urlscan.io logo urlscan.io
SecurityTrails logo

kids-teeth.ml Open in urlscan Pro
167.99.232.32  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://kids-teeth.ml/cghjss..htm
Submission: On April 23 via automatic, source openphish
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 8 domains to perform 29 HTTP transactions. The main IP is 167.99.232.32, located in Fort Worth, United States and belongs to DIGITALOCEAN-ASN - DigitalOcean, LLC, US. The main domain is kids-teeth.ml.
This is the only time kids-teeth.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Xfinity (Consumer)

Domain & IP information

IP Address AS Autonomous System
1 167.99.232.32 14061 (DIGITALOC...)
11 2001:558:fe21... 7922 (COMCAST-7922)
2 204.13.194.239 29990 (ASN-APPNEXUS)
1 3 173.241.240.220 36089 (OPENX-AS1)
4 23.210.250.213 16625 (AKAMAI-AS)
1 2.19.38.84 20940 (AKAMAI-ASN1)
2 213.19.162.21 26667 (RUBICONPR...)
2 213.19.162.67 26667 (RUBICONPR...)
1 91.228.74.250 27281 (QUANTCAST)
1 2 204.13.194.235 29990 (ASN-APPNEXUS)
1 151.101.121.108 54113 (FASTLY)
1 2 173.241.240.143 36089 (OPENX-AS1)
29 12
1    167.99.232.32 (Fort Worth, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
kids-teeth.ml
11    2001:558:fe21:2:69:252:205:24 (United States)

ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US)
login.comcast.net
2    204.13.194.239 (New York, United States)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
oasc09.247realmedia.com
3    173.241.240.220 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org
comcast-d.openx.net
4    23.210.250.213 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    2.19.38.84 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-38-84.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
2    213.19.162.21 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
optimized-by.rubiconproject.com
2    213.19.162.67 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
beacon-eu-ams3.rubiconproject.com
1    91.228.74.250 (United Kingdom)

ASN27281 (QUANTCAST - Quantcast Corporation, US)
pixel.quantserve.com
2    204.13.194.235 (New York, United States)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
oascentral.comcast.net
1    151.101.121.108 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
cdn.oas-c18.adnxs.com
2    173.241.240.143 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org
eu-u.openx.net
Domain Requested by
11 login.comcast.net kids-teeth.ml
3 px.moatads.com kids-teeth.ml
3 comcast-d.openx.net 1 redirects kids-teeth.ml
2 eu-u.openx.net 1 redirects comcast-d.openx.net
2 oascentral.comcast.net 1 redirects kids-teeth.ml
2 beacon-eu-ams3.rubiconproject.com kids-teeth.ml
2 optimized-by.rubiconproject.com ads.rubiconproject.com
2 oasc09.247realmedia.com kids-teeth.ml
oasc09.247realmedia.com
1 cdn.oas-c18.adnxs.com kids-teeth.ml
1 pixel.quantserve.com optimized-by.rubiconproject.com
1 ads.rubiconproject.com comcast-d.openx.net
1 z.moatads.com oasc09.247realmedia.com
1 kids-teeth.ml
29 13
Subject Issuer Validity Valid
login.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2018-10-29 -
2020-10-28		 2 years crt.sh
*.247realmedia.com
GeoTrust RSA CA 2018		 2018-01-25 -
2019-06-25		 a year crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-02-13 -
2021-02-17		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
oascentral.comcast.net
COMODO RSA Organization Validation Secure Server CA		 2017-05-18 -
2019-05-18		 2 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2018-07-13 -
2019-06-07		 a year crt.sh

This page contains 2 frames:

Primary Page: http://kids-teeth.ml/cghjss..htm
Frame ID: B703AB0402CBC6F3AE70E837EC99EE98
Requests: 28 HTTP requests in this frame

Frame: http://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195
Frame ID: 4CEADD7FA95B9DBADBEEED17F17AFFDD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • script /https?:\/\/[^\/]*\.openx\.net/i
Overall confidence: 100%
Detected patterns
  • script /https?:\/\/[^\/]*\.rubiconproject\.com/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i

Page Statistics

29
Requests

72 %
HTTPS

8 %
IPv6

8
Domains

13
Subdomains

12
IPs

3
Countries

205 kB
Transfer

460 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://comcast-d.openx.net/w/1.0/acj?ai=e8cac11d-41b1-4235-aafc-4c4a482d3c3c&o=5858520160&callback=OX_5858520160&ju=http%3A//kids-teeth.ml/cghjss..htm&jr=&auid=538830424&dims=1600x1200&adxy=623%2C90&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1&mt=1 HTTP 302
  • http://comcast-d.openx.net/w/1.0/acj?cc=1&ai=e8cac11d-41b1-4235-aafc-4c4a482d3c3c&o=5858520160&callback=OX_5858520160&ju=http%3A//kids-teeth.ml/cghjss..htm&jr=&auid=538830424&dims=1600x1200&adxy=623%2C90&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1&mt=1
Request Chain 18
  • https://oascentral.comcast.net/RealMedia/ads/adstream_lx.ads/comcast.net/RubiconSIPassback/L29/945102675/x32/Comcast/MKTG_2019_ROS_ALL_NATL/DIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1_300x250.jpg/553245584a6c792f62787741422f6e4c?_OAS_GEO_OVERRIDE_=US:UNKNOWN&am=NONE&qsg=D&kw=noloopback_smr HTTP 302
  • https://cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/MKTG_2019_ROS_ALL_NATL/DIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1_300x250.jpg/1554844434
Request Chain 25
  • http://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195 HTTP 302
  • http://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request cghjss..htm
kids-teeth.ml/ 		20 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Server
167.99.232.32 Fort Worth, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
7fe187b239a2c1d59ebb4d28a47eac796c20af4e898581f347776a02feab62f8

Request headers

Host
kids-teeth.ml
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Apr 2019 20:01:28 GMT
Server
Apache
Last-Modified
Tue, 23 Apr 2019 12:36:53 GMT
Accept-Ranges
bytes
Content-Length
20248
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
styles.min.css
login.comcast.net/static/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/css/styles.min.css?v=9
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
847ec2bbe06b316899e011a0abdd47e14a5620dd8fa83e59f02b7edb955ae54c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Apr 2019 20:01:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 19 Apr 2019 22:34:30 GMT
Server
Apache
Vary
Accept-Encoding
Connection
Keep-Alive
Content-Type
text/css
Cache-Control
max-age=157343581
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=500
Content-Length
4532
Expires
Wed, 17 Apr 2024 22:34:30 GMT
nc.min.js
login.comcast.net/proxy/captcha/resource/13428/skins/open-comcast-cima-2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/proxy/captcha/resource/13428/skins/open-comcast-cima-2/nc.min.js
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Apr 2019 20:01:28 GMT
Via
1.1 1688fce6978b3d5b33e6f232fb0871e5.cloudfront.net (CloudFront), 1.1 login.comcast.net
Vary
Accept-Encoding
X-Cache
Error from cloudfront
Content-Type
application/xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Encoding
gzip
Keep-Alive
timeout=5, max=500
Content-Length
20
X-Amz-Cf-Id
vV_WvV4a-pVVuS3aymusvCPQTTXQobewShKakMq-LgRWPg4Y4sEeXg==
omniture.js
login.comcast.net/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/omniture.js?v=9
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
1470798879@x32
oasc09.247realmedia.com/RealMedia/ads/adstream_jx.ads/comcast.net/login_secure/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oasc09.247realmedia.com/RealMedia/ads/adstream_jx.ads/comcast.net/login_secure/1470798879@x32?_OAS_GEO_OVERRIDE_=US:UNKNOWN
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.13.194.239 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
502b5c0dc2bf1deb918d28a6d161b13a155db0f5984026e86c6b00eb40363e9f

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:31 GMT
Content-Encoding
gzip
Server
nginx/1.13.10
Vary
Accept-Encoding
P3P
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Cache-Control
no-cache,no-store,private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
Expires
Fri, 30 Oct 1998 14:19:41 GMT
xfinity-logo.png
login.comcast.net/static/images/global/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.comcast.net/static/images/global/xfinity-logo.png
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
f2cbb9c684c7244f1098767b9b4e12521777afee1fd2c93aae1e762f1a1ff85d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://login.comcast.net/static/css/styles.min.css?v=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Apr 2019 20:01:29 GMT
Last-Modified
Fri, 19 Apr 2019 21:39:46 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
image/png
Cache-Control
max-age=157340296
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
7836
Expires
Wed, 17 Apr 2024 21:39:46 GMT
jstag
comcast-d.openx.net/w/1.0/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://comcast-d.openx.net/w/1.0/jstag
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Server
173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.132.0 /
Resource Hash
0ed1ac6cea795a9d493c9cff9564dd3dbef0f1eb8b5af784cb0daf82f43a9e8e

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 23 Apr 2019 20:01:29 GMT
Content-Encoding
gzip
Server
OXGW/16.132.0
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
max-age=3600
Content-Type
text/javascript
Content-Length
22913
Expires
Tue, 23 Apr 2019 21:01:29 GMT
553245584a6c792f62787341426a4478
oasc09.247realmedia.com/RealMedia/ads/adstream_lx.ads/comcast.net/login_secure/L24/631197710/x32/Comcast/OpenX_201507_SIG_300_NATL/300x250_RM_OpenX_SI_K2_112917_10172018.html/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oasc09.247realmedia.com/RealMedia/ads/adstream_lx.ads/comcast.net/login_secure/L24/631197710/x32/Comcast/OpenX_201507_SIG_300_NATL/300x250_RM_OpenX_SI_K2_112917_10172018.html/553245584a6c792f62787341426a4478?_RM_EMPTY_&_OAS_GEO_OVERRIDE_=US:UNKNOWN
Requested by
Host: oasc09.247realmedia.com
URL: https://oasc09.247realmedia.com/RealMedia/ads/adstream_jx.ads/comcast.net/login_secure/1470798879@x32?_OAS_GEO_OVERRIDE_=US:UNKNOWN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.13.194.239 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:31 GMT
Server
nginx/1.13.10
P3P
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Cache-Control
no-cache,no-store,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 30 Oct 1998 14:19:41 GMT
moatad.js
z.moatads.com/comcastapn56341864860/ 		268 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/comcastapn56341864860/moatad.js
Requested by
Host: oasc09.247realmedia.com
URL: https://oasc09.247realmedia.com/RealMedia/ads/adstream_jx.ads/comcast.net/login_secure/1470798879@x32?_OAS_GEO_OVERRIDE_=US:UNKNOWN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.210.250.213 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a64ae049c263cacbe24d5797dc19855eddf1a71ac700417437bec58ab1254803

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 23 Apr 2019 20:01:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Apr 2019 16:05:26 GMT
Server
AmazonS3
x-amz-request-id
71DF42C7CCF903DB
ETag
"8d06472e4e604c349440d95e5e6ac519"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=63317
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84935
x-amz-id-2
3KkxkWIFi/9NXSDu75ZPy6M2SOKd2boMSUaKgqMdrU6gdtXWdzqSUzK7f7UDHYFjNY5enpCKHF4=
acj
comcast-d.openx.net/w/1.0/
Redirect Chain
  • http://comcast-d.openx.net/w/1.0/acj?ai=e8cac11d-41b1-4235-aafc-4c4a482d3c3c&o=5858520160&callback=OX_5858520160&ju=http%3A//kids-teeth.ml/cghjss..htm&jr=&auid=538830424&dims=1600x1200&adxy=623%2C9...
  • http://comcast-d.openx.net/w/1.0/acj?cc=1&ai=e8cac11d-41b1-4235-aafc-4c4a482d3c3c&o=5858520160&callback=OX_5858520160&ju=http%3A//kids-teeth.ml/cghjss..htm&jr=&auid=538830424&dims=1600x1200&adxy=62...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://comcast-d.openx.net/w/1.0/acj?cc=1&ai=e8cac11d-41b1-4235-aafc-4c4a482d3c3c&o=5858520160&callback=OX_5858520160&ju=http%3A//kids-teeth.ml/cghjss..htm&jr=&auid=538830424&dims=1600x1200&adxy=623%2C90&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1&mt=1
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Server
173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-220.xa.dc.openx.org
Software
OXGW/16.132.0 /
Resource Hash
92be745b56338836887abfd37ba9b558a51affd46439a78ae006afd6ad30d4aa

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:29 GMT
Content-Encoding
gzip
Server
OXGW/16.132.0
Vary
Accept
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, max-age=0, no-cache
Transfer-Encoding
chunked
Content-Type
application/json
Expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
http://comcast-d.openx.net/w/1.0/acj?cc=1&ai=e8cac11d-41b1-4235-aafc-4c4a482d3c3c&o=5858520160&callback=OX_5858520160&ju=http%3A//kids-teeth.ml/cghjss..htm&jr=&auid=538830424&dims=1600x1200&adxy=623%2C90&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=1600x1200&ifr=0&tws=1600x1200&vmt=1&sd=1&mt=1
Date
Tue, 23 Apr 2019 20:01:29 GMT
Server
OXGW/16.132.0
Content-Length
0
P3P
CP="CUR ADM OUR NOR STA NID"
11648.js
ads.rubiconproject.com/ad/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/11648.js
Requested by
Host: comcast-d.openx.net
URL: http://comcast-d.openx.net/w/1.0/jstag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.19.38.84 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-19-38-84.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
39ac01c5fbbc8a5770b3544790734f67b936696adb543d635330802815996051

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 23 Apr 2019 20:01:29 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=6105
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
7587
Expires
Tue, 23 Apr 2019 21:43:14 GMT
150582-10.js
optimized-by.rubiconproject.com/a/11648/36314/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://optimized-by.rubiconproject.com/a/11648/36314/150582-10.js?&cb=0.044292789095288&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=36314_10
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11648.js
Protocol
HTTP/1.1
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
0bafddf3df713e5da77564976be89466c26a2c83c1aec1917f93986599412b0f

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:29 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=0, max=3
Content-Length
897
Expires
Wed, 17 Sep 1975 21:32:10 GMT
1ce8e334-a7c3-4f46-8495-3e504cd3cf4d
beacon-eu-ams3.rubiconproject.com/beacon/d/ 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://beacon-eu-ams3.rubiconproject.com/beacon/d/1ce8e334-a7c3-4f46-8495-3e504cd3cf4d?oo=0&accountId=11648&siteId=36314&zoneId=150582&sizeId=10&e=6A1E40E384DA563B39CF3793BEDA6E42C8788575109AE60B4B9AA2EB443CE43E58ED01EDD3C7F0B8ABAD5432A97F960D27BDAF65660D133067A2633C14C2C5A5C45BDE13FEE25F436318BCD2F5968F63AC237D6FA0EBFC9ADFFA16DC2C67B3089457A458BE97911CC41659CE9A702AC1BD1F536DC546A05AF5BE0B04AD33F58D33F8630F2FDB6069
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Server
213.19.162.67 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:29 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/webp
150582-15.js
optimized-by.rubiconproject.com/a/11648/36314/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.3324504093706948&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=36314_15
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/11648.js
Protocol
HTTP/1.1
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
97d0d3078515786566af41e6d5df6aba67a33c41a143fd1080f64152711e69e9

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:29 GMT
Content-Encoding
gzip
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=0, max=6
Content-Length
1740
Expires
Wed, 17 Sep 1975 21:32:10 GMT
segments.json
pixel.quantserve.com/api/ 		39 B
471 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.quantserve.com/api/segments.json?a=p-9eJ8k4iSzux46&callback=qc_results&ttl=86400
Requested by
Host: optimized-by.rubiconproject.com
URL: http://optimized-by.rubiconproject.com/a/11648/36314/150582-15.js?&cb=0.3324504093706948&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=36314_15
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.250 , United Kingdom, ASN27281 (QUANTCAST - Quantcast Corporation, US),
Reverse DNS
Software
QS /
Resource Hash
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 23 Apr 2019 20:01:30 GMT
Server
QS
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Type
application/x-javascript
Content-Length
39
Expires
Wed, 24 Apr 2019 20:01:30 GMT
9306b8b7-aa7e-42fa-9cbd-0f39b0ecbef7
beacon-eu-ams3.rubiconproject.com/beacon/d/ 		43 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://beacon-eu-ams3.rubiconproject.com/beacon/d/9306b8b7-aa7e-42fa-9cbd-0f39b0ecbef7?oo=0&accountId=11648&siteId=36314&zoneId=150582&sizeId=15&e=6A1E40E384DA563B8C12DC0AE9D0DEA092B8C6C9CD2934E89B51B5A3986BE91C7EA495A4B1B4950A13EE8AFC33DC55D09F0BE1F8337FD75D60297FB3FC57E286C45BDE13FEE25F436318BCD2F5968F63AC237D6FA0EBFC9ADFFA16DC2C67B3089457A458BE97911CC41659CE9A702AC1BD1F536DC546A05AF5BE0B04AD33F58D33F8630F2FDB6069
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Server
213.19.162.67 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
Rubicon Project /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:29 GMT
Cache-Control
private, max-age=0, no-cache
Expires
01 Jan 1970 10:00:00 GMT
Server
Rubicon Project
Content-Length
43
Content-Type
image/webp
nc.min.js
login.comcast.net/proxy/captcha/resource/13428/skins/open-comcast-cima-2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/proxy/captcha/resource/13428/skins/open-comcast-cima-2/nc.min.js
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Apr 2019 20:01:29 GMT
Via
1.1 f9ae6e33f293d8a4e80f48fca6093c68.cloudfront.net (CloudFront), 1.1 login.comcast.net
Vary
Accept-Encoding
X-Cache
Error from cloudfront
Content-Type
application/xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Encoding
gzip
Keep-Alive
timeout=5, max=499
Content-Length
20
X-Amz-Cf-Id
jcotDaYVqWGC0XC85jTwzsVVgoYJL5Hgy0aXfHLDgbOO9rGJdBbeAQ==
omniture.js
login.comcast.net/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/omniture.js?v=9
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
1779115895@x32
oascentral.comcast.net/RealMedia/ads/adstream_jx.ads/comcast.net/RubiconSIPassback/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oascentral.comcast.net/RealMedia/ads/adstream_jx.ads/comcast.net/RubiconSIPassback/1779115895@x32?_OAS_GEO_OVERRIDE_=US:UNKNOWN&am=NONE&qsg=D&kw=noloopback_smr
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.13.194.235 New York, United States, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
c805b0c7c8ec54cb56e9eaa14834dfe3bd260c001ae9e856f0715e7c8a1446a1

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:32 GMT
Content-Encoding
gzip
Server
nginx/1.13.10
Vary
Accept-Encoding
P3P
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Cache-Control
no-cache,no-store,private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
Expires
Fri, 30 Oct 1998 14:19:41 GMT
1554844434
cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/MKTG_2019_ROS_ALL_NATL/DIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1_300x250.jpg/
Redirect Chain
  • https://oascentral.comcast.net/RealMedia/ads/adstream_lx.ads/comcast.net/RubiconSIPassback/L29/945102675/x32/Comcast/MKTG_2019_ROS_ALL_NATL/DIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_H...
  • https://cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/MKTG_2019_ROS_ALL_NATL/DIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1_300x250.jpg/1554844434
25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/MKTG_2019_ROS_ALL_NATL/DIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1_300x250.jpg/1554844434
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.121.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
6da252ef9df7c04a62e4cc558d8998d495d073781a9c8ead34253fe64866c6fe

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Apr 2019 20:01:30 GMT
Via
1.1 varnish, 1.1 varnish
Age
69395
X-Cache
HIT, HIT
P3P
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Connection
keep-alive
Content-Length
25792
X-Served-By
cache-jfk8144-JFK, cache-cdg20767-CDG
Last-Modified
Tue, 09 Apr 2019 21:13:54 GMT
Server
nginx/1.13.10
X-Timer
S1556049691.888027,VS0,VE1
ETag
"316232-64c0-5861f6e2b6880"
Content-Type
image/jpeg
Cache-Control
max-age=86400
Accept-Ranges
bytes
X-Cache-Hits
1, 1

Redirect headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:32 GMT
Server
nginx/1.13.10
P3P
CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml"
Location
https://cdn.oas-c18.adnxs.com/RealMedia/ads/Creatives/Comcast/MKTG_2019_ROS_ALL_NATL/DIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1_300x250.jpg/1554844434
Cache-Control
no-cache,no-store,private
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
443
Expires
Fri, 30 Oct 1998 14:19:41 GMT
nc.min.js
login.comcast.net/proxy/captcha/resource/13428/skins/open-comcast-cima-2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/proxy/captcha/resource/13428/skins/open-comcast-cima-2/nc.min.js
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Apr 2019 20:01:30 GMT
Via
1.1 4d8c1d8eb5306fcfc84405473d1887e7.cloudfront.net (CloudFront), 1.1 login.comcast.net
Vary
Accept-Encoding
X-Cache
Error from cloudfront
Content-Type
application/xml
Connection
Keep-Alive
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Encoding
gzip
Keep-Alive
timeout=5, max=498
Content-Length
20
X-Amz-Cf-Id
r5udom_8fUDCzyEL2lDAcdYYz4uIEXyRqZY1AVSNZ97MA8UKl9SRgQ==
omniture.js
login.comcast.net/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/omniture.js?v=9
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=COMCASTAPN1&hp=1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1556049690772&de=513817152325&m=0&ar=499cee0265-clean&q=5&cb=0&cu=1556049690772&ll=2&lm=0&ln=0&em=0&en=0&d=OpenX%3AComcast%2FOpenX_201507_SIG_300_NATL%3A300x250_RM_OpenX_SI_K2_112917_10172018%3Aundefined&qs=1&gu=http%3A%2F%2Fkids-teeth.ml%2Fcghjss..htm&id=1&bo=x32&bd=comcast.net%2Flogin_secure%2FL24&dfp=0%2C1&la=comcast.net%2Flogin_secure&zMoatBO=x32&zMoatBD=comcast.net%2Flogin_secure%2FL24&gw=comcastapn56341864860&fd=1&ac=1&it=500&fs=163039&na=1420567461&cs=0
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.210.250.213 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:30 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 23 Apr 2019 20:01:30 GMT
omniture.js
login.comcast.net/static/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://login.comcast.net/static/js/omniture.js?v=9
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
home.png
login.comcast.net/static/images/sprites/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.comcast.net/static/images/sprites/home.png
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
aea1b1b66ea361a8235c838811585c1c052b69faccdc879bb50540b99e0d7316
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://login.comcast.net/static/css/styles.min.css?v=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Apr 2019 20:01:31 GMT
Last-Modified
Fri, 19 Apr 2019 21:39:46 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
image/png
Cache-Control
max-age=157340294
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=496
Content-Length
18298
Expires
Wed, 17 Apr 2024 21:39:46 GMT
overlay-bg.png
login.comcast.net/static/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://login.comcast.net/static/images/overlay-bg.png
Requested by
Host: kids-teeth.ml
URL: http://kids-teeth.ml/cghjss..htm
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2001:558:fe21:2:69:252:205:24 , United States, ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US),
Reverse DNS
Software
Apache /
Resource Hash
11374bba93dff0546c2e4c02fff615960b841df52063572054f4ab3a82c4bf93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Referer
https://login.comcast.net/static/css/styles.min.css?v=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Apr 2019 20:01:31 GMT
Last-Modified
Fri, 19 Apr 2019 21:39:46 GMT
Server
Apache
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
image/png
Cache-Control
max-age=157340294
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=499
Content-Length
2792
Expires
Wed, 17 Apr 2024 21:39:46 GMT
Cookie set pd
eu-u.openx.net/w/1.0/ Frame 4CEA
Redirect Chain
  • http://eu-u.openx.net/w/1.0/pd?plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195
  • http://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195
Requested by
Host: comcast-d.openx.net
URL: http://comcast-d.openx.net/w/1.0/jstag
Protocol
HTTP/1.1
Server
173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS
ox-173-241-240-143.xa.dc.openx.org
Software
OXGW/16.132.0 /
Resource Hash

Request headers

Host
eu-u.openx.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://kids-teeth.ml/cghjss..htm
Accept-Encoding
gzip, deflate
Cookie
i=acd8ceaa-cb00-053a-3fc8-f3811922fbdd|1556049691
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://kids-teeth.ml/cghjss..htm

Response headers

Vary
Accept
Set-Cookie
i=acd8ceaa-cb00-053a-3fc8-f3811922fbdd|1556049691; Version=1; Expires=Wed, 22-Apr-2020 20:01:31 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1556049691|cP96q78U9c90e7938R8X; Version=1; Expires=Wed, 08-May-2019 20:01:31 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
Server
OXGW/16.132.0
P3P
CP="CUR ADM OUR NOR STA NID"
Date
Tue, 23 Apr 2019 20:01:31 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Content-Encoding
gzip

Redirect headers

Set-Cookie
i=acd8ceaa-cb00-053a-3fc8-f3811922fbdd|1556049691; Version=1; Expires=Wed, 22-Apr-2020 20:01:31 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
Server
OXGW/16.132.0
P3P
CP="CUR ADM OUR NOR STA NID"
Location
http://eu-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=42d504c1-bae8-4312-8ad6-a76f3705b195
Date
Tue, 23 Apr 2019 20:01:31 GMT
Content-Length
0
pixel.gif
px.moatads.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=11&i=COMCASTAPN1&hp=1&cm=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=0&f=0&j=&o=3&t=1556049690772&de=513817152325&m=0&ar=499cee0265-clean&q=6&cb=0&cu=1556049690772&ll=2&lm=0&ln=0&em=0&en=0&d=OpenX%3AComcast%2FOpenX_201507_SIG_300_NATL%3A300x250_RM_OpenX_SI_K2_112917_10172018%3Aundefined&qs=1&gu=http%3A%2F%2Fkids-teeth.ml%2Fcghjss..htm&id=1&bo=x32&bd=comcast.net%2Flogin_secure%2FL24&dfp=0%2C1&la=comcast.net%2Flogin_secure&zMoatBO=x32&zMoatBD=comcast.net%2Flogin_secure%2FL24&gw=comcastapn56341864860&fd=1&ac=1&it=500&fs=163039&na=2036466384&cs=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.210.250.213 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:40 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 23 Apr 2019 20:01:40 GMT
pixel.gif
px.moatads.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&kq=1&lo=1&ua=null&pk=0&wk=0&rk=0&tk=0&qs=1&ak=https%3A%2F%2Foascentral.comcast.net%2FRealMedia%2Fads%2Fadstream_lx.ads%2Fcomcast.net%2FRubiconSIPassback%2FL29%2F945102675%2Fx32%2FComcast%2FMKTG_2019_ROS_ALL_NATL%2FDIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1_300x250.jpg%2F553245584a6c792f62787741422f6e4c%3F_OAS_GEO_OVERRIDE_%3DUS%3AUNKNOWN%26am%3DNONE%26qsg%3DD%26kw%3Dnoloopback_smr&i=COMCASTAPN1&ud=undefined&qn=(%2BIb%7Cj8o%3FJ(jkkeL07ta_*JRM!6t9B%2CN%3Ey)%2ChXbvU37_*NhSfBghz%5D*vOJ%23_%3DNoUA%5DRgBU_Gr1%3E%3AHuFTn%3ADXqJHZ%3BR%23yAb%2Bho8bYLaXBjA%3AmQ)%3CF!tAbjrzJ%3BgoVYGVxc%40lQQV%23tc3%2Fh%7C%3FVKV%3BW5.NO)Wx%7C*E%24%3D!L2ux%7Ci_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU8fvb%26%22B&qp=00000&is=hBBBBB7GsBpBBBPY2CEBsCybBqw776Kqi7gBooCvBOCiCOB6sCqGBgiBBs0fW0glMfcxnBBBkB0BBBBB6BsNBmB0Biw7pCr6yCBrO24xXmYyBBBBC2BBBBBjzmBktCP97GBBBGwRmmEBBBBBBBBBBBnBBW35CeBBBBBpx0OFiBBBT5392tavKc5KCdzzFs7nBBBBBBBBRcQyBBBBBBBBBBBBBBBBBTLF7HfC7Kn7OBBYkCBB0IofsfBBPCxB7UBBBtBbBBC0dL9TRhq8K55G96Lo0eIRTzBiqeuSBBBBBB&iv=7&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&po=1-0020002000002120&qr=0&vf=1&vg=100&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&om=0&fy=623&gp=90&gu=http%3A%2F%2Fkids-teeth.ml%2Fcghjss..htm&id=1&cm=0&f=0&j=&o=3&t=1556049690617&de=302497514760&cu=1556049690617&m=10584&ar=499cee0265-clean&cb=0&ll=2&lm=0&ln=0&dl=0&dm=1000&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=90&lb=1200&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&as=1&ag=10020&an=5370&gi=1&gf=10020&gg=5370&ix=10020&ic=10020&ez=1&ck=1129&kw=1025&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10020&bx=5370&ci=1129&jz=1025&dj=1&aa=1&ad=9798&cn=5148&gn=1&gk=9798&gl=5148&ik=9798&co=1116&cp=1228&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9918&cd=5266&ah=9918&am=5266&rf=0&re=0&wb=2&cl=0&at=0&d=Comcast%3AComcast%2FMKTG_2019_ROS_ALL_NATL%3ADIGI_GM_XHS_SLACQ_ENG_00HMC8ST146HOM189x00_GETNOW_NOOFF_HTML_X1%3Aundefined&bo=x32&bd=comcast.net%2FRubiconSIPassback%2FL29&gw=comcastapn56341864860&dfp=0%2C1&la=comcast.net%2FRubiconSIPassback&zMoatBO=x32&zMoatBD=comcast.net%2FRubiconSIPassback%2FL29&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=2%3A&tc=0&fs=163039&z_OAS_GEO_OVERRIDE_=US%3AUNKNOWN&zam=NONE&zqsg=D&zkw=noloopback_smr&na=1813991820&cs=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.210.250.213 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-210-250-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://kids-teeth.ml/cghjss..htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Apr 2019 20:01:41 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Tue, 23 Apr 2019 20:01:41 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Xfinity (Consumer)

73 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| f_ADTARGET_ZIP object| OAS_RN string| OAS_RNS string| OAS_url string| OAS_sitepage string| OAS_pos string| OAS_GEO_OVERRIDE object| OX_ads function| OX object| OX_swfobject object| googletag object| OX_cmds function| originalFunc function| OX_5858520160_onAdRequestError function| OX_5858520160 undefined| rp_account undefined| rp_site undefined| rp_zonesize undefined| rp_adtype string| rp_smartfile object| rp_account_config object| RubiconAdServing object| rp_requests number| rubicon_cb string| rubicon_rurl string| rubicon_ad string| rubicon_creative string| rubicon_tag_code function| qc_results string| quantSegs string| f_AM_CID boolean| f_ENABLE_ADTARGETING object| opts string| OAS_query object| OAS_rn string| OAS_rns string| OAS_type string| OAS_listpos undefined| GLOBAL_VAR undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| pxSrc undefined| px object| Moat#G26 object| MoatSuperV26 object| callbacks object| Moat#PML#26#1.2 boolean| Moat#EVA undefined| ad string| x32adtag string| adtag_x32 object| time function| ncLoadPlayer function| lmLoadPlayer object| data function| placeFooter function| $ function| focusLoginForm function| observe function| getPos function| getStyle function| getWindowSize undefined| s_code number| t number| customInviewPercentThreshold

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.rubiconproject.com
beacon-eu-ams3.rubiconproject.com
cdn.oas-c18.adnxs.com
comcast-d.openx.net
eu-u.openx.net
kids-teeth.ml
login.comcast.net
oasc09.247realmedia.com
oascentral.comcast.net
optimized-by.rubiconproject.com
pixel.quantserve.com
px.moatads.com
z.moatads.com
151.101.121.108
167.99.232.32
173.241.240.143
173.241.240.220
2.19.38.84
2001:558:fe21:2:69:252:205:24
204.13.194.235
204.13.194.239
213.19.162.21
213.19.162.67
23.210.250.213
91.228.74.250
0bafddf3df713e5da77564976be89466c26a2c83c1aec1917f93986599412b0f
0ed1ac6cea795a9d493c9cff9564dd3dbef0f1eb8b5af784cb0daf82f43a9e8e
11374bba93dff0546c2e4c02fff615960b841df52063572054f4ab3a82c4bf93
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
39ac01c5fbbc8a5770b3544790734f67b936696adb543d635330802815996051
502b5c0dc2bf1deb918d28a6d161b13a155db0f5984026e86c6b00eb40363e9f
6da252ef9df7c04a62e4cc558d8998d495d073781a9c8ead34253fe64866c6fe
7fe187b239a2c1d59ebb4d28a47eac796c20af4e898581f347776a02feab62f8
847ec2bbe06b316899e011a0abdd47e14a5620dd8fa83e59f02b7edb955ae54c
92be745b56338836887abfd37ba9b558a51affd46439a78ae006afd6ad30d4aa
97d0d3078515786566af41e6d5df6aba67a33c41a143fd1080f64152711e69e9
a64ae049c263cacbe24d5797dc19855eddf1a71ac700417437bec58ab1254803
aea1b1b66ea361a8235c838811585c1c052b69faccdc879bb50540b99e0d7316
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c47bb8af6317ddc64116b9fa30f3d2d46ea6b759789556c003a08fd57c0f6e8a
c805b0c7c8ec54cb56e9eaa14834dfe3bd260c001ae9e856f0715e7c8a1446a1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
f2cbb9c684c7244f1098767b9b4e12521777afee1fd2c93aae1e762f1a1ff85d