pc2.mypreferences.com
Open in
urlscan Pro
162.253.104.96
Malicious Activity!
Public Scan
Effective URL: https://pc2.mypreferences.com/Comcast/OptDown/opt-down/
Submission: On October 14 via api from US
Summary
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on August 5th 2019. Valid for: 2 years.
This is the only time pc2.mypreferences.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Xfinity (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 199.7.200.192 199.7.200.192 | 15334 (RESPONSYS) (RESPONSYS) | |
13 | 162.253.104.96 162.253.104.96 | 20141 (QTS-SUW1-...) (QTS-SUW1-ATL1) | |
1 | 2001:4de0:ac1... 2001:4de0:ac19::1:b:3b | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
3 | 2606:4700::68... 2606:4700::6811:4f6b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 2001:558:fe03... 2001:558:fe03:35::2 | 7922 (COMCAST-7922) (COMCAST-7922) | |
2 | 2a00:1450:400... 2a00:1450:4001:809::200e | 15169 (GOOGLE) (GOOGLE) | |
24 | 6 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
mypreferences.com
pc2.mypreferences.com |
176 KB |
4 |
comcast.net
edge.static-assets.top.comcast.net |
121 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com |
54 KB |
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
31 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
20 KB |
1 |
xfinity.com
1 redirects
emails.xfinity.com |
2 KB |
24 | 7 |
Domain | Requested by | |
---|---|---|
13 | pc2.mypreferences.com |
pc2.mypreferences.com
cdnjs.cloudflare.com |
4 | edge.static-assets.top.comcast.net |
pc2.mypreferences.com
|
3 | cdnjs.cloudflare.com |
pc2.mypreferences.com
|
2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
1 | www.googletagmanager.com |
pc2.mypreferences.com
|
1 | maxcdn.bootstrapcdn.com |
pc2.mypreferences.com
|
1 | emails.xfinity.com | 1 redirects |
24 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.xfinity.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
pc.mypreferences.com DigiCert SHA2 Extended Validation Server CA |
2019-08-05 - 2021-08-09 |
2 years | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2020-09-22 - 2021-10-12 |
a year | crt.sh |
cdnjs.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-12 - 2022-08-17 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-09-22 - 2020-12-15 |
3 months | crt.sh |
edge.static-assets.top.comcast.net COMODO RSA Organization Validation Secure Server CA |
2019-03-19 - 2021-03-18 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://pc2.mypreferences.com/Comcast/OptDown/opt-down/
Frame ID: 3F60EA2E42E099FDD8930228928BC30C
Requests: 24 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://emails.xfinity.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGN9X48W3zfhJNTzaCrfze3BPasyzfRPykl348sYzaO...
HTTP 302
https://pc2.mypreferences.com/Comcast/OptDown/opt-down/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
AngularJS (JavaScript Frameworks) Expand
Detected patterns
- script /\/([\d.]+(?:-?rc[.\d]*)*)\/angular(?:\.min)?\.js/i
- script /angular.*\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://emails.xfinity.com/pub/cc?_ri_=X0Gzc2X%3DAQpglLjHJlYQGN9X48W3zfhJNTzaCrfze3BPasyzfRPykl348sYzaOmzgpeYp5lSWyew78vWMe1HXNnOwgsMkVXtpKX%3DUTDRSAYY&_ei_=Eg6hiIRZ6IbTRQzpp7EgfWDv5wmb7wtZr_HKt4Y9565l73Y_PqZSaCEhvHs0mzNqB_YnaIJe71CzaNklDYVga24JzcfuVrWYaLyOPgXgODBg_6d9EE-SIGs-ucFcmv4FPz7zFFg-NGzLXUvbsZXfDS6PqhklAqPT74ymh8FoXcyRqa9b7kIJXTSh0CWqBjc2K-Rx2oXiMPRHv4Vspnf_FHdS8SwuONCL9HVbBkKwUaX32q7XVUpP_8Z8J5fENgt6vc67pbwGrtUitkEmjyVXXh_DYFRkucr66KaNCY7Y1siZB6YE-JDKbWud-lMsTU1AHfFXs6duosv7phPKD_TJXZ3Xb2yypgCoKL2_q0vMlN427_8WKHrSS9mlpSWBJ_rA8L9LLNRCLQAA0RNwoRicAbHi7mHE6fGkKOJXXMtGvARa9VCmt4Ai807Mojx9nLBvA_vqXsJ8MlUrCYmwzaZHRoBERZuUiqqkU2gF__mF2j9f5QVMwQqRTUy9Zr1jJ35sOBmBMD8eD586JIUHfxcoAbRY-mjwp1YTZd99Ccn_gDsFUUyrJIiYkCovHFL26vau_ELoZOpDI0KI76rGz1_iAMEAKGwUOFSw96yljLfWJ6jRGiZApSElTiJD2QvHebyYLxbF4djQH00T1qUF3N_dAyevEUrLc6BuyCbU-6pMEwASO9RfseeZS95xRjNZvwGrA44GuAQkMII6us-8SuVtpHZNJkx0_5rgbK_r2h-pmMmF4Ax4qNnKmW83hqCsq4UIYBk5c5rpCX1YyBP0Otk_hHGGSKg2YjVUDp8fWjAzwZ8zcQNpt5uiov4_qal9pBdPApqNuofRK1hg9B5iNwe35uybXKnUwrHgz1_0mE63vjQqviSb6VJVYbP9bfBBbszm5Vd53ZnKbXJ9VbQMgGuUKW9T_i5y58eAowpPiRUj6RWLNWcizbTq2x-5hFkIZGaWALN9dUdE2PWlrOZR6FZ7ap5F4BEZhQ9oexPgZcIc8FyhGTZ37o4TO1lHILCsS1kSRBkRH0.&_di_=tvr218lcacpto749v42clsuks00kvb5u3s43491qq31qqk3qgpdg
HTTP 302
https://pc2.mypreferences.com/Comcast/OptDown/opt-down/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
pc2.mypreferences.com/Comcast/OptDown/opt-down/ Redirect Chain
|
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ |
118 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.css
pc2.mypreferences.com/Comcast/OptDown/opt-down/styles/ |
18 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xfinity-logo.svg
pc2.mypreferences.com/Comcast/OptDown/opt-down/img/ |
4 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.6.5/ |
165 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-route.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.6.5/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.6.5/ |
1 KB 804 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ui-bootstrap-tpls-2.5.0.min.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/libs/ |
123 KB 123 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
angular-base64.min.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/libs/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/ |
7 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
addPreferenceService.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/services/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
filterHeaderService.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/services/ |
816 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mainController.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/controllers/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
managePreferenceController.js
pc2.mypreferences.com/Comcast/OptDown/opt-down/scripts/controllers/ |
2 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
86 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XfinityStandard-Light.woff2
edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/ |
27 KB 28 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
45 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
1 B 431 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getappconfiguration
pc2.mypreferences.com/Comcast/OptDown/api/configurationservice/ |
85 B 452 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.html
pc2.mypreferences.com/Comcast/OptDown/opt-down/views/ |
5 KB 5 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SPLOFFER_EMAIL
pc2.mypreferences.com/Comcast/OptDown/api/FilterHeader/getFilterHeaderById/ |
260 B 728 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XfinityStandard-Thin.woff2
edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/ |
32 KB 33 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XfinityStandard-ExtraLight.woff2
edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/ |
32 KB 33 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
XfinityStandard-Regular.woff2
edge.static-assets.top.comcast.net/staticsites/fonts/latest/Xfinity_Standard/ |
26 KB 27 KB |
Font
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Xfinity (Consumer)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes object| dataLayer object| angular object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| app number| ng3395 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.pc2.mypreferences.com/ | Name: _gat_UA-80692612-1 Value: 1 |
|
.pc2.mypreferences.com/ | Name: _ga Value: GA1.3.1319067973.1602709449 |
|
.pc2.mypreferences.com/ | Name: _gid Value: GA1.3.1521032462.1602709449 |
|
.pc2.mypreferences.com/ | Name: TS01b2ef0f Value: 0141bd2f0a33bdee17ef6bd77ee93c9d7abeb5acaf35fc79511b8cf411621282328ee61782d1fd622643f1a7db64415e5cf43bda6f |
|
pc2.mypreferences.com/Comcast/OptDown/opt-down | Name: f5_cspm Value: 1234 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
edge.static-assets.top.comcast.net
emails.xfinity.com
maxcdn.bootstrapcdn.com
pc2.mypreferences.com
www.google-analytics.com
www.googletagmanager.com
162.253.104.96
199.7.200.192
2001:4de0:ac19::1:b:3b
2001:558:fe03:35::2
2606:4700::6811:4f6b
2a00:1450:4001:806::2008
2a00:1450:4001:809::200e
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
13a5ee6dc813e1aeb4d7defb6593f8630ff4502076fc4c7e05acecb7e251c355
236a9338be33d46a9592edf8cbb01afbf50694499aaaab04b41420411b43fb50
240531fa18269549886883217f66eda8f07c59c9febf1dcf83b736312e2c9d7d
2fb0e823aac214cd978439d40f9991d6324c3e9afeda4efae97a1d14dc4e6139
31613372f424dbb06560720991a065d0504f983d5819e7b177f062d00753a6d6
44f222333b4c6396b38f2e06dc73d385d243e2b36a30914fd10b6ddb4e831017
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7199148b765dfa60105b77dda6bb6ee464418022f2a4f4667928135079d80b1a
74819e3d9ea37eee6bb287be5db214ad534a730c3bb52914c7ea179700e3c3ac
8107d336fd1e5fee55e5a439af3165b98a39d84e25a0d55af1179d8e1b7b19ea
89d830f9a292946c2e95db042207889f217bdc335af08c3f5df71e0ec2d82e48
a5eaa593b565ebbd19675c3701ae279ff530bbb4928f5beb97f293542821c185
b138b3716eb706de9283b15da3e82ea052569a57c75098f22cada06b333c3d44
b55be76d4930829af02e599c2b2c7afddcfe2a27ea492278d6fbd41af2fbd903
b727d65b62ed250348fa5dc5d21eb10d5fe28fa31f9fc97048a1d63ac9848173
c2437e0d46c0a11ab671d024fd26e421b14d6ca6a19d696b0b9e57fad5214671
c496f974c7d59306c5e52e5d09c9f33fd805a42331a8431cb0a8d3f14b7c9061
cc1cb5976581021daf3c5f2b9e314c517ba3b1f90a8f26b4272e63eb22a3d3e4
d7b5ca29586f2d85d5fb0c2a7cf388a317c3f72f794cc3adadc66393c0cb8edc
eb04123dc6aeeb58e0045498ef9b13e209749d8a037d5428b48cea2b9daed658
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a