJiyiBW1xOAbgef4JJSZ7Cc5K8bF4OYmM_KqtJ69pZp0PDhUU7bjXw==

Redirect headers

Date
Sat, 16 Mar 2024 15:37:55 GMT
Via
http/1.1 cdn-ec-njs-353.eastwindsor.nj.panjde.comcast.net (24.f67853b0ff.el8 [uSc s f p eN:tNc p s ])
Server
24.f67853b0ff.el8
Content-Language
en
Location
https://static.cimcontent.net/cms/data/assets/bin-201705/b1372fb33a8af099efbde90184076f9b.png
Access-Control-Allow-Origin
*
Content-Type
text/html
Cache-Control
no-store
Connection
keep-alive
Content-Length
375
asc
privacy-policy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/ 		17 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy-policy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/asc?rid=b537c389-7be1-4331-bb73-03a71788bc12
Requested by
Host: gastrophoria.com
URL: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/login?country.x=US&safeAuth-KeY=%20191502i74co17Xs$t948iXiCYYCX$9nn161805s$tYX$$t00n6$m4F5tXs1XFs2mX0iTCT$sc8i5n779
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-68.ewr50.r.cloudfront.net
Software
TXS /
Resource Hash
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gastrophoria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date
Sat, 16 Mar 2024 10:10:16 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff, nosniff, nosniff
Content-Security-Policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Via
1.1 9c1465c390ec70cc0036cf15c3a531d8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
Cross-Origin-Embedder-Policy
unsafe-none, unsafe-none
Age
19659
X-Cache
Hit from cloudfront
Cross-Origin-Resource-Policy
cross-origin, cross-origin
Connection
keep-alive
Content-Length
17
X-Xss-Protection
1; mode=block, 1; mode=block
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Server
TXS
Cross-Origin-Opener-Policy
cross-origin, cross-origin
X-Frame-Options
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type
text/plain;charset=ISO-8859-1
Cache-Control
no-cache, must-revalidate, no-cache, no-store
Access-Control-Allow-Credentials
true
Permissions-Policy
autoplay=(self), document-domain=(self), encrypted-media=(self), autoplay=(self), document-domain=(self), encrypted-media=(self)
X-Amz-Cf-Id
y1WxSeXrWbfXuB0Qgoyzn-5pmlL5K26Djj1XhIKr65koCfxx4FRP_A==
seal
privacy-policy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/ 		161 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://privacy-policy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/seal?rid=9426d53b-42b1-4587-8d55-c57322ccb60d
Requested by
Host: gastrophoria.com
URL: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/login?country.x=US&safeAuth-KeY=%20191502i74co17Xs$t948iXiCYYCX$9nn161805s$tYX$$t00n6$m4F5tXs1XFs2mX0iTCT$sc8i5n779
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-68.ewr50.r.cloudfront.net
Software
TXS /
Resource Hash
38118fa99879ff7473b4b7a8d1d004f62cb43d0a27b9b768bbf3c198bdde827d
Security Headers
Name Value
Content-Security-Policy object-src 'none'; frame-ancestors https://*.trustarc.com https://*.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff, nosniff, nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gastrophoria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains; preload, max-age=63072000; includeSubDomains; preload
Content-Security-Policy
object-src 'none'; frame-ancestors https://*.trustarc.com https://*.truste.com ; upgrade-insecure-requests; block-all-mixed-content;, default-src 'self' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; font-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; style-src 'self' 'unsafe-inline' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; img-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net https://trustarc.com; frame-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; connect-src 'self' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.trustarc.com *.trustarc-svc.net *.truste.com *.truste-svc.net; upgrade-insecure-requests; block-all-mixed-content;
x-content-type-options
nosniff, nosniff, nosniff
Date
Sat, 16 Mar 2024 07:35:51 GMT
Via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR50-C1
Cross-Origin-Embedder-Policy
unsafe-none, unsafe-none
Age
28924
X-Cache
Hit from cloudfront
Cross-Origin-Resource-Policy
cross-origin, cross-origin
Connection
keep-alive
Content-Length
161
X-Xss-Protection
1; mode=block, 1; mode=block
Referrer-Policy
strict-origin-when-cross-origin, strict-origin-when-cross-origin
Server
TXS
Cross-Origin-Opener-Policy
cross-origin, cross-origin
ETag
W/"161-1594834152000"
X-Frame-Options
SAMEORIGIN, SAMEORIGIN, SAMEORIGIN
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS, HEAD
Content-Type
image/png
Cache-Control
no-cache, must-revalidate, no-cache, no-store
Access-Control-Allow-Credentials
true
Permissions-Policy
autoplay=(self), document-domain=(self), encrypted-media=(self), autoplay=(self), document-domain=(self), encrypted-media=(self)
Accept-Ranges
bytes
X-Amz-Cf-Id
6rSBhaSgFLhy1BSnQXm2kYxf9YqhpS-veSs-_UkcG7h5faZSqIfihQ==
jquery.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/ 		258 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.js
Requested by
Host: gastrophoria.com
URL: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/login?country.x=US&safeAuth-KeY=%20191502i74co17Xs$t948iXiCYYCX$9nn161805s$tYX$$t00n6$m4F5tXs1XFs2mX0iTCT$sc8i5n779
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25a2092f0752b754e933008f10213c55dd5ce93a791e355b0abed9182cc8df9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gastrophoria.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 16 Mar 2024 15:37:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1547334
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
65128
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-40657"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zz6AETyH6mk%2FYYwBBzpERup%2BlUwf316IZ8gYUqn%2F2mMi2HaPD6np3SptqtpmRdNl2%2BXys1D8%2FEFVV%2F3uqbNGVDzDLvHk3ytHvym2lIKoDPsNRJnAODKUFHQtJ7cQgyJE9gghqn0YMqN%2FWXv8XbuNe9GF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8655d3c9992f743e-MIA
expires
Thu, 06 Mar 2025 15:37:55 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
815d1100b641ac0b65a7db0faff7eebeb050511a12768df2372dba60cc1156ff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type
image/svg+xml
XfinityStandard-Medium.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
Requested by
Host: gastrophoria.com
URL: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/css/styles-light.css?v=5d096b4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2296::1b62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228

Request headers

Referer
https://gastrophoria.com/
Origin
https://gastrophoria.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
6t4RA2DS89tdf_2IK5vrc9JAOKCy9A40
date
Sat, 16 Mar 2024 15:37:55 GMT
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
etag
"13709eac065721ba8cd0e2d1b6fa8026"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1485575
accept-ranges
bytes
content-length
27152
x-amz-cf-id
o3u5yJ3IQyqqa9zQ9UT-sYbXpmn5MhYE6vuU5rp0rKTAMUBW0qVVQQ==
XfinityStandard-Regular.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by
Host: gastrophoria.com
URL: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/css/styles-light.css?v=5d096b4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2296::1b62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Request headers

Referer
https://gastrophoria.com/
Origin
https://gastrophoria.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
kLBQWhXkUwwuS0hOSKJ2GQ_XrNE.oQFF
date
Sat, 16 Mar 2024 15:37:55 GMT
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
etag
"e3e79cd377b28c1e7ffea64b194136cf"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1284951
accept-ranges
bytes
content-length
26768
x-amz-cf-id
Bdk8n-GJPIPVGG--gb8oaPYB5n-fcO6EY0Q2_iOR1Gji3H-8F0NWeQ==
XfinityStandard-Light.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
Requested by
Host: gastrophoria.com
URL: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/css/styles-light.css?v=5d096b4
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:2296::1b62 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

Request headers

Referer
https://gastrophoria.com/
Origin
https://gastrophoria.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id
wnCwOacXycelzt78IMkr55wWB9WkMd2W
date
Sat, 16 Mar 2024 15:37:55 GMT
last-modified
Fri, 24 Jan 2020 21:23:01 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
etag
"f05d3ebe80809d82ab14d62a79da544e"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=1410609
accept-ranges
bytes
content-length
27420
x-amz-cf-id
vsJiPLO9_D3QrLsHWhFFEah1jnvEX7JZNQV7VVILLANW3ej39uJsQw==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
gastrophoria.com/ Name: PHPSESSID
Value: 89423e128b8c81a072187d576f3fbceb

1 Console Messages

Source Level URL
Text
security error URL: https://gastrophoria.com/awp-content/themes/twentyseventeen/template-parts/navigation/ACCOUNTIDDDDSSSSxxxxxxxxxxxbe9f5ecd4cbf96b1040480f14954b189/login?country.x=US&safeAuth-KeY=%20191502i74co17Xs$t948iXiCYYCX$9nn161805s$tYX$$t00n6$m4F5tXs1XFs2mX0iTCT$sc8i5n779
Message:
Refused to execute script from 'https://privacy-policy.truste.com/privacy-seal/Comcast-Cable-Communications-Management,-LLC/asc?rid=b537c389-7be1-4331-bb73-03a71788bc12' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.