![](/screenshots/d8a76600-c240-444c-a48e-81369384445b.png)
mail.sina.net
Open in
urlscan Pro
36.51.254.76
Malicious Activity!
Public Scan
Effective URL: https://mail.sina.net/login
Submission: On January 16 via api from IE — Scanned from DE
Summary
TLS certificate: Issued by GeoTrust CN RSA CA G1 on November 29th 2023. Valid for: a year.
This is the only time mail.sina.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sina (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 36.51.254.76 36.51.254.76 | 37936 (SINA 15F) (SINA 15F) | |
11 | 2404:2280:12e... 2404:2280:12e:0:3::3c3 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
2 | 36.51.254.102 36.51.254.102 | 37936 (SINA 15F) (SINA 15F) | |
1 | 123.126.55.72 123.126.55.72 | 4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network) | |
19 | 5 |
ASN37936 (SINA 15F,Ideal Plaza No.58 Bei Si Huan Xi Road, CN)
webmail.sina.net | |
mail.sina.net |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
n.sinaimg.cn | |
www.sinaimg.cn |
ASN37936 (SINA 15F,Ideal Plaza No.58 Bei Si Huan Xi Road, CN)
sbeacon.sina.com.cn |
ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
roundrobin.sinakfim.erp.sina.com.cn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
sinaimg.cn
n.sinaimg.cn — Cisco Umbrella Rank: 59842 www.sinaimg.cn — Cisco Umbrella Rank: 183859 |
307 KB |
5 |
sina.net
1 redirects
webmail.sina.net mail.sina.net |
7 KB |
3 |
sina.com.cn
sbeacon.sina.com.cn — Cisco Umbrella Rank: 136786 roundrobin.sinakfim.erp.sina.com.cn |
2 KB |
19 | 3 |
Domain | Requested by | |
---|---|---|
9 | www.sinaimg.cn |
mail.sina.net
n.sinaimg.cn |
4 | mail.sina.net |
mail.sina.net
www.sinaimg.cn |
2 | sbeacon.sina.com.cn |
www.sinaimg.cn
mail.sina.net |
2 | n.sinaimg.cn |
mail.sina.net
|
1 | roundrobin.sinakfim.erp.sina.com.cn |
mail.sina.net
|
1 | webmail.sina.net | 1 redirects |
19 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
weibo.com |
beian.miit.gov.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sina.com GeoTrust CN RSA CA G1 |
2023-11-29 - 2024-12-29 |
a year | crt.sh |
*.weibo.cn GeoTrust CN RSA CA G1 |
2023-12-06 - 2025-01-03 |
a year | crt.sh |
*.sina.com.cn GeoTrust CN RSA CA G1 |
2023-09-14 - 2024-09-30 |
a year | crt.sh |
*.sinakfim.erp.sina.com.cn GeoTrust CN RSA CA G1 |
2023-05-29 - 2024-06-28 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://mail.sina.net/login
Frame ID: 4CCA95D17AAD3D2CA0323D5BD9525E31
Requests: 18 HTTP requests in this frame
Frame:
https://sbeacon.sina.com.cn/ckctl.html
Frame ID: F17CDE8490C4AD0766C574E8E956C7FE
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/d8a76600-c240-444c-a48e-81369384445b.png)
Page Title
企业邮箱-新浪企业邮箱登录页Page URL History Show full URLs
-
https://webmail.sina.net/classic/index.php
HTTP 302
https://mail.sina.net/login Page URL
Detected technologies
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: 微博
Search URL Search Domain Scan URL
Title: 京ICP证000007-55
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://webmail.sina.net/classic/index.php
HTTP 302
https://mail.sina.net/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
mail.sina.net/ Redirect Chain
|
19 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
n.sinaimg.cn/mail/webface/entmail/css/141126/ |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
weidunMaster20150511.css
www.sinaimg.cn/rny/webface/mailSpacial/ |
5 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery_1.9.1.min1013.js
www.sinaimg.cn/rny/webface/entmail/js/ |
90 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins201810151.js
www.sinaimg.cn/rny/webface/entmail/js/133557/ |
119 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
n.sinaimg.cn/mail/webface/entmail/js/140626/ |
18 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone.png
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
31 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suda_s_v851c.js
www.sinaimg.cn/unipro/pub/ |
16 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kefu.js
mail.sina.net/static/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entLogoRetina.png
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginBg.jpg
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themePicture.jpg
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
122 KB 123 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ckctl.html
sbeacon.sina.com.cn/ Frame F17C |
0 190 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a.gif
sbeacon.sina.com.cn/ |
35 B 445 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginIco8.png
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webim.js
roundrobin.sinakfim.erp.sina.com.cn/sina/webim/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_scan_code.php
mail.sina.net/qrauth/ |
112 B 368 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
check_scan_status.php
mail.sina.net/qrauth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_qr_image.php
mail.sina.net/qrauth/ |
592 B 693 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mail.sina.net
- URL
- https://mail.sina.net/qrauth/check_scan_status.php
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sina (Online)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery object| LAN_CONF object| SUDA object| GB_SUDA function| _S_pSt function| _S_acTrack function| _S_uaTrack string| _S_PID_ function| rsa_encrypt object| SINAIM0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mail.sina.net
n.sinaimg.cn
roundrobin.sinakfim.erp.sina.com.cn
sbeacon.sina.com.cn
webmail.sina.net
www.sinaimg.cn
mail.sina.net
123.126.55.72
2404:2280:12e:0:3::3c3
36.51.254.102
36.51.254.76
03079d665d06d84cf92908b0c104607fac62b7d05f238f7d2de67a021ae4b24a
3a8fde8def234eace19da17ed7bbf3cfe9073d6a2ed33da9dc96599ae1e86d71
619a7498d73cd07ba13ca19bb2f458c5226cd4fc16d2e7bcb79e6333524fddd4
73e28ab023095c981ce704fd77c7eebffd944fd67326e6c60cf8a1ac83be7ab1
78169d3742e1c12bc5882b5a50820413d0e4241e56364d23f6ae40495a4756ef
7e21649f1e1ea0d4a21b6bcf7abfc90ffbd4c379b0e4bc3f95a97512619dce16
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89acccdd96eaf7d22d8ebfe514fedf2076b2e72d4e9e260d61dcbe44e39f7079
ab857bed21a6315c4ae50d9a5c062daf88552d5d933efb6badbbfc84dc1220c9
aea76f4f6effb78e54b579de546b719c78dfa4926425efd7b53924dab6f92fbc
bb636b3efb6747b2e8664c5bb44d7569718ff4fc0724fb76d6e10d28f4abc7e6
cb3493315f671f4271b0d2580024b2a5380c67c57af3a395bda1419c993850aa
cb9b2665ecd6199e4af65ea380600caa2fd25f40a7624df12bc6d15b113cac90
db32e139e024238fe613b839178704ca1aa8eef8bf8b388ea833b93f2e952f3c
e168432878f24a13962cfdbc975048199ecad77c15ba8c9f59e1c29d1bdf55bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea560ffebda3436c4f20fc4ee6a6ee9bb9e7df5901c9bd5b9b6c1306d6bf5e38
f5f7e01baa87a4c6a7d9bf0d8e7610c8155b8cdfdc84062233178f675584666f