![](/screenshots/2a296344-8ad7-4d5c-ab95-f541a6afc6a4.png)
hq.sinohosting.net
Open in
urlscan Pro
114.80.200.170
Malicious Activity!
Public Scan
Submission: On May 08 via automatic, source openphish
Summary
This is the only time hq.sinohosting.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Xfinity (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
17 | 114.80.200.170 114.80.200.170 | 4812 (CHINANET-...) (CHINANET-SH-AP China Telecom (Group)) | |
1 | 23.74.194.19 23.74.194.19 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
3 | 66.117.29.4 66.117.29.4 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 54.225.69.90 54.225.69.90 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
1 | 66.235.139.205 66.235.139.205 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 2a02:26f0:64:... 2a02:26f0:64:183::2af2 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2001:558:fe21... 2001:558:fe21:2:69:252:205:24 | 7922 (COMCAST-7922) (COMCAST-7922 - Comcast Cable Communications) | |
25 | 7 |
ASN4812 (CHINANET-SH-AP China Telecom (Group), CN)
PTR: hq.sinohosting.net
hq.sinohosting.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-74-194-19.deploy.static.akamaitechnologies.com
cdn.tt.omtrdc.net |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
comcastresidentialservices.tt.omtrdc.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-225-69-90.compute-1.amazonaws.com
privacy.truste.com |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.112.2o7.net
serviceo.comcast.net |
ASN7922 (COMCAST-7922 - Comcast Cable Communications, LLC, US)
login.comcast.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
sinohosting.net
hq.sinohosting.net |
337 KB |
4 |
omtrdc.net
cdn.tt.omtrdc.net comcastresidentialservices.tt.omtrdc.net |
18 KB |
2 |
comcast.net
serviceo.comcast.net login.comcast.net |
1 KB |
1 |
xfinity.com
xapi.xfinity.com |
|
1 |
truste.com
privacy.truste.com |
3 KB |
25 | 5 |
Domain | Requested by | |
---|---|---|
17 | hq.sinohosting.net |
hq.sinohosting.net
|
3 | comcastresidentialservices.tt.omtrdc.net |
hq.sinohosting.net
|
1 | login.comcast.net | |
1 | xapi.xfinity.com |
comcastresidentialservices.tt.omtrdc.net
|
1 | serviceo.comcast.net |
hq.sinohosting.net
|
1 | privacy.truste.com |
hq.sinohosting.net
|
1 | cdn.tt.omtrdc.net |
hq.sinohosting.net
|
25 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
login.comcast.net COMODO RSA Organization Validation Secure Server CA |
2016-12-16 - 2018-12-16 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
http://hq.sinohosting.net/~zetainst/en/auth/home/
Frame ID: 14394.1
Requests: 25 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request 21- http://serviceo.comcast.net/b/ss/comcastnetdev/1/H.20.2/s27281863428225?AQB=1&ndh=1&t=8/4/2017%200%3A57%3A22%201%200&ce=ISO-8859-1&ns=comcast&pageName=sign%20in&g=http%3A//hq.sinohosting.net/%7Ezet...
- http://serviceo.comcast.net/b/ss/comcastnetdev/1/H.20.2/s27281863428225?AQB=1&pccr=true&vidn=2C87E13985032A8F-600011874003002B&&ndh=1&t=8/4/2017%200%3A57%3A22%201%200&ce=ISO-8859-1&ns=comcast&pageN...
25 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
hq.sinohosting.net/~zetainst/en/auth/home/ Redirect Chain
|
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.min.css
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
20 KB 20 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Mbox.js
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
37 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
target.js
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
44 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
5 KB 5 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
standard
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
714 B 714 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
standard(1)
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
724 B 724 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
598b4917a434005b0ffc357c4320926e.png
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
42 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
asc
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
17 B 17 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
seal
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
3 KB 3 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-1.7.min.js
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
92 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.tools-1.2.6.min.js
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
45 KB 45 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
omniture.js
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
22 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax(1)
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
5 KB 5 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajax(2)
hq.sinohosting.net/~zetainst/en/auth/home/index_files/ |
5 KB 5 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
target.js
cdn.tt.omtrdc.net/cdn/ |
42 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() comcastresidentialservices.tt.omtrdc.net/m2/comcastresidentialservices/mbox/ |
10 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
standard
comcastresidentialservices.tt.omtrdc.net/m2/comcastresidentialservices/mbox/ |
559 B 559 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
standard
comcastresidentialservices.tt.omtrdc.net/m2/comcastresidentialservices/mbox/ |
569 B 569 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.png
hq.sinohosting.net/~zetainst/en/auth/home/images/sprites/ |
329 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
xfinity-logo.png
hq.sinohosting.net/static/images/global/ |
354 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() privacy.truste.com/ctv/images/newvp/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() serviceo.comcast.net/b/ss/comcastnetdev/1/H.20.2/ Redirect Chain
|
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
![]() xapi.xfinity.com/personalization/ |
62 B 0 |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
login.comcast.net/static/images/global/ |
1 KB 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Xfinity (Consumer)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.sinohosting.net/ | Name: mbox Value: session#1494205041789-914121#1494206902|PC#1494205041789-914121.26_18#1495414642 |
|
.sinohosting.net/ | Name: s_cc Value: true |
|
.sinohosting.net/ | Name: s_sq Value: %5B%5BB%5D%5D |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.tt.omtrdc.net
comcastresidentialservices.tt.omtrdc.net
hq.sinohosting.net
login.comcast.net
privacy.truste.com
serviceo.comcast.net
xapi.xfinity.com
114.80.200.170
2001:558:fe21:2:69:252:205:24
23.74.194.19
2a02:26f0:64:183::2af2
54.225.69.90
66.117.29.4
66.235.139.205
00ba8b3d7a8ef26dddc51f64b4f722fae14e57f22b003a748299ecc32ea70664
208956c947427af960bbeb9eff62e60da314e7e9182ace5e77529558d90c4bd3
25390138dbfbc74079873b067ee04a6ceda6cca00040616971f224e781159a6d
358b5106f8cf156185fb3f2d4b4cb87750abca42ba7b57fb854092561fc918cf
6ab85bc152133401e0ad5ca069990f4a76413499820d4ba95a0dadb063bcc8b8
7945d195d71a3c2da3d70f0f74b4089f0b2d4aac1578fba10655b6f275e8ffb6
83ffcd1b96061531c734293005a1b55e40954ae71846b6c896a5ce76eb4491c3
a0307845ad0d4579ae6e7283a02b81403767295ab37cc0b144ac9d60772ebf97
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a63ef1ee03d5e2e84c9751256ebad3b4b90ab195bc887aa730d96a9814edb5bc
a90f02a9856bdf24568f35cf996e0cb5d6831a77958b628854162e81edaa4911
af2d3351d5bb6b63e81eb19140f27324fd7b0ba94dc7c39b6154461243e4986e
be773aff5ca2a4d2ff820d95c021537542eb7e420af39c92bd5d42445e4140e5
be90c3539f67eab719c6a773f9995f28b647476f0b967559dbe51f354889721b
c2e82683b8ff6e6095886a1fd61535719af8975bc5c78a2820ef9555ab609022
c8d8f7e977b9ee0b5fd46b399d51d4d8669a1496f5fcfe2126aa078a42fe8c03
de3e04a19cb1d0069172ed27b8429d903097fb50c6f552e783b8881069134910
f259fc90675e23cb1c07fa3737f5f56448b0d0571a3a1c143925d2315d55a8f2
f76d476752259cdab42d5d549fa2b1d32f068242e22eff3a57f0d58ec5cdd0cc
f7c1e2f73689c0da48a979035a406285627a92266f457e9cc9de632d2266eff0
ff4e4975ef403004f8fe8e59008db7ad47f54b10d84c72eb90e728d1ec9157ce