urlscan.io logo urlscan.io
SecurityTrails logo

www.comcast-server2.serveusers.com Open in urlscan Pro
185.183.96.219  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Submission: On October 22 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 7 domains to perform 16 HTTP transactions. The main IP is 185.183.96.219, located in Rotterdam, Netherlands and belongs to HS, AE. The main domain is www.comcast-server2.serveusers.com.
This is the only time www.comcast-server2.serveusers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

IP Address AS Autonomous System
7 185.183.96.219 60117 (HS)
1 2001:558:fe03... 7922 (COMCAST-7922)
2 52.17.182.129 16509 (AMAZON-02)
3 2a02:26f0:64:... 20940 (AKAMAI-ASN1)
1 2.16.186.105 20940 (AKAMAI-ASN1)
1 172.82.228.16 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
1 23.211.8.45 16625 (AKAMAI-AS)
16 8
7    185.183.96.219 (Rotterdam, Netherlands)

ASN60117 (HS, AE)
www.comcast-server2.serveusers.com
1    2001:558:fe03:33::2 (United States)

ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US)
edge.static-assets.top.comcast.net
2    52.17.182.129 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-17-182-129.eu-west-1.compute.amazonaws.com
dpm.demdex.net
3    2a02:26f0:64:4a4::1b62 (European Union)

ASN20940 (AKAMAI-ASN1, US)
sdx.xfinity.com
1    2.16.186.105 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com
fast.comcast.demdex.net
1    172.82.228.16 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.d1.sc.omtrdc.net
comcastcom.d1.sc.omtrdc.net
1    66.117.28.86 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
1    23.211.8.45 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-211-8-45.deploy.static.akamaitechnologies.com
assets.adobedtm.com
Domain Requested by
7 www.comcast-server2.serveusers.com www.comcast-server2.serveusers.com
3 sdx.xfinity.com www.comcast-server2.serveusers.com
2 dpm.demdex.net www.comcast-server2.serveusers.com
1 assets.adobedtm.com www.comcast-server2.serveusers.com
1 cm.everesttech.net 1 redirects
1 comcastcom.d1.sc.omtrdc.net www.comcast-server2.serveusers.com
1 fast.comcast.demdex.net www.comcast-server2.serveusers.com
1 edge.static-assets.top.comcast.net www.comcast-server2.serveusers.com
16 8
Subject Issuer Validity Valid
edge.static-assets.top.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2017-03-31 -
2019-03-31		 2 years crt.sh
www.xfinity.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2017-09-22 -
2019-09-22		 2 years crt.sh

This page contains 2 frames:

Primary Page: http://www.comcast-server2.serveusers.com/www.comcast.net/
Frame ID: 79C473556DF79DE3B35E2A736BE7C89A
Requests: 17 HTTP requests in this frame

Frame: http://fast.comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: 118C232CF627D5C55DB56D4A8E65BC8A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i
Overall confidence: 100%
Detected patterns
  • headers server /CentOS/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i
Overall confidence: 100%
Detected patterns
  • script /lodash.*\.js/i

Page Statistics

16
Requests

25 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

8
IPs

4
Countries

692 kB
Transfer

758 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • http://cm.everesttech.net/cm/dd?d_uuid=36178349293625213801144322836149125556 HTTP 302
  • http://dpm.demdex.net/ibs:dpid=411&dpuuid=W83m0gAACntA2Dx0

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.comcast-server2.serveusers.com/www.comcast.net/ 		21 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
HTTP/1.1
Server
185.183.96.219 Rotterdam, Netherlands, ASN60117 (HS, AE),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
d17358150301dfa4d1fe1821d9ca1d6241084827d3d6f67d4cc33420646d9e12

Request headers

Host
www.comcast-server2.serveusers.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 22 Oct 2018 15:03:46 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
Last-Modified
Sat, 18 Aug 2018 12:24:38 GMT
ETag
"521b-573b4c27f8d80"
Accept-Ranges
bytes
Content-Length
21019
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
jquery-3.1.1.min.js
www.comcast-server2.serveusers.com/www.comcast.net/assets/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.comcast-server2.serveusers.com/www.comcast.net/assets/jquery-3.1.1.min.js
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
HTTP/1.1
Server
185.183.96.219 Rotterdam, Netherlands, ASN60117 (HS, AE),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.comcast-server2.serveusers.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 22 Oct 2018 15:03:46 GMT
Last-Modified
Mon, 30 Jan 2017 15:28:16 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"152b5-5475176e20400"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
86709
lodash-slim.js
www.comcast-server2.serveusers.com/www.comcast.net/assets/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.comcast-server2.serveusers.com/www.comcast.net/assets/lodash-slim.js
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
HTTP/1.1
Server
185.183.96.219 Rotterdam, Netherlands, ASN60117 (HS, AE),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
49d0c079f8431833fb59275e68a7db8b9215dc52068ff63c179e32dfe618a8c4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.comcast-server2.serveusers.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 22 Oct 2018 15:03:46 GMT
Last-Modified
Fri, 17 Aug 2018 13:02:46 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"5b32-573a12d084980"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
23346
satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
www.comcast-server2.serveusers.com/www.comcast.net/assets/ 		126 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.comcast-server2.serveusers.com/www.comcast.net/assets/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
HTTP/1.1
Server
185.183.96.219 Rotterdam, Netherlands, ASN60117 (HS, AE),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
eab642baf412d4de18d20788e3784c47927549da84c4f0b5a0f6865fdbfb61a3

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.comcast-server2.serveusers.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 22 Oct 2018 15:03:46 GMT
Last-Modified
Fri, 17 Aug 2018 13:02:46 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"1f820-573a12d084980"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
129056
styles-light.css
www.comcast-server2.serveusers.com/www.comcast.net/assets/ 		47 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.comcast-server2.serveusers.com/www.comcast.net/assets/styles-light.css
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
HTTP/1.1
Server
185.183.96.219 Rotterdam, Netherlands, ASN60117 (HS, AE),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
ea523ebe5fb531893858e09aeb499f56aaa92dd8a6ff19f45f12843f0dc4184c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.comcast-server2.serveusers.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 22 Oct 2018 15:03:46 GMT
Last-Modified
Fri, 17 Aug 2018 13:02:46 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"ba55-573a12d084980"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
47701
b1372fb33a8af099efbde90184076f9b.png
edge.static-assets.top.comcast.net/cms/data/assets/bin-201705/ 		169 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edge.static-assets.top.comcast.net/cms/data/assets/bin-201705/b1372fb33a8af099efbde90184076f9b.png
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2001:558:fe03:33::2 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
ATS/7.1.4 /
Resource Hash
de29ba0f5c0f48f9e1470e94dbf1db5c9f9d0ac12b752f8d750f29fea7e1d6aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Sun, 21 Oct 2018 00:53:40 GMT
Via
http/1.1 odol-atsmid-pan-08.newcastle.de.panjde.comcast.net (ApacheTrafficServer/7.1.4 [uIcRs f p eN:t cCNi p s ]), http/1.1 odol-atsec-bos-43.lowell.ma.boston.comcast.net (ApacheTrafficServer/7.1.4 [uScRs f p eN:t cCHi p s ])
Age
137407
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
173524
Last-Modified
Tue, 10 Oct 2017 00:07:21 GMT
Server
ATS/7.1.4
Etag
"6f24826f1b29f767c2618e9555e87b64"
Strict-Transport-Security
max-age=31536000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=1296000
Accept-Ranges
bytes
Expires
Thu, 01 Nov 2018 19:08:55 GMT
jquery-1.js
www.comcast-server2.serveusers.com/www.comcast.net/assets/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.comcast-server2.serveusers.com/www.comcast.net/assets/jquery-1.js
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
HTTP/1.1
Server
185.183.96.219 Rotterdam, Netherlands, ASN60117 (HS, AE),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.comcast-server2.serveusers.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 22 Oct 2018 15:03:46 GMT
Last-Modified
Fri, 17 Aug 2018 13:02:46 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"176d5-573a12d084980"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
95957
scripts-responsive.js
www.comcast-server2.serveusers.com/www.comcast.net/assets/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.comcast-server2.serveusers.com/www.comcast.net/assets/scripts-responsive.js
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
HTTP/1.1
Server
185.183.96.219 Rotterdam, Netherlands, ASN60117 (HS, AE),
Reverse DNS
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
1d8f2c3fca2ff6b51c1a8905e4076a31d98f58a2a421b91afb409e9485e8cd66

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.comcast-server2.serveusers.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
Cookie
AMCV_DA11332E5321D0550A490D45%40AdobeOrg=1406116232%7CMCIDTS%7C17827%7CvVersion%7C2.5.0
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 22 Oct 2018 15:03:46 GMT
Last-Modified
Fri, 17 Aug 2018 13:02:46 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"1bc0-573a12d084980"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
7104
id
dpm.demdex.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id?d_visid_ver=2.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&ts=1540220626325
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/assets/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
Protocol
HTTP/1.1
Server
52.17.182.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-182-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1369b5b226b7aab443124ee57137783ed1e9f2fa8d9d278a2713660c3d3d4159

Request headers

Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
Origin
http://www.comcast-server2.serveusers.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v007-090c930ee.edge-irl1.demdex.com 5.42.0.20181018132447 7ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
08sYAwDmSxo=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://www.comcast-server2.serveusers.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1515
Expires
Thu, 01 Jan 1970 00:00:00 GMT
XfinityStandard-Regular.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:64:4a4::1b62 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/assets/styles-light.css
Origin
http://www.comcast-server2.serveusers.com

Response headers

strict-transport-security
max-age=31536000
last-modified
Thu, 21 Jun 2018 18:41:25 GMT
server
nginx
etag
"e3e79cd377b28c1e7ffea64b194136cf"
status
200
access-control-allow-methods
GET, OPTIONS
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=2592000
date
Mon, 22 Oct 2018 15:03:46 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
26768
XfinityStandard-Medium.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:64:4a4::1b62 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/assets/styles-light.css
Origin
http://www.comcast-server2.serveusers.com

Response headers

strict-transport-security
max-age=31536000
last-modified
Thu, 21 Jun 2018 18:41:25 GMT
server
nginx
etag
"13709eac065721ba8cd0e2d1b6fa8026"
status
200
access-control-allow-methods
GET, OPTIONS
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=2592000
date
Mon, 22 Oct 2018 15:03:46 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
27152
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
truncated
/ 		933 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea

Request headers

Response headers

Access-Control-Allow-Origin
*
Content-Type
image/svg+xml
XfinityStandard-Light.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:64:4a4::1b62 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
nginx /
Resource Hash
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/assets/styles-light.css
Origin
http://www.comcast-server2.serveusers.com

Response headers

strict-transport-security
max-age=31536000
last-modified
Thu, 21 Jun 2018 18:41:25 GMT
server
nginx
etag
"f05d3ebe80809d82ab14d62a79da544e"
status
200
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
date
Mon, 22 Oct 2018 15:03:46 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
27420
dest5.html
fast.comcast.demdex.net/ Frame 118C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://fast.comcast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/assets/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
Protocol
HTTP/1.1
Server
2.16.186.105 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-105.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Host
fast.comcast.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
Accept-Encoding
gzip, deflate
Cookie
demdex=36178349293625213801144322836149125556
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/

Response headers

Server
Apache
ETag
"c4cfbeeecf2116c47acc61dc46349b18:1529611110"
Last-Modified
Thu, 21 Jun 2018 19:58:30 GMT
Accept-Ranges
bytes
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2766
Cache-Control
max-age=21600
Date
Mon, 22 Oct 2018 15:03:46 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
id
comcastcom.d1.sc.omtrdc.net/ 		3 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=36387248636503289631129007957056191763&ts=1540220626419
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/assets/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
Protocol
HTTP/1.1
Server
172.82.228.16 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
*.d1.sc.omtrdc.net
Software
Omniture DC /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
Origin
http://www.comcast-server2.serveusers.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Mon, 22 Oct 2018 15:03:46 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC
xserver
www184
Vary
Origin
X-C
ms-6.5.1
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
http://www.comcast-server2.serveusers.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
3
X-XSS-Protection
1; mode=block
ibs:dpid=411&dpuuid=W83m0gAACntA2Dx0
dpm.demdex.net/
Redirect Chain
  • http://cm.everesttech.net/cm/dd?d_uuid=36178349293625213801144322836149125556
  • http://dpm.demdex.net/ibs:dpid=411&dpuuid=W83m0gAACntA2Dx0
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://dpm.demdex.net/ibs:dpid=411&dpuuid=W83m0gAACntA2Dx0
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/
Protocol
HTTP/1.1
Server
52.17.182.129 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-17-182-129.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v007-0084d0b5a.edge-irl1.demdex.com 5.42.0.20181018132447 3ms
Pragma
no-cache
X-TID
5Gx6OtfCQr8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 22 Oct 2018 15:03:45 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
http://dpm.demdex.net/ibs:dpid=411&dpuuid=W83m0gAACntA2Dx0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/ 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js
Requested by
Host: www.comcast-server2.serveusers.com
URL: http://www.comcast-server2.serveusers.com/www.comcast.net/assets/satelliteLib-531bc4f46256650a84099973f0ed331f809ea5f4.js
Protocol
HTTP/1.1
Server
23.211.8.45 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-211-8-45.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9e9b5e66a55094d797cfcba1a6b4d7ce9cd7d8c6abbd9a32a9da2e464e4f8475

Request headers

Referer
http://www.comcast-server2.serveusers.com/www.comcast.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 22 Oct 2018 15:03:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 11 Jun 2018 16:37:02 GMT
Server
Apache
ETag
"c40d731765637c55322d4fba56306950:1528735022"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
35182
Expires
Mon, 22 Oct 2018 16:03:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| generateStars function| maskPassword function| _ function| Visitor object| _satellite object| s_c_il number| s_c_in object| runtimeData object| login object| shared function| CircleLoader object| jQuery1113047223913260493644 string| upDate undefined| s_account object| s function| s_doPlugins undefined| c_rspers undefined| c_r undefined| c_w function| s_getLoadTime function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID

4 Cookies

Domain/Path Name / Value
.demdex.net/ Name: dextp
Value: 21-1-1540220626486|269-1-1540220626589|60-1-1540220626690|470-1-1540220626790|771-1-1540220626892|1123-1-1540220626993|1121-1-1540220627094|903-1-1540220627195|1957-1-1540220627296|6835-1-1540220627397|22053-1-1540220627498
.demdex.net/ Name: demdex
Value: 36178349293625213801144322836149125556
.serveusers.com/ Name: AMCV_DA11332E5321D0550A490D45%40AdobeOrg
Value: 1406116232%7CMCIDTS%7C17827%7CMCMID%7C36387248636503289631129007957056191763%7CMCAAMLH-1540825426%7C6%7CMCAAMB-1540825426%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1540227826s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-17834%7CvVersion%7C2.5.0
.serveusers.com/ Name: AMCVS_DA11332E5321D0550A490D45%40AdobeOrg
Value: 1

1 Console Messages

Source Level URL
Text
console-api log URL: http://assets.adobedtm.com/43896e740dcedef854392e0be6ea80deb8eb2ba5/s-code-contents-4a9ebf08bffa74f717ff121b2c55a295112122b4.js(Line 766)
Message:
Error, missing Report Suite ID in AppMeasurement initialization

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.adobedtm.com
cm.everesttech.net
comcastcom.d1.sc.omtrdc.net
dpm.demdex.net
edge.static-assets.top.comcast.net
fast.comcast.demdex.net
sdx.xfinity.com
www.comcast-server2.serveusers.com
172.82.228.16
185.183.96.219
2.16.186.105
2001:558:fe03:33::2
23.211.8.45
2a02:26f0:64:4a4::1b62
52.17.182.129
66.117.28.86
1369b5b226b7aab443124ee57137783ed1e9f2fa8d9d278a2713660c3d3d4159
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
1d8f2c3fca2ff6b51c1a8905e4076a31d98f58a2a421b91afb409e9485e8cd66
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
49d0c079f8431833fb59275e68a7db8b9215dc52068ff63c179e32dfe618a8c4
4bd9c8ed57b1dd8fddcc2910170e9b81b40f7b628e272924e88a98f45ebb9aea
58fd862aaa51daaa186ee3fecfd805c0f8eea09146e9c7deb44a3f30a1ad01b5
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9e9b5e66a55094d797cfcba1a6b4d7ce9cd7d8c6abbd9a32a9da2e464e4f8475
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d17358150301dfa4d1fe1821d9ca1d6241084827d3d6f67d4cc33420646d9e12
de29ba0f5c0f48f9e1470e94dbf1db5c9f9d0ac12b752f8d750f29fea7e1d6aa
ea523ebe5fb531893858e09aeb499f56aaa92dd8a6ff19f45f12843f0dc4184c
eab642baf412d4de18d20788e3784c47927549da84c4f0b5a0f6865fdbfb61a3
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a