forums.xfinity.com Open in urlscan Pro
2600:9000:200c:e600:0:b723:1680:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Submission: On June 17 via manual (June 17th 2019, 2:31:49 pm UTC) from US

Summary HTTP 50 Redirects Links 68 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 7 domains to perform 50 HTTP transactions. The main IP is 2600:9000:200c:e600:0:b723:1680:93a1, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is forums.xfinity.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on February 27th 2019. Valid for: 2 years.

This is the only time forums.xfinity.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2600:9000:200... 2600:9000:200c:e600:0:b723:1680:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2a02:26f0:6c0... 2a02:26f0:6c00:28c::2af2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2001:558:fe03... 2001:558:fe03:38::2	7922 (COMCAST-7922) (COMCAST-7922 - Comcast Cable Communications)
1	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.205.230 216.58.205.230	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a02:26f0:6c0... 2a02:26f0:6c00:293::1b62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.241.198.89 34.241.198.89	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	66.117.29.224 66.117.29.224	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	2a02:26f0:6c0... 2a02:26f0:6c00:181::30d4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	52.49.125.7 52.49.125.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
50	11

31 2600:9000:200c:e600:0:b723:1680:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

forums.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:6c00:28c::2af2 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)

cdn.comcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:558:fe03:38::2 (United States)

ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US)

polaris.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.230 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f230.1e100.net

fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:6c00:293::1b62 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sdx.xfinity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.198.89 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-241-198-89.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.117.29.224 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)

comcastcom.d1.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:181::30d4 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

static.cimcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.125.7 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-125-7.eu-west-1.compute.amazonaws.com

comcast.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	xfinity.com forums.xfinity.com polaris.xfinity.com sdx.xfinity.com	840 KB
3	demdex.net dpm.demdex.net comcast.demdex.net	2 KB
3	comcast.com 1 redirects cdn.comcast.com	45 KB
2	omtrdc.net comcastcom.d1.sc.omtrdc.net	7 KB
1	cimcontent.net static.cimcontent.net	26 KB
1	doubleclick.net fls.doubleclick.net	577 B
1	googleapis.com ajax.googleapis.com	30 KB
50	7

	Domain	Requested by
31	forums.xfinity.com	forums.xfinity.com
6	sdx.xfinity.com	forums.xfinity.com
3	polaris.xfinity.com	forums.xfinity.com polaris.xfinity.com
3	cdn.comcast.com	1 redirects forums.xfinity.com
2	comcast.demdex.net	cdn.comcast.com
2	comcastcom.d1.sc.omtrdc.net	cdn.comcast.com
1	static.cimcontent.net	polaris.xfinity.com
1	dpm.demdex.net	cdn.comcast.com
1	fls.doubleclick.net	cdn.comcast.com
1	ajax.googleapis.com	forums.xfinity.com
50	10

This site contains links to these domains. Also see Links.

Domain
www.xfinity.com
business.comcast.com
my.xfinity.com
customer.xfinity.com
xfinityconnect.email.comcast.net
home.xfinity.com
internet.xfinity.com
connect.xfinity.com
oauth.xfinity.com
www.facebook.com
twitter.com
reddit.com
referafriend.xfinity.com
internetsecurity.xfinity.com
idm.xfinity.com
collect.iperceptions.com
corporate.comcast.com
www.comcastspotlight.com
jobs.comcast.com
www.youtube.com

Subject Issuer	Validity	Valid
forums.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2019-02-27` - `2021-02-26`	2 years	crt.sh
xapi.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2019-02-04` - `2021-02-03`	2 years	crt.sh
polaris.xfinity.com COMODO RSA Organization Validation Secure Server CA	`2018-11-14` - `2020-11-13`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-05-21` - `2019-08-13`	3 months	crt.sh
www.xfinity.comcast.net COMODO RSA Organization Validation Secure Server CA	`2017-09-22` - `2019-09-22`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.d1.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA	`2019-04-23` - `2020-04-14`	a year	crt.sh
static.cimcontent.net COMODO RSA Organization Validation Secure Server CA	`2018-04-18` - `2020-04-17`	2 years	crt.sh

This page contains 4 frames:

Primary Page: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Frame ID: 7D97393B893DB50B59B84E88C40685C3
Requests: 53 HTTP requests in this frame

Frame: https://polaris.xfinity.com/orc.html?domain=forums.xfinity.com
Frame ID: 38A69BC9DBE340F6D5355A4023E91596
Requests: 1 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=undefined
Frame ID: 7EC1EAAE0BAC0208B65CD77D4C2013E5
Requests: 1 HTTP requests in this frame

Frame: https://comcast.demdex.net/dest5.html?d_nsid=0
Frame ID: 0C829B6819D123BC7C65414006324548
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

DoubleClick Floodlight (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /https?:\/\/fls\.doubleclick\.net/i

Page Statistics

50
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

11
IPs

4
Countries

950 kB
Transfer

3915 kB
Size

1
Cookies

68 Outgoing links

These are links going to different origins than the main page.

URL: https://www.xfinity.com/?INTCMP=ILC:MA:GEN:GEN5b9ab8ad1e540
Title: Xfinity

Search URL Search Domain Scan URL

URL: https://business.comcast.com/?utm_source=dotnet&utm_campaign=UniSlimNav0314SlimNavMYX&utm_medium=SlimNav
Title: Comcast Business

Search URL Search Domain Scan URL

URL: https://my.xfinity.com/?CMP=ILC_myxfinity_xfinityforum_re
Title: My Xfinity

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/learn/offers?CMP=ILC_shop_xfinityforum_re
Title: Shop/Upgrade

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/support/?CMP=ILC_support_xfinityforum_re
Title: Support

Search URL Search Domain Scan URL

URL: https://customer.xfinity.com/Overview/?CMP=ILC_myaccount_xfinityforum_re
Title: My Account

Search URL Search Domain Scan URL

URL: https://business.comcast.com/triple-play-bundle?utm_source=dotcom&utm_campaign=Right-Side&utm_medium=dotcom&CMP=ILC_comcastbusiness_xfinityforum_re
Title: Comcast Business

Search URL Search Domain Scan URL

URL: https://xfinityconnect.email.comcast.net/
Title: Email

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/stream/
Title: Xfinity Stream

Search URL Search Domain Scan URL

URL: https://home.xfinity.com/
Title: Xfinity Home

Search URL Search Domain Scan URL

URL: https://internet.xfinity.com/
Title: Xfinity xFi

Search URL Search Domain Scan URL

URL: https://connect.xfinity.com/voice
Title: Voice

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/mobile/
Title: Xfinity Mobile

Search URL Search Domain Scan URL

URL: https://business.comcast.com/triple-play-bundle?utm_source=dotnet&utm_medium=dotnet&utm_campaign=headerlink
Title: Comcast Business

Search URL Search Domain Scan URL

URL: https://my.xfinity.com/oauth/login
Title: Sign In

Search URL Search Domain Scan URL

URL: https://customer.xfinity.com/#/users/me

Search URL Search Domain Scan URL

URL: https://oauth.xfinity.com/oauth/sp-logout?client_id=my-xfinity
Title: Sign Out

Search URL Search Domain Scan URL

URL: https://customer.xfinity.com/#/billing
Title: View My Bill

Search URL Search Domain Scan URL

URL: https://customer.xfinity.com/#/settings/account
Title: Account Settings

Search URL Search Domain Scan URL

URL: https://www.facebook.com/xfinity
Title: facebook.com/xfinity

Search URL Search Domain Scan URL

URL: https://twitter.com/comcastcares
Title: @comcastcares

Search URL Search Domain Scan URL

URL: https://reddit.com/r/Comcast_Xfinity
Title: r/comcast_xfinity

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/bill-pay
Title: View & Pay Bill

Search URL Search Domain Scan URL

URL: https://customer.xfinity.com/#/
Title: Manage My Account

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/stream/listings
Title: Check TV Listings

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/support/contact-us
Title: Contact Customer Support

Search URL Search Domain Scan URL

URL: http://referafriend.xfinity.com/
Title: Refer-a-Friend

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/apps
Title: Get Apps

Search URL Search Domain Scan URL

URL: https://customer.xfinity.com/#/settings/parental-controls
Title: Manage Parental Controls

Search URL Search Domain Scan URL

URL: https://internetsecurity.xfinity.com/
Title: Download Norton Security

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/reset
Title: Reset My Password

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/buy/plan/gbboffers
Title: Upgrade My Service

Search URL Search Domain Scan URL

URL: https://idm.xfinity.com/myaccount/lookup
Title: Find My Xfinity Username

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/support/
Title: Get Help & Support

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/support/remotes/
Title: Program My Remote

Search URL Search Domain Scan URL

URL: https://collect.iperceptions.com/?lID=1&rn=123531&pID=1&hs1=102214&hs2=91787&siteID=1&referrer=Link&sdfc=03b756c0-123531-0dcbb1db-cd59-44d5-8c25-4e78d3da0dac&source=91787&destination=commentcard&width=680&height=750
Title: Submit Feedback

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/support/service-center-locations/
Title: Find an Xfinity Store

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/learn/moving
Title: Move My Services

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/learn/offers
Title: Bundles & Promotions

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/learn/digital-cable-tv
Title: TV

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/learn/internet-service
Title: Internet

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/learn/home-phone-services
Title: Voice

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/learn/home-security
Title: Home

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/learn/mobile-service
Title: Xfinity Mobile

Search URL Search Domain Scan URL

URL: https://corporate.comcast.com/hub/customer-experience
Title: Customer Guarantee

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/compare/comcast-xfinity-vs-verizon-fios
Title: Compare the Competition

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/locations/in-my-area
Title: Service in my Area

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/student
Title: Student Offers

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/military-deals
Title: Military Offers

Search URL Search Domain Scan URL

URL: https://business.comcast.com/
Title: Comcast Business

Search URL Search Domain Scan URL

URL: https://corporate.comcast.com/company
Title: About Comcast

Search URL Search Domain Scan URL

URL: https://www.comcastspotlight.com/?cid=112233
Title: Advertise with Us

Search URL Search Domain Scan URL

URL: https://jobs.comcast.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://corporate.comcast.com/press
Title: Press Room

Search URL Search Domain Scan URL

URL: https://corporate.comcast.com/
Title: Corporate Site

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/policies
Title: Customer Agreements & Policies

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/policies/internet-broadband-disclosures
Title: Xfinity Internet Broadband Disclosures

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/corporate/customers/policies/cavoicedisclosure
Title: Xfinity Voice: Use of Personal Info

Search URL Search Domain Scan URL

URL: https://corporate.comcast.com/values
Title: Social Responsibility

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/corporate/legal/privacystatement
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/corporate/legal/visitoragreement
Title: Visitor Agreement

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/hub
Title: Discover Xfinity

Search URL Search Domain Scan URL

URL: https://www.xfinity.com/site-map
Title: Sitemap

Search URL Search Domain Scan URL

URL: https://my.xfinity.com/adinformation/
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://my.xfinity.com/privacy/
Title: Web Privacy Policy

Search URL Search Domain Scan URL

URL: https://my.xfinity.com/terms/
Title: Web Terms of Service

Search URL Search Domain Scan URL

URL: https://twitter.com/XFINITY
Title: Twitter - Follow us for exclusive deals

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/xfinity?feature=results_main
Title: YouTube – Find tutorials and demos

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://cdn.comcast.com/~/Media/Javascripts/Omniture/s_code.ashx HTTP 301
https://cdn.comcast.com/~/media/javascripts/omniture/s_code

50 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 2958556 Show response
forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/ 184 KB
26 KB 477ms
446ms Document
text/html 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 19a15d806234cf5e67f961769c7dbe3b20516c3b023b50f1b757d00ad0a103f5

Request headers

:method: GET
:authority: forums.xfinity.com
:scheme: https
:path: /t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html;charset=UTF-8
content-length: 25226
date: Mon, 17 Jun 2019 14:31:31 GMT
set-cookie: AWSALB=XN7jkzJCyAejWTR5dfAgBHr0ModFjgB+VZ+EU4eQj9wwxrFvpsV21T6L1K27kA6Ckd3iPmdHPsH0jaGbBPjNyAWfSdFoC/DnyfpZdKFSvt9nULnK2rK32Todylp4; Expires=Mon, 24 Jun 2019 14:31:31 GMT; Path=/ LiSESSIONID=16BC163F075A4C0B90947AB1B6FDAC22; Path=/; Secure; HttpOnly LithiumUserInfo=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ LithiumUserSecure=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ LithiumVisitor=~2eOzPfok7M5UaRxds~AblZz6HS57DQ4flHtKgzriyVbeGATAd42JA9rodB6gZpgwJ_PrPtYj4vEOBL7LA218u8zRZ-_jkH8TeUZusDgQ..; Expires=Thu, 14-Jun-2029 14:31:31 GMT; Path=/; HttpOnly ValueSurveyVisitorCount=~2e6XYv1J3ni4F13oQ~XkonWL4EEhm5iJ99L9LtZbL33QbrhOwPNW2zUAthl-k.; Expires=Thu, 14-Jun-2029 14:31:31 GMT; Path=/
server: Apache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, private
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2
x-amz-cf-id: STuwXyi9o4lJSaOFJZxW5nobXSeNDCIg56nuvIAQqUZrjh600ooa9w==

GET
H2 200 tera.css
forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/ 2 MB
224 KB 28ms
20ms Stylesheet
text/css 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 955acaf652ddbed0d8aade56801006e07bd5dcc90ea4b0e0006521d077be0156

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 May 2019 13:03:24 GMT
content-encoding: gzip
last-modified: Mon, 08 Apr 2019 07:31:42 GMT
server: Apache
age: 591002
vary: Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css;charset=UTF-8
status: 200
cache-control: s-maxage=626060
x-amz-cf-pop: FRA2
x-amz-cf-id: i1Sq_1MIHf_CmKotjL-FIxcFaBdfeiU3QAow3C0hLZvMcVQ_ZPfSFg==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
expires: Wed, 13 May 2020 13:03:24 GMT

GET
H2 200 lia-scripts-head-min.js Show response
forums.xfinity.com/t5/scripts/E18AE0DE6DD583698563E22F61DBC211/ 12 KB
4 KB 516ms
508ms Script
text/javascript 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/t5/scripts/E18AE0DE6DD583698563E22F61DBC211/lia-scripts-head-min.js
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 4befa2da140b8e4e144f5c86e22f7e7cc628c34251d373c143a26ac6fe153a34

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:32 GMT
content-encoding: gzip
last-modified: Fri, 14 Jun 2019 09:13:56 GMT
server: Apache
x-amz-cf-pop: FRA2
vary: Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: s-maxage=0
content-length: 4188
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
x-amz-cf-id: _EMCfUhlpID3avP8J9aBfIsFU4XXDFtA-HOeeNtXwLhL1PayRHqpkg==
expires: Sat, 13 Jun 2020 09:13:58 GMT

GET
H2 200 lia-scripts-head-min.js Show response
forums.xfinity.com/t5/scripts/0B6B961C5AA7D3E6765A64F8C40A8F51/ 4 KB
2 KB 522ms
516ms Script
text/javascript 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/t5/scripts/0B6B961C5AA7D3E6765A64F8C40A8F51/lia-scripts-head-min.js
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 022026ba60d70ac80314ef46ea858aab48754bfe94d7b77d64c392311e9103a9

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:32 GMT
content-encoding: gzip
last-modified: Fri, 14 Jun 2019 09:19:33 GMT
server: Apache
x-amz-cf-pop: FRA2
vary: Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: s-maxage=35
content-length: 1456
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
x-amz-cf-id: YF0xPpSWJH_8FrwvAQURWQT2EGRQl2rHMiSubAx6H__FeBOyx1kfNw==
expires: Sat, 13 Jun 2020 09:22:31 GMT

GET
H2 200 visitorAPI.js Show response
cdn.comcast.com/~/Media/Javascripts/Omniture/ 16 KB
7 KB 120ms
42ms Script
application/x-javascript 2a02:26f0:6c00:28c::2af2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.comcast.com/~/Media/Javascripts/Omniture/visitorAPI.js?vs=2

Requested by

Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28c::2af2 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

9913a374afce82cc6306592522f8daed04fcf5fa2c60fa0248b4dd542b85bd58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:31 GMT
content-encoding: gzip
x-xfnlog-site: XDS
status: 200
content-disposition: inline; filename="visitorAPI.js"
vary: Accept-Encoding
content-length: 7002
last-modified: Mon, 30 Apr 2018 18:22:28 GMT
etag: 2786f277413141aa8dddb288c93194c5,
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=30672729
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Sat, 06 Jun 2020 14:43:40 GMT

GET
H2

200

s_code Show response
cdn.comcast.com/~/media/javascripts/omniture/
Redirect Chain

https://cdn.comcast.com/~/Media/Javascripts/Omniture/s_code.ashx
https://cdn.comcast.com/~/media/javascripts/omniture/s_code

107 KB
37 KB

8ms
8ms

Script
application/x-javascript

2a02:26f0:6c00:28c::2af2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.comcast.com/~/media/javascripts/omniture/s_code

Requested by

Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:28c::2af2 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Resource Hash

94b9220963030d90f1a963958e6b725db485e84a865cc2c0c67f956e259cf0c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:32 GMT
content-encoding: gzip
x-xfnlog-site: XDS
status: 200
content-disposition: inline; filename="s_code.js"
vary: Accept-Encoding
content-length: 37650
last-modified: Mon, 30 Apr 2018 18:22:28 GMT
etag: 185728532c1a428a8323fb77ecf01eb0,
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=30664866
accept-ranges: bytes
x-robots-tag: noindex, nofollow
expires: Sat, 06 Jun 2020 12:32:38 GMT

Redirect headers

date: Mon, 17 Jun 2019 14:31:32 GMT
x-xfnlog-site: XDS
location: /~/media/javascripts/omniture/s_code
etag
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
status: 301
cache-control: max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 153
expires: Tue, 16 Jun 2020 14:31:32 GMT

GET
H/1.1 200
OK polaris.js Show response
polaris.xfinity.com/ 88 KB
23 KB 2084ms
143ms Script
application/javascript 2001:558:fe03:38::2
Comcast Cable Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://polaris.xfinity.com/polaris.js

Requested by

Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:558:fe03:38::2 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),

Reverse DNS

Software

ATS/7.1.4 /

Resource Hash

c6ef7819d78f59ce3fff27781d158055d86bcc439968660f173e3ad65930359f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31540000
X-Content-Type-Options	nosniff

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 14:31:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: ATS/7.1.4
Age: 0
Vary: accept-language, User-Agent
Connection: keep-alive
Content-Type: application/javascript
Via: http/1.1 odol-atsmid-pan-08.newcastle.de.panjde.comcast.net (ApacheTrafficServer/7.1.4 [uScMsSfWpSeN:t cCMi p sS]), http/1.1 odol-atsec-bos-48.westroxbury.ma.boston.comcast.net (ApacheTrafficServer/7.1.4 [uScMsSfWpSeN:t cCMi pSs ])
X-Vcap-Request-Id: 151106da-3781-4013-5f7f-f4ac094e9e79
Cache-Control: max-age=86400, s-maxage=1800, stale-if-error=3600
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31540000
Expires: Tue, 18 Jun 2019 14:31:33 GMT

GET
H2 200 plant-picture.svg
forums.xfinity.com/html/assets/ 4 KB
2 KB 29ms
25ms Image
image/svg+xml 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/plant-picture.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 732e746f333e72f2de29e12999a83f3f364950a39fe414eb2c043a7941db7f4b

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 00:38:24 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 17:47:36 GMT
server: Apache
age: 36627
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA2
access-control-allow-origin: *
x-amz-cf-id: XpPyc0G6WbiLbi_pB4SHBdLADyrSuuXEScVmRRPxAoJuZpXQ5eKqZg==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)

GET
H2 200 Xfinity-Logo.svg
forums.xfinity.com/html/assets/ 4 KB
2 KB 29ms
23ms Image
image/svg+xml 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/Xfinity-Logo.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: e42a5d3f14657a7ed5451400a44e440d7654c9891f3773b2ae19a820a4b02807

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 00:38:24 GMT
content-encoding: gzip
last-modified: Tue, 13 Nov 2018 13:44:50 GMT
server: Apache
age: 36628
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA2
access-control-allow-origin: *
x-amz-cf-id: ITwmBkpFyNu6gfp_CtcgcWAJPlyYaaRgxnoTUL2CLUvw-Z1ewgfyNg==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)

GET
H2 200 globe-cactus.svg
forums.xfinity.com/html/assets/ 4 KB
2 KB 45ms
42ms Image
image/svg+xml 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/globe-cactus.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 7595f407d929aab2ec79e9a370982923f53ade9585b91b232541ceb66a942932

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 00:38:24 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 17:47:36 GMT
server: Apache
age: 36628
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA2
access-control-allow-origin: *
x-amz-cf-id: S8FE4gao3P6FkwOtsiYQKlGvEOikEA-dD3ByfMCSrEv0AkC1bP38fA==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 85 KB
30 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js

Requested by

Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Jun 2019 21:19:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1357893
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 30399
x-xss-protection: 0
last-modified: Thu, 25 Jan 2018 15:33:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 May 2020 21:19:58 GMT

GET
H2 200 2
forums.xfinity.com/t5/image/serverpage/avatar-name/subcompact/avatar-theme/comcast_vintage/avatar-collection/Transit/avatar-display-size/message/version/ 2 KB
2 KB 237ms
234ms Image
image/png 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/t5/image/serverpage/avatar-name/subcompact/avatar-theme/comcast_vintage/avatar-collection/Transit/avatar-display-size/message/version/2?xdesc=1.0
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: db3882e5778bceae35331701f086eb91e5c9d425e8d6db9fd9499b021972efa7

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:32 GMT
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2019 14:29:44 GMT
server: Apache
x-amz-cf-pop: FRA2
x-cache: Miss from cloudfront
content-type: image/png;charset=UTF-8
status: 200
cache-control: max-age=900
content-disposition: inline
content-length: 1847
x-amz-cf-id: 2-lxIQZL-qVTY_vnY91eQU0PMu6jndoFtqrm9Fwe1TzkxrI4UosUfA==
expires: Tue, 16 Jun 2020 14:31:32 GMT

GET
H2 200 2
forums.xfinity.com/t5/image/serverpage/avatar-name/roboinvader/avatar-theme/comcast_vintage/avatar-collection/robots/avatar-display-size/message/version/ 2 KB
2 KB 42ms
40ms Image
image/png 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/t5/image/serverpage/avatar-name/roboinvader/avatar-theme/comcast_vintage/avatar-collection/robots/avatar-display-size/message/version/2?xdesc=1.0
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: db3882e5778bceae35331701f086eb91e5c9d425e8d6db9fd9499b021972efa7

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:17:22 GMT
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2019 14:17:22 GMT
server: Apache
age: 850
x-cache: Hit from cloudfront
content-type: image/png;charset=UTF-8
status: 200
cache-control: max-age=900
content-disposition: inline
x-amz-cf-pop: FRA2
content-length: 1847
x-amz-cf-id: TnCjWU9fncMKXaGbZEbrFx-o-yuy7qyktLXjrVYbAqDSPoCCzwSmfA==
expires: Tue, 16 Jun 2020 14:17:22 GMT

GET
H2 200 2
forums.xfinity.com/t5/image/serverpage/avatar-name/Officialava/avatar-theme/comcast_vintage/avatar-collection/Official_Employee__Official/avatar-display-size/message/version/ 564 B
918 B 42ms
39ms Image
image/png 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/t5/image/serverpage/avatar-name/Officialava/avatar-theme/comcast_vintage/avatar-collection/Official_Employee__Official/avatar-display-size/message/version/2?xdesc=1.0
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 4e4c3af4d777c71152a37e3c8988d23ee2efd735b25bf8ab41bbe3f76b3dad5f

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:17:21 GMT
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2019 14:15:35 GMT
server: Apache
age: 851
x-cache: Hit from cloudfront
content-type: image/png;charset=UTF-8
status: 200
cache-control: max-age=900
content-disposition: inline
x-amz-cf-pop: FRA2
content-length: 564
x-amz-cf-id: 1skt3opyLgpCEH3dtDL2KeMmFB8b9xElLi6-X69og3YzNJCRMfjPhA==
expires: Tue, 16 Jun 2020 14:17:21 GMT

GET
H2 200 Employee-Signature-Icon.png
forums.xfinity.com/html/assets/ 9 KB
9 KB 32ms
30ms Image
image/png 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/Employee-Signature-Icon.png
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 3befb5fdeba7a59842c5ed5c3f3c5f1f2b8aef1d0fc96d98a4aa5a55dba4825d

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 09 May 2019 23:18:54 GMT
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified: Thu, 06 Oct 2016 15:44:43 GMT
server: Apache
age: 51404
etag: W/"8858-1475768683000"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2
accept-ranges: bytes
content-length: 8858
x-amz-cf-id: 2PXD59urBDJAuyPnUhPu5YnJjVouCxTzMIGFs2G9mmWAnB05s5anAA==

GET
H2 200 a_solution.png
forums.xfinity.com/html/assets/ 6 KB
6 KB 235ms
232ms Image
image/png 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/a_solution.png
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 88eceee077f4dd4d08d9d2e692283811b7cf262965348ba1cccda9e6f08137e5

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 09 May 2019 21:08:13 GMT
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified: Wed, 10 Aug 2016 15:31:38 GMT
server: Apache
age: 78243
etag: W/"5720-1470843098000"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2
accept-ranges: bytes
content-length: 5720
x-amz-cf-id: X9NYmWYpelrueyCnvfsHdCOwxGyRUedgKOyypkv1nW7BGM5topbXZg==

GET
H2 200 2
forums.xfinity.com/t5/image/serverpage/avatar-name/game/avatar-theme/comcast_vintage/avatar-collection/Hobbies/avatar-display-size/message/version/ 2 KB
2 KB 701ms
698ms Image
image/png 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/t5/image/serverpage/avatar-name/game/avatar-theme/comcast_vintage/avatar-collection/Hobbies/avatar-display-size/message/version/2?xdesc=1.0
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: db3882e5778bceae35331701f086eb91e5c9d425e8d6db9fd9499b021972efa7

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:32 GMT
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2019 14:01:24 GMT
server: Apache
x-amz-cf-pop: FRA2
x-cache: Miss from cloudfront
content-type: image/png;charset=UTF-8
status: 200
cache-control: max-age=900
content-disposition: inline
content-length: 1847
x-amz-cf-id: n1ImYG8xoGhuyrMlOMk7aWcgzPJOyiiZ-5PVkbgjV4-Z-YRjL4hMAQ==
expires: Tue, 16 Jun 2020 14:31:32 GMT

GET
H2 200 2
forums.xfinity.com/t5/image/serverpage/avatar-name/knitting/avatar-theme/comcast_vintage/avatar-collection/Hobbies/avatar-display-size/message/version/ 2 KB
2 KB 549ms
547ms Image
image/png 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/t5/image/serverpage/avatar-name/knitting/avatar-theme/comcast_vintage/avatar-collection/Hobbies/avatar-display-size/message/version/2?xdesc=1.0
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: db3882e5778bceae35331701f086eb91e5c9d425e8d6db9fd9499b021972efa7

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:32 GMT
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified: Mon, 17 Jun 2019 14:31:32 GMT
server: Apache
x-amz-cf-pop: FRA2
x-cache: Hit from cloudfront
content-type: image/png;charset=UTF-8
status: 200
cache-control: max-age=900
content-disposition: inline
content-length: 1847
x-amz-cf-id: _-4hkeIVqOv1mh3PJnMLLGSNaWzgTdAWJKZYo0r6M3BZEaoNZ_5ByA==
expires: Tue, 16 Jun 2020 14:31:32 GMT

GET
H2 200 facebook-icon.svg
forums.xfinity.com/html/assets/ 1 KB
970 B 67ms
65ms Image
image/svg+xml 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/facebook-icon.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: bebf5c8632c92172b8df5a0d70930c9006b255a3c5747c540cc388d07b840a8c

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 00:51:50 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 17:47:36 GMT
server: Apache
age: 35552
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA2
access-control-allow-origin: *
x-amz-cf-id: ljcq2sSFqj1HIyA7UQtyANeOQxH5F85-a2-NakyZcRGN_IakqtW8tg==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)

GET
H2 200 twitter-icon.svg
forums.xfinity.com/html/assets/ 2 KB
1 KB 236ms
234ms Image
image/svg+xml 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/twitter-icon.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 009a76423596546daae5b12d3a7c27df199f273f55d3532a76e9171b3039b02d

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 07 May 2019 09:04:06 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 17:47:36 GMT
server: Apache
age: 6612
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA2
access-control-allow-origin: *
x-amz-cf-id: lT9IAVxVrCsLa3p1yVtuan2p0WyGoVE5HZXEvS1eYPCGEqUTcxVKtw==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)

GET
H2 200 forums-icon.svg
forums.xfinity.com/html/assets/ 3 KB
2 KB 198ms
197ms Image
image/svg+xml 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/forums-icon.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: f0e08366582332ec65e99dda5c8f0d01d0df495fcd00ef3128aed77e463b6b02

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 07 May 2019 09:04:06 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 17:47:36 GMT
server: Apache
age: 6612
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA2
access-control-allow-origin: *
x-amz-cf-id: rdpXvDFdR_kiq1KUhqRUl_ztPVSPURgp1lt3QnhRTa4wRWT4_ZffLQ==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)

GET
H2 200 reddit-icon.svg
forums.xfinity.com/html/assets/ 4 KB
2 KB 216ms
214ms Image
image/svg+xml 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/reddit-icon.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: b008ae9116f9f63a65778c1533b8f3c7293732356f811edeae4091012cc9db3c

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 06:33:08 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 17:47:36 GMT
server: Apache
age: 6612
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA2
access-control-allow-origin: *
x-amz-cf-id: nshebMOMdwF6t99hx3eaiMAKvfwUVNNVW1JqunfCsRKHFlp4WRd02A==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)

GET
H2 200 lia-scripts-angularjs-min.js Show response
forums.xfinity.com/t5/scripts/95E6648155A17767FE04B60E58E4D432/ 170 KB
60 KB 510ms
508ms Script
text/javascript 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/t5/scripts/95E6648155A17767FE04B60E58E4D432/lia-scripts-angularjs-min.js
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 8d2edbeb55fcfb913fd824dd05269827b8f8466c9a410921a44e99648a0d059c

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:32 GMT
content-encoding: gzip
last-modified: Fri, 14 Jun 2019 09:19:33 GMT
server: Apache
x-amz-cf-pop: FRA2
vary: Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: s-maxage=35
x-amz-cf-id: B1s-CYkQ3x0vsa865UG6xxdkoKS9DrwffhqezArkod3Ys-NBV02b4w==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
expires: Sat, 13 Jun 2020 09:22:31 GMT

GET
H2 200 lia-scripts-angularjsModules-min.js Show response
forums.xfinity.com/t5/scripts/86444C77649079BD2E41026188BFBD50/ 415 KB
111 KB 30ms
22ms Script
text/javascript 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/t5/scripts/86444C77649079BD2E41026188BFBD50/lia-scripts-angularjsModules-min.js
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: a9eabd0212ab1b7c580f36a1911c762e640b1da1ecb2237eaab59813209f65c4

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 15 May 2019 18:12:15 GMT
content-encoding: gzip
last-modified: Wed, 15 May 2019 09:31:48 GMT
server: Apache
age: 2350
vary: Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: s-maxage=6245
x-amz-cf-pop: FRA2
x-amz-cf-id: 1hkYPtQ8W1QjP3vDvJmQIZHwVJRCsVUdtfhqV9a5OxGQjtoQ4MV53w==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
expires: Thu, 14 May 2020 18:12:15 GMT

GET
H2 200 lia-scripts-common-min.js Show response
forums.xfinity.com/t5/scripts/44AB806918159E86D0BC181E2898F804/ 329 KB
90 KB 198ms
191ms Script
text/javascript 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/t5/scripts/44AB806918159E86D0BC181E2898F804/lia-scripts-common-min.js
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 35f52674076d99621bf8910f9001ceb839a39eb5da416a0ce08b9aa6a4344a9c

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:32 GMT
content-encoding: gzip
last-modified: Fri, 14 Jun 2019 09:19:33 GMT
server: Apache
x-amz-cf-pop: FRA2
vary: Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: s-maxage=35
x-amz-cf-id: ZW9D8lOnHzgtGhbAjfi-5HFbH7Lye6eRVSloYrSnVomMnjXoSgk77g==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
expires: Sat, 13 Jun 2020 09:22:31 GMT

GET
H2 200 lia-scripts-body-min.js Show response
forums.xfinity.com/t5/scripts/2B4C15FE35EE504A605541DE3373EB17/ 55 KB
14 KB 536ms
529ms Script
text/javascript 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/t5/scripts/2B4C15FE35EE504A605541DE3373EB17/lia-scripts-body-min.js
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: d953f7d50d545e0ff1e40fe646eb8b51eea87271c2fd9914675e0b01774e4d4a

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 14 Jun 2019 09:15:47 GMT
content-encoding: gzip
last-modified: Fri, 14 Jun 2019 09:13:57 GMT
server: Apache
x-amz-cf-pop: FRA2
vary: Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript;charset=UTF-8
status: 200
cache-control: s-maxage=21
content-length: 14326
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
x-amz-cf-id: ZCVRzjPlcZ0jYXpwRbjlLNRu1d3InOGVg-Q-KIxcqootXdZcMb-_VA==
expires: Sat, 13 Jun 2020 09:15:47 GMT

GET
H2 200 hoverCard.js Show response
forums.xfinity.com/html/assets/ 4 KB
2 KB 195ms
188ms Script
text/javascript 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/html/assets/hoverCard.js
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: dda5f2dd9745e58c9fa5c36f7025cb8f644068758454a4450b45224169ad8bb1

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:32 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2016 21:48:59 GMT
server: Apache
x-amz-cf-pop: FRA2
etag: W/"4347-1471384139000-gzip"
vary: Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
status: 200
accept-ranges: bytes
content-length: 1512
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
x-amz-cf-id: sqvhmzH3IxPwzOseaWZpXAjP-xR9aziN9xQ7vnc1vgCNhJh1pYREag==

GET
H2 200 json Show response
fls.doubleclick.net/ 40 B
577 B 66ms
21ms Script
text/javascript 216.58.205.230
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fls.doubleclick.net/json?spot=4053494&src=1516422&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=2221375371303

Requested by

Host: cdn.comcast.com
URL: https://cdn.comcast.com/~/media/javascripts/omniture/s_code

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.205.230 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f230.1e100.net

Software

cafe /

Resource Hash

e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 14:31:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 60
x-xss-protection: 0
pragma: no-cache
server: cafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 217 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5578db6fae4ec0486a3f177d33fc43727d225c6684b17ce6ed2b67fd51512c74

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 372f7cc1ba87cfa1d4ffe4553dfb90cd10ccf4e16b934a40d041d0ec0b0a9a70

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ 284 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac65d8cdcea6739bd24155baa1541216a938bad994b90f617e24aebc750ec355

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 Answered.svg
forums.xfinity.com/html/assets/ 2 KB
1 KB 24ms
18ms Image
image/svg+xml 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/Answered.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 9eaa8d9b7d7806108f333c2971f00dddf62a06451fe5636bc6363024b8b6de0e

Request headers

Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 17 Jun 2019 06:46:23 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 17:47:36 GMT
server: Apache
age: 27909
vary: Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA2
access-control-allow-origin: *
x-amz-cf-id: 7oGWbyV1EHuwkBvBcUE3Hrl0gtQu0MDuX--GXU1rYtTzm53pQie2Dw==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)

GET
H2 200 check-mark-green.svg
forums.xfinity.com/html/assets/ 2 KB
1 KB 29ms
24ms Image
image/svg+xml 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/check-mark-green.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 420347a116300e62f705ac5968517c791bd4b5daef86829d68c926093176e635

Request headers

Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 08 May 2019 23:48:48 GMT
content-encoding: gzip
last-modified: Tue, 19 Jun 2018 17:47:36 GMT
server: Apache
age: 73295
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA2
access-control-allow-origin: *
x-amz-cf-id: YyBtoJ_NltNRT_a9cxIyTOLXPlfmaLg9mLbqlMg1o2H-BgPVV5-xmw==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)

GET
H2 200 XfinityStandard-Thin.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 32 KB
33 KB 787ms
679ms Font
binary/octet-stream 2a02:26f0:6c00:293::1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Thin.woff2

Requested by

Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:293::1b62 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

44f222333b4c6396b38f2e06dc73d385d243e2b36a30914fd10b6ddb4e831017

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
Origin: https://forums.xfinity.com

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 21 Jun 2018 18:41:25 GMT
server: nginx
access-control-allow-origin: *
etag: "63971dfcbf18dc975adf178d85295f9c"
access-control-allow-methods: GET, OPTIONS
content-type: binary/octet-stream
status: 200
cache-control: public, max-age=2592000
date: Mon, 17 Jun 2019 14:31:33 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 33252

GET
H2 200 XfinityStandard-Light.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 27 KB
27 KB 241ms
133ms Font
binary/octet-stream 2a02:26f0:6c00:293::1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Light.woff2

Requested by

Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:293::1b62 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
Origin: https://forums.xfinity.com

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 21 Jun 2018 18:41:25 GMT
server: nginx
access-control-allow-origin: *
etag: "f05d3ebe80809d82ab14d62a79da544e"
access-control-allow-methods: GET, OPTIONS
content-type: binary/octet-stream
status: 200
cache-control: public, max-age=2592000
date: Mon, 17 Jun 2019 14:31:32 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 27420

GET
H2 200 XfinityStandard-Bold.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 26 KB
27 KB 778ms
670ms Font
binary/octet-stream 2a02:26f0:6c00:293::1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Bold.woff2

Requested by

Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:293::1b62 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

020e9e48d93ba9d27e827e8246dd9f855c388ff4697ba14d647fcc4d9b1ccdef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
Origin: https://forums.xfinity.com

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 21 Jun 2018 18:41:25 GMT
server: nginx
access-control-allow-origin: *
etag: "4cf223c306de5325b4939d9d4ea2c5a5"
access-control-allow-methods: GET, OPTIONS
content-type: binary/octet-stream
status: 200
cache-control: public, max-age=2592000
date: Mon, 17 Jun 2019 14:31:33 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 26896

GET
H2 200 XfinityStandard-Regular.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 26 KB
26 KB 250ms
142ms Font
binary/octet-stream 2a02:26f0:6c00:293::1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2

Requested by

Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:293::1b62 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
Origin: https://forums.xfinity.com

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 21 Jun 2018 18:41:25 GMT
server: nginx
access-control-allow-origin: *
etag: "e3e79cd377b28c1e7ffea64b194136cf"
access-control-allow-methods: GET, OPTIONS
content-type: binary/octet-stream
status: 200
cache-control: public, max-age=2592000
date: Mon, 17 Jun 2019 14:31:32 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 26768

GET
H2 200 fontawesome-webfont.woff2
forums.xfinity.com/html/assets/fonts/ 55 KB
56 KB 24ms
21ms Font
font/woff2 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/html/assets/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
Origin: https://forums.xfinity.com

Response headers

date: Sun, 16 Jun 2019 15:04:23 GMT
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jun 2019 09:08:35 GMT
server: Apache
age: 84429
etag: W/"56780-1560503315000"
x-cache: Hit from cloudfront
content-type: font/woff2
status: 200
x-amz-cf-pop: FRA2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56780
x-amz-cf-id: mNzOaFEo4CKAnYg6Sl3yUhY2Sel_nDqTH_bGFtuLjU2OBa66nl9Jow==

GET
H2 200 a_thumbs-up-7up.svg
forums.xfinity.com/html/assets/ 2 KB
1 KB 23ms
21ms Image
image/svg+xml 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/a_thumbs-up-7up.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: e53e46ceb3463b3cfaeb03d25dec9e757fe451a10c9675cf09244ece023e544f

Request headers

Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 06:33:08 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 16:35:59 GMT
server: Apache
age: 78243
vary: Accept-Encoding,Origin
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
x-amz-cf-pop: FRA2
access-control-allow-origin: *
x-amz-cf-id: ZG2ygGHz5WZ2c0ZyKbwfcH6WPxlw-uKa_2ACrhhVuGcYSBcNQRdCTA==
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)

GET
H2 200 XfinityStandard-ExtraLight.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 32 KB
33 KB 145ms
144ms Font
binary/octet-stream 2a02:26f0:6c00:293::1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-ExtraLight.woff2

Requested by

Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:293::1b62 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

8107d336fd1e5fee55e5a439af3165b98a39d84e25a0d55af1179d8e1b7b19ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
Origin: https://forums.xfinity.com

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 21 Jun 2018 18:41:25 GMT
server: nginx
access-control-allow-origin: *
etag: "a626342f1fe2e8793440bc6f0882cb57"
access-control-allow-methods: GET, OPTIONS
content-type: binary/octet-stream
status: 200
cache-control: public, max-age=2592000
date: Mon, 17 Jun 2019 14:31:32 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 33268

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 6 KB
2 KB 45ms
44ms Script
application/javascript 34.241.198.89
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://dpm.demdex.net/id?d_visid_ver=1.5.3&d_rtbd=json&d_ver=2&d_orgid=DA11332E5321D0550A490D45%40AdobeOrg&d_nsid=0&d_cb=s_c_il%5B0%5D._setMarketingCloudFields
Requested by: Host: cdn.comcast.com
URL: https://cdn.comcast.com/~/Media/Javascripts/Omniture/visitorAPI.js?vs=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.198.89 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-34-241-198-89.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 50f2ddbaf4986fbe2a229210a06358fe04f1392667c3357e328504a99540f8a7

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v034-0e885e618.edge-irl1.demdex.com 5.54.0.20190610134454 4ms
Pragma: no-cache
Content-Encoding: gzip
X-TID: gb02yJPNQOk=
Vary: Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Content-Length: 1689
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 XfinityStandard-Medium.woff2
sdx.xfinity.com/fonts/latest/Xfinity_Standard/ 27 KB
27 KB 21ms
20ms Font
binary/octet-stream 2a02:26f0:6c00:293::1b62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://sdx.xfinity.com/fonts/latest/Xfinity_Standard/XfinityStandard-Medium.woff2

Requested by

Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:293::1b62 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
Origin: https://forums.xfinity.com

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 21 Jun 2018 18:41:25 GMT
server: nginx
access-control-allow-origin: *
etag: "13709eac065721ba8cd0e2d1b6fa8026"
access-control-allow-methods: GET, OPTIONS
content-type: binary/octet-stream
status: 200
cache-control: public, max-age=2592000
date: Mon, 17 Jun 2019 14:31:32 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 27152

GET
H/1.1 200
OK id Show response
comcastcom.d1.sc.omtrdc.net/ 68 B
482 B 80ms
16ms Script
application/x-javascript 66.117.29.224
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://comcastcom.d1.sc.omtrdc.net/id?d_visid_ver=1.5.3&callback=s_c_il%5B0%5D._setAnalyticsFields&mcorgid=DA11332E5321D0550A490D45%40AdobeOrg&mid=19658131241474113010578479238645366538

Requested by

Host: cdn.comcast.com
URL: https://cdn.comcast.com/~/Media/Javascripts/Omniture/visitorAPI.js?vs=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.117.29.224 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

Software

Omniture DC/2.0.0 /

Resource Hash

b12be0941a7025523bc55d3e767051bb6781e9e959165db3df6a608bbb0f06b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 17 Jun 2019 14:31:32 GMT
X-Content-Type-Options: nosniff
Server: Omniture DC/2.0.0
xserver: www5
Vary: Origin
X-C: ms-6.7.4
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 68
X-XSS-Protection: 1; mode=block

POST
H2 200 jsearch Show response
forums.xfinity.com/comcastsupport/api/2.0/ 10 KB
2 KB 206ms
206ms XHR
application/json 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/comcastsupport/api/2.0/jsearch
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/scripts/95E6648155A17767FE04B60E58E4D432/lia-scripts-angularjs-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: d759370a87e2b44cc9e24fc2c73868f4e7898243f27128e5c83a9562a407ce34

Request headers

Accept: application/json, text/plain, */*
Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Application-Version: 2.0.0
Content-Type: application/json
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://forums.xfinity.com
Application-Identifier: DESKTOP

Response headers

date: Mon, 17 Jun 2019 14:31:33 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: FRA2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
status: 200
content-length: 1546
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
x-amz-cf-id: wQ4uluBf0Kx1BPjYIanpQJyy1BNlgC06-Evxr65cctUABplzbTHpWw==

GET
H/1.1 200
OK s65734115360279 Show response
comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-1.6/ 6 KB
6 KB 54ms
52ms Script
application/x-javascript 66.117.29.224
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://comcastcom.d1.sc.omtrdc.net/b/ss/comcastdotcomprod/10/JS-1.6/s65734115360279?AQB=1&ndh=1&pf=1&callback=s_c_il[1].AudienceManagement.passData&t=17%2F5%2F2019%2014%3A31%3A32%201%200&d.&nsid=0&jsonv=1&.d&mid=19658131241474113010578479238645366538&aamlh=6&ce=UTF-8&ns=comcastcom&pageName=Home%20-%20Billing%20%26%20Customer%20Service%20-%20Customer%20Service%20-%20Comcast%20is%20spreading%20a%20malware%20worm%21&g=https%3A%2F%2Fforums.xfinity.com%2Ft5%2FCustomer-Service%2FComcast-is-spreading-a-malware-worm%2Ftd-p%2F2958556&cc=USD&ch=Home&events=event11%2Cevent36%3D10&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c25=Home%20-%20Billing%20%26%20Customer%20Service%20-%20Customer%20Service%20-%20Comcast%20is%20spreading%20a%20malware%20worm%21%7Cpage%20load&v29=landscape%3Anot%20rwd%20page%3A1600x1200&c32=Billing%20%26%20Customer%20Service&v32=Billing%20%26%20Customer%20Service&c34=Home&v34=Home&c35=Customer%20Service&v35=Customer%20Service&c36=forums&v36=forums&v37=D%3DpageName&v46=First%20Visit&c54=VisitorAPI%20Present&c57=Comcast%20is%20spreading%20a%20malware%20worm%21&v57=Comcast%20is%20spreading%20a%20malware%20worm%21&c72=10&c73=https%3A%2F%2Fcdn.comcast.com%2F%7E%2FMedia%2FJavascripts%2FOmniture%2Fs_code.ashx%7C11182016&v91=nc&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: cdn.comcast.com
URL: https://cdn.comcast.com/~/media/javascripts/omniture/s_code

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.117.29.224 , United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),

Reverse DNS

Software

Omniture DC/2.0.0 /

Resource Hash

ef20fbd7c184e9e7fbcb0a6cd2adf2488eacee816f05f4206de65d6730f2babe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-AAM-TID: LLrutlo6RDM=
Date: Mon, 17 Jun 2019 14:31:33 GMT
X-Content-Type-Options: nosniff
X-C: ms-6.7.4
P3P: CP="This is not a P3P policy"
Connection: keep-alive
Content-Length: 5979
X-XSS-Protection: 1; mode=block
DCS: dcs-prod-irl1-v034-09b63a07a.edge-irl1.demdex.com 5.54.0.20190610134454 10ms
Pragma: no-cache
Last-Modified: Tue, 18 Jun 2019 14:31:33 GMT
Server: Omniture DC/2.0.0
xserver: www5
ETag: "3351753593399050240-4765128366326068154"
Vary: *
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, max-age=0, no-transform, private
Expires: Sun, 16 Jun 2019 14:31:33 GMT

GET
H2 200 arrow_down_inactiveA.png
forums.xfinity.com/html/assets/ 2 KB
3 KB 21ms
20ms Image
image/png 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/html/assets/arrow_down_inactiveA.png
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/scripts/44AB806918159E86D0BC181E2898F804/lia-scripts-common-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 56b1a1e616260cd163d25983a4f705bec0b717943d5881831e223ce098e61459

Request headers

Referer: https://forums.xfinity.com/skins/3623049/6e5212b82a193d285cb489fd3f7a6ec5/tera.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 05 May 2019 06:33:09 GMT
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jun 2018 07:06:14 GMT
server: Apache
age: 70722
etag: W/"2344-1529478374000"
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-cf-pop: FRA2
accept-ranges: bytes
content-length: 2344
x-amz-cf-id: Y9hU-TkOYAlsLHkNW1p2EBbzqmnpPGM2UE9pkiMvUvvsDi8DTsOiIA==

GET
DATA 200
OK truncated
/ 205 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9aa8df28e9241a43c5f544d052a1876b5ac57e0927c2a1a3fe2020172dd4cb8a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 204 204222722468_1560781891702.gif
forums.xfinity.com/beacon/ 0
486 B 190ms
186ms Image
text/plain 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://forums.xfinity.com/beacon/204222722468_1560781891702.gif
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 17 Jun 2019 14:31:33 GMT
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
last-modified: Fri, 02 Nov 2007 00:36:01 GMT
server: Apache
x-amz-cf-pop: FRA2
x-cache: Miss from cloudfront
status: 204
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
x-amz-cf-id: ITtqr25EYSIFsq8LEWKVNwYBdHEtVCEt2lXjhL28ZUj8W-3eT1HrRg==
expires: Thu, 22 Jan 1976 08:28:00 GMT

GET
DATA 200
OK truncated
/ 667 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 ng-community Show response
forums.xfinity.com/comcastsupport/api/2.0/ui/lang/ 1 KB
1 KB 201ms
200ms XHR
application/json 2600:9000:200c:e600:0:b723:1680:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://forums.xfinity.com/comcastsupport/api/2.0/ui/lang/ng-community?board.id=CustServ_CustServ
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/scripts/95E6648155A17767FE04B60E58E4D432/lia-scripts-angularjs-min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:e600:0:b723:1680:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: Apache /
Resource Hash: 39efeff4f53620a04df468878029e8220c19134b0cd3bcbefd5127aac2469dc8

Request headers

Accept: application/json, text/plain, */*
Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Application-Version: 2.0.0
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT
Application-Identifier: DESKTOP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 17 Jun 2019 14:31:33 GMT
content-encoding: gzip
server: Apache
x-amz-cf-pop: FRA2
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method,Access-Control-Allow-Credentials,Access-Control-Max-Age,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
status: 200
content-length: 441
via: 1.1 8391f131e4acb30724947dab1f8592a5.cloudfront.net (CloudFront)
x-amz-cf-id: OK1_rHU9f2WbuZX1mkjGYe9LwlYm61ii91tv5F6o4zd6sIuOam6iBg==

GET
H2 200 XfinityStandard-Regular.woff2
static.cimcontent.net/fonts/latest/Xfinity_Standard/ 26 KB
26 KB 84ms
7ms Font
binary/octet-stream 2a02:26f0:6c00:181::30d4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://static.cimcontent.net/fonts/latest/Xfinity_Standard/XfinityStandard-Regular.woff2

Requested by

Host: polaris.xfinity.com
URL: https://polaris.xfinity.com/polaris.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:181::30d4 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

nginx /

Resource Hash

138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Origin: https://forums.xfinity.com

Response headers

strict-transport-security: max-age=31536000
last-modified: Thu, 21 Jun 2018 18:41:25 GMT
server: nginx
access-control-allow-origin: *
etag: "e3e79cd377b28c1e7ffea64b194136cf"
access-control-allow-methods: GET, OPTIONS
content-type: binary/octet-stream
status: 200
cache-control: public, max-age=2592000
date: Mon, 17 Jun 2019 14:31:34 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 26768

GET
H/1.1 200
OK orc.html Show response
polaris.xfinity.com/ Frame 38A6 18 KB
7 KB 102ms
101ms Document
text/html 2001:558:fe03:38::2
Comcast Cable Com...

General

Check archive.org

Show headers Download Go to

Full URL

https://polaris.xfinity.com/orc.html?domain=forums.xfinity.com

Requested by

Host: polaris.xfinity.com
URL: https://polaris.xfinity.com/polaris.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2001:558:fe03:38::2 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),

Reverse DNS

Software

ATS/7.1.4 /

Resource Hash

626ec5f8c6437436db6c8fbd1668187a936fd7a5eb7a2d904a036cd0b4a3c92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31540000
X-Content-Type-Options	nosniff

Request headers

Host: polaris.xfinity.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Response headers

Cache-Control: max-age=86400 s-maxage=1800, stale-if-error=3600
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 17 Jun 2019 14:08:26 GMT
Expires: Tue, 18 Jun 2019 14:08:26 GMT
Server: ATS/7.1.4
Strict-Transport-Security: max-age=31540000
X-Content-Type-Options: nosniff
X-Vcap-Request-Id: e12d7a42-ee4b-4317-4d9d-3e88f6c6037a
Age: 1388
Content-Length: 6970
Via: http/1.1 odol-atsmid-pan-06.ivyland.pa.panjde.comcast.net (ApacheTrafficServer/7.1.4 [uScHs f p eN:t cCHi p s ]), http/1.1 odol-atsec-bos-48.westroxbury.ma.boston.comcast.net (ApacheTrafficServer/7.1.4 [uScRs f p eN:t cCHi p s ])
Connection: keep-alive

GET
H/1.1 200
OK xfinity_logo.svg
polaris.xfinity.com/images/svgs/ 2 KB
2 KB 203ms
101ms Image
image/svg+xml 2001:558:fe03:38::2
Comcast Cable Com...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://polaris.xfinity.com/images/svgs/xfinity_logo.svg
Requested by: Host: forums.xfinity.com
URL: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:558:fe03:38::2 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software: ATS/7.1.4 /
Resource Hash: 94799be343ae840eb8cdebd33e14ae99605c5e05600e5071b328678cab026f7e

Request headers

Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Thu, 13 Jun 2019 09:52:35 GMT
Via: http/1.1 odol-atsmid-bos-05.woburn.ma.boston.comcast.net (ApacheTrafficServer/7.1.4 [uIcSsSfUpNeN:t cCSi p sS]), http/1.1 odol-atsec-bos-48.westroxbury.ma.boston.comcast.net (ApacheTrafficServer/7.1.4 [uScRs f p eN:t cCHi p s ])
Last-Modified: Thu, 14 Mar 2019 14:33:58 GMT
Server: ATS/7.1.4
Age: 362339
Etag: "5c8a6656-610"
Content-Type: image/svg+xml
X-Vcap-Request-Id: c357149e-896c-4c03-6cfa-269fe1e5f707
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1552
Expires: Sat, 13 Jul 2019 09:52:35 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37c20f26af4b3ee4798d520759362c4e530c9d436848dc72c10cfbd89615fce

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dest5.html
comcast.demdex.net/ Frame 7EC1 0
0 132ms
29ms Document
text/html 52.49.125.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://comcast.demdex.net/dest5.html?d_nsid=undefined
Requested by: Host: cdn.comcast.com
URL: https://cdn.comcast.com/~/Media/Javascripts/Omniture/visitorAPI.js?vs=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.125.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-125-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: comcast.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 12 Jun 2019 12:26:37 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Vary: Accept-Encoding, User-Agent
X-TID: CqozlpQTQJc=
Content-Length: 2764
Connection: keep-alive

GET
H/1.1 200
OK dest5.html
comcast.demdex.net/ Frame 0C82 0
0 120ms
30ms Document
text/html 52.49.125.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://comcast.demdex.net/dest5.html?d_nsid=0
Requested by: Host: cdn.comcast.com
URL: https://cdn.comcast.com/~/media/javascripts/omniture/s_code
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.125.7 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-125-7.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Host: comcast.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://forums.xfinity.com/t5/Customer-Service/Comcast-is-spreading-a-malware-worm/td-p/2958556

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Wed, 12 Jun 2019 12:19:44 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Vary: Accept-Encoding, User-Agent
X-TID: UIjhIa9XQ0c=
Content-Length: 2764
Connection: keep-alive

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xfinity.com/	1969-12-31 23:59:59	Name: s_sess Value: %20tp%3D5345%3B%20s_ppv%3DHome%252520-%252520Billing%252520%252526%252520Customer%252520Service%252520-%252520Customer%252520Service%252520-%252520Comcast%252520is%252520spreading%252520a%252520malware%252520worm%252521%252C22%252C22%252C1200%3B

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.comcast.com
comcast.demdex.net
comcastcom.d1.sc.omtrdc.net
dpm.demdex.net
fls.doubleclick.net
forums.xfinity.com
polaris.xfinity.com
sdx.xfinity.com
static.cimcontent.net
2001:558:fe03:38::2
216.58.205.230
2600:9000:200c:e600:0:b723:1680:93a1
2a00:1450:4001:821::200a
2a02:26f0:6c00:181::30d4
2a02:26f0:6c00:28c::2af2
2a02:26f0:6c00:293::1b62
34.241.198.89
52.49.125.7
66.117.29.224
009a76423596546daae5b12d3a7c27df199f273f55d3532a76e9171b3039b02d
020e9e48d93ba9d27e827e8246dd9f855c388ff4697ba14d647fcc4d9b1ccdef
022026ba60d70ac80314ef46ea858aab48754bfe94d7b77d64c392311e9103a9
138c0ead0fbcd09dd455df9870920e8725b367fbf02ac0cef0c62874000ab176
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19a15d806234cf5e67f961769c7dbe3b20516c3b023b50f1b757d00ad0a103f5
2a031939885bb7efba89d423c9ee7c0fe2bab465f18db63f40a9ae2bd7bc0228
35f52674076d99621bf8910f9001ceb839a39eb5da416a0ce08b9aa6a4344a9c
372f7cc1ba87cfa1d4ffe4553dfb90cd10ccf4e16b934a40d041d0ec0b0a9a70
39efeff4f53620a04df468878029e8220c19134b0cd3bcbefd5127aac2469dc8
3befb5fdeba7a59842c5ed5c3f3c5f1f2b8aef1d0fc96d98a4aa5a55dba4825d
420347a116300e62f705ac5968517c791bd4b5daef86829d68c926093176e635
44f222333b4c6396b38f2e06dc73d385d243e2b36a30914fd10b6ddb4e831017
4befa2da140b8e4e144f5c86e22f7e7cc628c34251d373c143a26ac6fe153a34
4e4c3af4d777c71152a37e3c8988d23ee2efd735b25bf8ab41bbe3f76b3dad5f
50f2ddbaf4986fbe2a229210a06358fe04f1392667c3357e328504a99540f8a7
5578db6fae4ec0486a3f177d33fc43727d225c6684b17ce6ed2b67fd51512c74
56b1a1e616260cd163d25983a4f705bec0b717943d5881831e223ce098e61459
626ec5f8c6437436db6c8fbd1668187a936fd7a5eb7a2d904a036cd0b4a3c92f
732e746f333e72f2de29e12999a83f3f364950a39fe414eb2c043a7941db7f4b
7595f407d929aab2ec79e9a370982923f53ade9585b91b232541ceb66a942932
8107d336fd1e5fee55e5a439af3165b98a39d84e25a0d55af1179d8e1b7b19ea
88eceee077f4dd4d08d9d2e692283811b7cf262965348ba1cccda9e6f08137e5
8d2edbeb55fcfb913fd824dd05269827b8f8466c9a410921a44e99648a0d059c
94799be343ae840eb8cdebd33e14ae99605c5e05600e5071b328678cab026f7e
94b9220963030d90f1a963958e6b725db485e84a865cc2c0c67f956e259cf0c9
955acaf652ddbed0d8aade56801006e07bd5dcc90ea4b0e0006521d077be0156
9913a374afce82cc6306592522f8daed04fcf5fa2c60fa0248b4dd542b85bd58
9aa8df28e9241a43c5f544d052a1876b5ac57e0927c2a1a3fe2020172dd4cb8a
9eaa8d9b7d7806108f333c2971f00dddf62a06451fe5636bc6363024b8b6de0e
a9eabd0212ab1b7c580f36a1911c762e640b1da1ecb2237eaab59813209f65c4
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ac65d8cdcea6739bd24155baa1541216a938bad994b90f617e24aebc750ec355
b008ae9116f9f63a65778c1533b8f3c7293732356f811edeae4091012cc9db3c
b12be0941a7025523bc55d3e767051bb6781e9e959165db3df6a608bbb0f06b3
bebf5c8632c92172b8df5a0d70930c9006b255a3c5747c540cc388d07b840a8c
c6ef7819d78f59ce3fff27781d158055d86bcc439968660f173e3ad65930359f
d759370a87e2b44cc9e24fc2c73868f4e7898243f27128e5c83a9562a407ce34
d953f7d50d545e0ff1e40fe646eb8b51eea87271c2fd9914675e0b01774e4d4a
db3882e5778bceae35331701f086eb91e5c9d425e8d6db9fd9499b021972efa7
dda5f2dd9745e58c9fa5c36f7025cb8f644068758454a4450b45224169ad8bb1
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e37c20f26af4b3ee4798d520759362c4e530c9d436848dc72c10cfbd89615fce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a5d3f14657a7ed5451400a44e440d7654c9891f3773b2ae19a820a4b02807
e53e46ceb3463b3cfaeb03d25dec9e757fe451a10c9675cf09244ece023e544f
edd8db5c29b96b7a290a5e266d426dca85541b7cd7a62b180e5ec89dc635f05f
ef20fbd7c184e9e7fbcb0a6cd2adf2488eacee816f05f4206de65d6730f2babe
f0e08366582332ec65e99dda5c8f0d01d0df495fcd00ef3128aed77e463b6b02
fc6cd95261064c28600405c9c8dd51813abf8367e85b6e00f0f3031a8338988a

forums.xfinity.com Open in urlscan Pro 2600:9000:200c:e600:0:b723:1680:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

60 %IPv6

7 Domains

10 Subdomains

11 IPs

4 Countries

950 kBTransfer

3915 kBSize

1 Cookies

68 Outgoing links

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

forums.xfinity.com Open in urlscan Pro
2600:9000:200c:e600:0:b723:1680:93a1 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

10
Subdomains

11
IPs

4
Countries

950 kB
Transfer

3915 kB
Size

1
Cookies

50 HTTP transactions
6 data transactions