mail.sina.net Open in urlscan Pro
123.126.45.223 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://webmail.sina.net/classic/index.php
Effective URL:
https://mail.sina.net/login
Submission: On November 20 via manual (November 20th 2019, 2:07:36 pm UTC) from US

Summary HTTP 20 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 3 domains to perform 20 HTTP transactions. The main IP is 123.126.45.223, located in Beijing, China and belongs to CHINA169-BJ China Unicom Beijing Province Network, CN. The main domain is mail.sina.net.
TLS certificate: Issued by GeoTrust CN RSA CA G1 on September 11th 2019. Valid for: 2 years.

This is the only time mail.sina.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Sina (Online)

Domain & IP information

	IP Address	AS Autonomous System
1 5	123.126.45.223 123.126.45.223	4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network)
2	2.18.233.49 2.18.233.49	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
10	47.246.43.224 47.246.43.224	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
2	49.7.36.100 49.7.36.100	23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC)
1	49.7.40.174 49.7.40.174	23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC)
20	6

5 123.126.45.223 (Beijing, China) 1 redirects

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)

webmail.sina.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mail.sina.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.49 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-49.deploy.static.akamaitechnologies.com

n.sinaimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 47.246.43.224 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

www.sinaimg.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 49.7.36.100 (Beijing, China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)

sbeacon.sina.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 49.7.40.174 (Beijing, China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)

visitor.sina.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	sinaimg.cn n.sinaimg.cn www.sinaimg.cn	283 KB
5	sina.net 1 redirects webmail.sina.net mail.sina.net	6 KB
3	sina.com.cn sbeacon.sina.com.cn visitor.sina.com.cn	112 KB
20	3

	Domain	Requested by
10	www.sinaimg.cn	mail.sina.net www.sinaimg.cn
4	mail.sina.net	www.sinaimg.cn mail.sina.net
2	sbeacon.sina.com.cn	www.sinaimg.cn mail.sina.net
2	n.sinaimg.cn	mail.sina.net
1	visitor.sina.com.cn	www.sinaimg.cn
1	webmail.sina.net	1 redirects
20	6

This site contains links to these domains. Also see Links.

Domain
weibo.com

Subject Issuer	Validity	Valid
sina.com GeoTrust CN RSA CA G1	`2019-09-11` - `2021-12-10`	2 years	crt.sh
www.sina.com.cn DigiCert SHA2 Secure Server CA	`2019-10-23` - `2021-01-21`	a year	crt.sh
sina.cn GeoTrust RSA CA 2018	`2018-03-09` - `2020-03-08`	2 years	crt.sh
*.sina.com.cn GeoTrust CN RSA CA G1	`2019-09-11` - `2021-11-09`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://mail.sina.net/login
Frame ID: FF58DD877AF2418306F1416F93E535B3
Requests: 19 HTTP requests in this frame

Frame: https://sbeacon.sina.com.cn/ckctl.html
Frame ID: 8EF088C01FA8661463704822A1974EC9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://webmail.sina.net/classic/index.php HTTP 302
https://mail.sina.net/login Page URL

Page Statistics

20
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

6
IPs

3
Countries

401 kB
Transfer

1029 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://weibo.com/entmail
Title: 微博

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://webmail.sina.net/classic/index.php HTTP 302
https://mail.sina.net/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response mail.sina.net/ Redirect Chain https://webmail.sina.net/classic/index.php https://mail.sina.net/login	19 KB 4 KB	641ms 211ms	Document text/html	123.126.45.223 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 123.126.45.223 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS Software nginx/1.14.1 / Resource Hash `9c2384160beaecc4d781b2529ae430f73d6e4d8791294f95b1e16652512f6564` Request headers :method GET :authority mail.sina.net :scheme https :path /login pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 sec-fetch-user ?1 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 sec-fetch-site none sec-fetch-mode navigate accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Sec-Fetch-User ?1 Response headers status 200 server nginx/1.14.1 date Wed, 20 Nov 2019 14:07:14 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding expires Thu, 19 Nov 1981 08:52:00 GMT cache-control private, must-revalidate, max-age=0, proxy-revalidate, no-transform pragma no-cache content-encoding gzip x-via-ssl ssl.47.sinag1.bx.lb.sinanode.com Redirect headers status 302 server nginx/1.14.1 date Wed, 20 Nov 2019 14:07:14 GMT content-type text/html set-cookie PHPSESSID=deleted; expires=Tue, 20-Nov-2018 14:07:13 GMT; path=/; httponly SID=deleted; expires=Tue, 20-Nov-2018 14:07:13 GMT; path=/; domain=.sina.net PHPSESSID=deleted; expires=Tue, 20-Nov-2018 14:07:13 GMT; path=/; domain=.sina.net location //mail.sina.net/login cache-control private must-revalidate proxy-revalidate max-age=0 no-transform pragma no-cache x-via-ssl ssl.47.sinag1.bx.lb.sinanode.com
GET H/1.1	200 OK	login.css n.sinaimg.cn/mail/webface/entmail/css/141126/	10 KB 4 KB	36ms 18ms	Stylesheet text/css	2.18.233.49 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://n.sinaimg.cn/mail/webface/entmail/css/141126/login.css Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.49 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-49.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash `73e28ab023095c981ce704fd77c7eebffd944fd67326e6c60cf8a1ac83be7ab1` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Wed, 20 Nov 2019 14:07:14 GMT Content-Encoding gzip DPOOL_LB7_HEADER skuld91 X-RequestId 06c20cb0-1905-2015-3840-089e01225fe3 X-Swift-CacheTime 26394076 X-Via-Edge 1558338171741211f1bc33105f98c56b5a90c X-Via-SSL ssl.142.sinag1.yf.lb.sinanode.com N-S3-Address 172.16.114.210:9092 : 10.79.217.133:80 X-Requester GRPS000000ANONYMOUSE x-amz-meta-crc32 54917055 Access-Control-Allow-Methods GET, PUT, POST, DELETE, OPTIONS, HEAD Vary Accept-Encoding Content-Length 2805 X-Via-CDN f=Akamai,s=2.16.186.156,c=144.76.109.30;f=alicdn,s=cache8.de2,c=23.11.206.69;f=edge,s=ctc.qingdao.edssl.46.nb.sinaedge.com,c=195.27.31.33;f=edge,s=ctc.qingdao.ha2ts4.32.nb.sinaedge.com,c=140.249.5.46;f=Edge,s=ctc.qingdao.ha2ts4.21,c=140.249.5.32 X-Filesize 10496 N-Proxy-Cache-Status MISS Last-Modified Thu, 16 May 2019 19:27:22 GMT Server Tengine Cache-Control max-age=15615401 ETag "12fda37f3d3ba446d7a596eb71e0c226" Access-Control-Max-Age 31536000 Ali-Swift-Global-Savetime 1558338171 Content-Type text/css Access-Control-Allow-Origin * Connection keep-alive SERVED-FROM e:23.11.206.69 Timing-Allow-Origin * Access-Control-Allow-Headers Origin, Content-Type, Accept, Range, Content-Length Network_Info RO_BUCHAREST_8953, DE_FALKENSTEIN_24940, DE_FALKENSTEIN_24940 EagleId 2ff62b9c15723594862802630e X-Swift-SaveTime Thu, 18 Jul 2019 20:01:35 GMT
GET H2	200	weidunMaster20150511.css www.sinaimg.cn/rny/webface/mailSpacial/	5 KB 2 KB	40ms 23ms	Stylesheet text/css	47.246.43.224 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://www.sinaimg.cn/rny/webface/mailSpacial/weidunMaster20150511.css Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.224 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `03079d665d06d84cf92908b0c104607fac62b7d05f238f7d2de67a021ae4b24a` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Mon, 08 Jul 2019 08:09:46 GMT via https/1.1 cnc.yizhuang.ha2ts4.95 (ApacheTrafficServer/6.2.1 [cHs f ]), https/1.1 cmcc.beijing.ha2ts4.138 (ApacheTrafficServer/6.2.1 [cHs f ]), cache12.l2hk71[0,304-0,H], cache25.l2hk71[1,0], cache13.de2[0,200-0,H], cache8.de2[8,0] age 11685448 x-via-edge 15625733863082049f42fdec1b3dd27ec201d x-via-ssl ssl.43.sinag1.yz.lb.sinanode.com x-cache HIT TCP_HIT dirn:9:104067162 status 200 x-swift-cachetime 7693643 x-swift-savetime Mon, 07 Oct 2019 07:02:23 GMT content-encoding gzip content-length 1496 x-via-cdn f=alicdn,s=cache8.de2,c=144.76.109.30; last-modified Mon, 11 May 2015 02:01:57 GMT server Tengine etag W/"55500d95-15d0" vary Accept-Encoding ali-swift-global-savetime 1539082327 content-type text/css cache-control max-age=15552000 timing-allow-origin * eagleid 2ff62b9c15742588348967563e expires Mon, 16 Dec 2019 14:36:12 GMT
GET H2	200	jquery_1.9.1.min1013.js Show response www.sinaimg.cn/rny/webface/entmail/js/	90 KB 33 KB	35ms 18ms	Script application/x-javascript	47.246.43.224 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://www.sinaimg.cn/rny/webface/entmail/js/jquery_1.9.1.min1013.js Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.224 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `89acccdd96eaf7d22d8ebfe514fedf2076b2e72d4e9e260d61dcbe44e39f7079` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Fri, 05 Jul 2019 11:02:44 GMT via https/1.1 ctc.shanghai.ha2ts4.126 (ApacheTrafficServer/6.2.1 [cRs f ]), https/1.1 ctc.qingdao.ha2ts4.21 (ApacheTrafficServer/6.2.1 [cHs f ]), cache13.l2hk71[0,304-0,H], cache23.l2hk71[0,0], cache13.de2[0,200-0,H], cache8.de2[7,0] age 11934270 x-via-edge 15623245645252149f42f3105f98c050f6425 x-via-ssl ssl.46.sinag1.qz.lb.sinanode.com x-cache HIT TCP_HIT dirn:11:334689287 status 200 x-swift-cachetime 7444821 x-swift-savetime Mon, 07 Oct 2019 07:02:23 GMT content-encoding gzip content-length 32750 x-via-cdn f=alicdn,s=cache8.de2,c=144.76.109.30; last-modified Tue, 13 Oct 2015 10:31:26 GMT server Tengine etag W/"561cdd7e-169b2" vary Accept-Encoding ali-swift-global-savetime 1539170546 content-type application/x-javascript cache-control max-age=15552000 timing-allow-origin * eagleid 2ff62b9c15742588348967564e expires Mon, 30 Dec 2019 14:45:12 GMT
GET H2	200	plugins201810151.js Show response www.sinaimg.cn/rny/webface/entmail/js/133557/	119 KB 41 KB	30ms 13ms	Script application/x-javascript	47.246.43.224 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://www.sinaimg.cn/rny/webface/entmail/js/133557/plugins201810151.js Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.224 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `cb3493315f671f4271b0d2580024b2a5380c67c57af3a395bda1419c993850aa` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Mon, 08 Jul 2019 08:09:46 GMT via https/1.1 cnc.jinan.ha2ts4.52 (ApacheTrafficServer/6.2.1 [cRs f ]), https/1.1 cnc.qingdao.ha2ts4.104 (ApacheTrafficServer/6.2.1 [cHs f ]), cache16.l2hk71[0,304-0,H], cache3.l2hk71[1,0], cache6.de2[0,200-0,H], cache8.de2[3,0] age 11685448 x-via-edge 15625733868252449f42ffe10dd1b3c0d6b82 x-via-ssl ssl.46.sinag1.jsl.lb.sinanode.com x-cache HIT TCP_HIT dirn:10:114192051 status 200 x-swift-cachetime 7226928 x-swift-savetime Sat, 12 Oct 2019 16:40:58 GMT content-encoding gzip content-length 41569 x-via-cdn f=alicdn,s=cache8.de2,c=144.76.109.30; last-modified Mon, 15 Oct 2018 09:42:56 GMT server Tengine etag W/"5bc46120-1dcce" vary Accept-Encoding ali-swift-global-savetime 1539679964 content-type application/x-javascript cache-control max-age=15552000 timing-allow-origin * eagleid 2ff62b9c15742588348967566e expires Sat, 28 Dec 2019 13:42:00 GMT
GET H/1.1	200 OK	login.js Show response n.sinaimg.cn/mail/webface/entmail/js/141126/	14 KB 5 KB	35ms 18ms	Script application/x-javascript	2.18.233.49 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL https://n.sinaimg.cn/mail/webface/entmail/js/141126/login.js Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.233.49 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a2-18-233-49.deploy.static.akamaitechnologies.com Software Tengine / Resource Hash `a123d16f53b255e05ee11e6f8818edaeb54c500af4f7e205b2981341bb292c1b` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Wed, 20 Nov 2019 14:07:14 GMT Content-Encoding gzip DPOOL_LB7_HEADER skuld91 X-RequestId 07c6e6e1-1905-2015-3806-f80f41f29525 X-Swift-CacheTime 26393860 X-Via-Edge 1558337955558371f1bc33105f98c16dbda0c X-Via-SSL ssl.137.sinag1.yf.lb.sinanode.com N-S3-Address 172.16.114.210:9092 : 10.79.217.184:80 X-Requester GRPS000000ANONYMOUSE x-amz-meta-crc32 20DFB6D3 Access-Control-Allow-Methods GET, PUT, POST, DELETE, OPTIONS, HEAD Vary Accept-Encoding Content-Length 3739 X-Via-CDN f=Akamai,s=2.16.186.156,c=144.76.109.30;f=alicdn,s=cache2.de2,c=23.11.206.69;f=edge,s=ctc.qingdao.edssl.45.nb.sinaedge.com,c=195.27.31.55;f=edge,s=ctc.qingdao.ha2ts4.21.nb.sinaedge.com,c=140.249.5.45;f=Edge,s=ctc.qingdao.ha2ts4.26,c=140.249.5.21 X-Filesize 14456 N-Proxy-Cache-Status HIT Last-Modified Thu, 16 May 2019 19:27:22 GMT Server Tengine Cache-Control max-age=15615209 ETag "1d3d5e65c08a54bfbd110bf440547999" Access-Control-Max-Age 31536000 Ali-Swift-Global-Savetime 1558337955 Content-Type application/x-javascript Access-Control-Allow-Origin * Connection keep-alive SERVED-FROM e:2.16.186.166 Timing-Allow-Origin * Access-Control-Allow-Headers Origin, Content-Type, Accept, Range, Content-Length Network_Info DE_FALKENSTEIN_24940, DE_FALKENSTEIN_24940 EagleId 2ff62b9615723594863086650e X-Swift-SaveTime Thu, 18 Jul 2019 20:01:35 GMT
GET H2	200	phone.png www.sinaimg.cn/rny/webface/entmail/css/141126/img/	31 KB 32 KB	40ms 24ms	Image image/png	47.246.43.224 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sinaimg.cn/rny/webface/entmail/css/141126/img/phone.png Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.224 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `ea560ffebda3436c4f20fc4ee6a6ee9bb9e7df5901c9bd5b9b6c1306d6bf5e38` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Mon, 08 Jul 2019 08:09:47 GMT via https/1.1 ctc.guangzhou.ha2ts4.182 (ApacheTrafficServer/6.2.1 [cRs f ]), https/1.1 cnc.guangzhou.ha2ts4.60 (ApacheTrafficServer/6.2.1 [cHs f ]), cache23.l2hk71[0,304-0,H], cache9.l2hk71[0,0], cache3.de2[0,200-0,H], cache8.de2[18,0] age 11685447 x-via-edge 15625733874192b49f42fee065a705f3ab27c x-via-ssl ssl.23.sinag1.qxg.lb.sinanode.com x-cache HIT TCP_HIT dirn:10:61999639 status 200 x-swift-cachetime 7631745 x-swift-savetime Tue, 08 Oct 2019 00:14:02 GMT content-length 31732 x-via-cdn f=alicdn,s=cache8.de2,c=144.76.109.30; last-modified Thu, 21 Dec 2017 10:00:18 GMT server Tengine etag "5a3b8632-7bf4" ali-swift-global-savetime 1539275716 content-type image/png cache-control max-age=15552000 accept-ranges bytes timing-allow-origin * eagleid 2ff62b9c15742588348977570e expires Thu, 02 Jan 2020 18:59:16 GMT
GET H2	200	suda_s_v851c.js Show response www.sinaimg.cn/unipro/pub/	16 KB 17 KB	28ms 12ms	Script application/x-javascript	47.246.43.224 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://www.sinaimg.cn/unipro/pub/suda_s_v851c.js Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.224 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `f5f7e01baa87a4c6a7d9bf0d8e7610c8155b8cdfdc84062233178f675584666f` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Wed, 20 Nov 2019 14:05:03 GMT via https/1.1 cmcc.guangzhou.ha2ts4.58 (ApacheTrafficServer/6.2.1 [cRs f ]), cache8.l2ot7-1[0,304-0,H], cache36.l2ot7-1[0,0], cache2.de2[0,200-0,H], cache8.de2[2,0] x-swift-error orig response 5xx error age 131 x-via-edge 15742587037611c71fe2ff418e8b76f87e0e8 x-via-ssl ssl.22.sinag1.qxg.lb.sinanode.com x-cache HIT TCP_MEM_HIT dirn:9:235619913 status 200 x-swift-cachetime 291 x-swift-savetime Wed, 20 Nov 2019 14:05:12 GMT content-length 16712 x-via-cdn f=alicdn,s=cache8.de2,c=144.76.109.30; last-modified Wed, 18 Jan 2017 10:20:24 GMT server Tengine etag "587f4168-4148" vary Accept-Encoding ali-swift-global-savetime 1562039901 content-type application/x-javascript cache-control max-age=300 accept-ranges bytes timing-allow-origin * eagleid 2ff62b9c15742588348967569e expires Wed, 20 Nov 2019 14:09:21 GMT
GET H2	200	kefu.js Show response www.sinaimg.cn/rny/webface/help/201810153/	2 KB 1 KB	10ms 10ms	Script application/x-javascript	47.246.43.224 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Full URL https://www.sinaimg.cn/rny/webface/help/201810153/kefu.js Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.224 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `89f74c6a233f2e44aa9d2c6aac6c26ba383d1287ebbb8c7fa20370d3d7564d16` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Fri, 12 Jul 2019 07:47:08 GMT via https/1.1 cmcc.guangzhou.ha2ts4.82 (ApacheTrafficServer/6.2.1 [cHs f ]), cache1.l2sg52[0,200-0,H], cache12.l2sg52[1,0], cache5.de2[0,200-0,H], cache8.de2[0,0] age 11341206 x-via-edge 1562917628251958f75a1de18e8b7146a2b93 x-cache HIT TCP_HIT dirn:11:467480917 status 200 x-swift-cachetime 14511758 x-swift-savetime Wed, 24 Jul 2019 08:44:30 GMT content-encoding gzip content-length 1042 x-via-cdn f=alicdn,s=cache8.de2,c=144.76.109.30; last-modified Mon, 15 Oct 2018 07:18:07 GMT server Tengine etag W/"5bc43f2f-8f7" vary Accept-Encoding ali-swift-global-savetime 1547364185 content-type application/x-javascript cache-control max-age=15552000 timing-allow-origin * eagleid 2ff62b9c15742588349107589e expires Tue, 07 Jan 2020 14:35:58 GMT
GET H2	200	entLogoRetina.png www.sinaimg.cn/rny/webface/entmail/css/141126/img/	15 KB 15 KB	7ms 6ms	Image image/png	47.246.43.224 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sinaimg.cn/rny/webface/entmail/css/141126/img/entLogoRetina.png Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.224 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `aea76f4f6effb78e54b579de546b719c78dfa4926425efd7b53924dab6f92fbc` Request headers Referer https://n.sinaimg.cn/mail/webface/entmail/css/141126/login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Mon, 08 Jul 2019 08:37:13 GMT via https/1.1 ctc.shanghai.ha2ts4.126 (ApacheTrafficServer/6.2.1 [cHs f ]), https/1.1 ctc.ningbo.ha2ts4.82 (ApacheTrafficServer/6.2.1 [cHs f ]), cache1.l2hk71[0,304-0,H], cache16.l2hk71[0,0], cache11.de2[0,200-0,H], cache8.de2[1,0] age 11683801 x-via-edge 15625750335831549f42ff0beee73397dfb4f x-via-ssl ssl.46.sinag1.qz.lb.sinanode.com x-cache HIT TCP_HIT dirn:11:53410302 status 200 x-swift-cachetime 7951059 x-swift-savetime Fri, 04 Oct 2019 07:59:34 GMT content-length 14987 x-via-cdn f=alicdn,s=cache8.de2,c=144.76.109.30; last-modified Tue, 24 Nov 2015 07:35:08 GMT server Tengine etag "5654132c-3a8b" ali-swift-global-savetime 1538985777 content-type image/png cache-control max-age=15552000 accept-ranges bytes timing-allow-origin * eagleid 2ff62b9c15742588349407609e expires Tue, 31 Dec 2019 10:58:27 GMT
GET H2	200	loginBg.jpg www.sinaimg.cn/rny/webface/entmail/css/141126/img/	4 KB 5 KB	7ms 7ms	Image image/jpeg	47.246.43.224 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sinaimg.cn/rny/webface/entmail/css/141126/img/loginBg.jpg Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.224 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `e168432878f24a13962cfdbc975048199ecad77c15ba8c9f59e1c29d1bdf55bb` Request headers Referer https://n.sinaimg.cn/mail/webface/entmail/css/141126/login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Mon, 08 Jul 2019 08:09:51 GMT via https/1.1 ctc.guangzhou.ha2ts4.180 (ApacheTrafficServer/6.2.1 [cRs f ]), https/1.1 cmcc.guangzhou.ha2ts4.137 (ApacheTrafficServer/6.2.1 [cHs f ]), cache3.l2hk71[0,304-0,H], cache12.l2hk71[100,0], cache5.de2[0,200-0,H], cache8.de2[1,0] age 11685443 x-via-edge 15625733910441749f42fde18e8b7374589f6 x-via-ssl ssl.22.sinag1.qxg.lb.sinanode.com x-cache HIT TCP_HIT dirn:10:97613049 status 200 x-swift-cachetime 7711283 x-swift-savetime Mon, 07 Oct 2019 02:08:28 GMT content-length 4595 x-via-cdn f=alicdn,s=cache8.de2,c=144.76.109.30; last-modified Wed, 26 Nov 2014 06:42:03 GMT server Tengine etag "5475763b-11f3" ali-swift-global-savetime 1539135167 content-type image/jpeg cache-control max-age=15552000 accept-ranges bytes timing-allow-origin * eagleid 2ff62b9c15742588349417610e expires Fri, 03 Jan 2020 10:40:49 GMT
GET H2	200	themePicture.jpg www.sinaimg.cn/rny/webface/entmail/css/141126/img/	122 KB 122 KB	45ms 45ms	Image image/jpeg	47.246.43.224 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sinaimg.cn/rny/webface/entmail/css/141126/img/themePicture.jpg Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.224 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `7e21649f1e1ea0d4a21b6bcf7abfc90ffbd4c379b0e4bc3f95a97512619dce16` Request headers Referer https://n.sinaimg.cn/mail/webface/entmail/css/141126/login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Mon, 15 Jul 2019 08:52:49 GMT via https/1.1 cmcc.beijing.ha2ts4.138 (ApacheTrafficServer/6.2.1 [cHs f ]), cache27.l2hk71[0,304-0,H], cache2.l2hk71[1,0], cache1.de2[0,200-0,H], cache8.de2[39,0] age 11078065 x-via-edge 15631807694072f49f42fdec1b3dd257a5482 x-via-ssl ssl.46.sinag1.qz.lb.sinanode.com x-cache HIT TCP_HIT dirn:0:1588426462 status 200 x-swift-cachetime 7834310 x-swift-savetime Sat, 12 Oct 2019 16:40:59 GMT content-length 124627 x-via-cdn f=alicdn,s=cache8.de2,c=144.76.109.30; last-modified Wed, 26 Nov 2014 06:42:03 GMT server Tengine etag "5475763b-1e6d3" ali-swift-global-savetime 1539135167 content-type image/jpeg cache-control max-age=15552000 accept-ranges bytes timing-allow-origin * eagleid 2ff62b9c15742588349417611e expires Sat, 28 Dec 2019 06:09:22 GMT
GET H/1.1	200 OK	ckctl.html sbeacon.sina.com.cn/ Frame 8EF0	0 0	969ms 189ms	Document text/html	49.7.36.100 CHINANET-IDC-BJ-A...
General Check archive.org Show headers Download Go to Full URL https://sbeacon.sina.com.cn/ckctl.html Requested by Host: www.sinaimg.cn URL: https://www.sinaimg.cn/unipro/pub/suda_s_v851c.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 49.7.36.100 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN), Reverse DNS Software nginx/1.12.2 / Resource Hash Request headers Host sbeacon.sina.com.cn Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Sec-Fetch-Mode nested-navigate Referer https://mail.sina.net/login Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Referer https://mail.sina.net/login Response headers Server nginx/1.12.2 Date Wed, 20 Nov 2019 14:07:15 GMT Content-Type text/html Content-Length 0 Connection keep-alive P3P CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml" X-Via-SSL ssl.139.sinag1.yf.lb.sinanode.com
GET H/1.1	200 OK	a.gif sbeacon.sina.com.cn/	35 B 627 B	1159ms 189ms	Image image/gif	49.7.36.100 CHINANET-IDC-BJ-A...
General Check archive.org Show headers Download Go to Show image Full URL https://sbeacon.sina.com.cn/a.gif?V=2.1.16&CI=sz:1600x1200\|dp:24\|ac:Mozilla\|an:Netscape\|cpu:undefined\|pf:Linux%20x86_64\|jv:1.3\|ct:unkown\|lg:en-US\|tz:-1\|fv:undefined\|ja:0&PI=pid:0-9999-0-0-1\|st:0\|et:1\|ref:\|hp:unkown\|PGLS:\|ZT:\|MT:\|keys:\|dom:119\|ifr:0&UI=vid:undefined\|sid:2877191268578.367.1574258834938\|lv::1:1:1\|un:\|uo:\|ae:\|lu:\|si:\|rs:0\|dm:0\|su:&MT=vjuids:\|hashtag:&EX=ex1:\|ex2:&gUid_1574258834940 Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_256_GCM Server 49.7.36.100 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN), Reverse DNS Software nginx/1.12.2 / Resource Hash `8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Wed, 20 Nov 2019 14:07:16 GMT Last-Modified Wed, 03 Jul 2019 11:38:42 GMT Server nginx/1.12.2 X-Via-SSL ssl.139.sinag1.yf.lb.sinanode.com P3P CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml" Connection keep-alive Accept-Ranges bytes Content-Type image/gif Content-Length 35
GET H/1.1	200 OK	easemob.js Show response visitor.sina.com.cn/webim/	573 KB 112 KB	956ms 167ms	Script application/x-javascript	49.7.40.174 CHINANET-IDC-BJ-A...
General Check archive.org Show headers Download Go to Full URL https://visitor.sina.com.cn/webim/easemob.js Requested by Host: www.sinaimg.cn URL: https://www.sinaimg.cn/rny/webface/help/201810153/kefu.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 49.7.40.174 Beijing, China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN), Reverse DNS Software nginx / Resource Hash `491262fddf313b3eda002cd2460f88e6df22716615f4ece7f3649e37fc29f78b` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers Date Wed, 20 Nov 2019 14:07:16 GMT Content-Encoding gzip Last-Modified Fri, 17 May 2019 13:47:29 GMT Server nginx ETag W/"5cdebb71-8f3b3" Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=86400, public Transfer-Encoding chunked Connection keep-alive Expires Thu, 21 Nov 2019 14:07:16 GMT
GET H2	200	loginIco8.png www.sinaimg.cn/rny/webface/entmail/css/141126/img/	6 KB 6 KB	6ms 6ms	Image image/png	47.246.43.224 TAOBAO Zhejiang T...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sinaimg.cn/rny/webface/entmail/css/141126/img/loginIco8.png Requested by Host: www.sinaimg.cn URL: https://www.sinaimg.cn/rny/webface/entmail/js/jquery_1.9.1.min1013.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 47.246.43.224 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN), Reverse DNS Software Tengine / Resource Hash `619a7498d73cd07ba13ca19bb2f458c5226cd4fc16d2e7bcb79e6333524fddd4` Request headers Referer https://n.sinaimg.cn/mail/webface/entmail/css/141126/login.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers date Mon, 08 Jul 2019 08:09:53 GMT via https/1.1 ctc.shanghai.ha2ts4.126 (ApacheTrafficServer/6.2.1 [cRs f ]), https/1.1 ctc.qingdao.ha2ts4.22 (ApacheTrafficServer/6.2.1 [cRs f ]), cache8.l2hk71[0,304-0,H], cache17.l2hk71[0,0], cache2.de2[0,200-0,H], cache8.de2[0,0] age 11685441 x-via-edge 15625733929991c49f42f3105f98c5ceac785 x-via-ssl ssl.45.sinag1.qz.lb.sinanode.com x-cache HIT TCP_HIT dirn:10:268393846 status 200 x-swift-cachetime 5972280 x-swift-savetime Sun, 27 Oct 2019 05:11:53 GMT content-length 5975 x-via-cdn f=alicdn,s=cache8.de2,c=144.76.109.30; last-modified Wed, 26 Nov 2014 06:42:03 GMT server Tengine etag "5475763b-1757" ali-swift-global-savetime 1539082328 content-type image/png cache-control max-age=15552000 accept-ranges bytes timing-allow-origin * eagleid 2ff62b9c15742588349607630e expires Fri, 03 Jan 2020 15:27:10 GMT
GET H2	200	get_scan_code.php Show response mail.sina.net/qrauth/	112 B 363 B	215ms 214ms	XHR text/html	123.126.45.223 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL https://mail.sina.net/qrauth/get_scan_code.php Requested by Host: www.sinaimg.cn URL: https://www.sinaimg.cn/rny/webface/entmail/js/133557/plugins201810151.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 123.126.45.223 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS Software nginx/1.14.1 / Resource Hash `f2da0ad4be6e790134bdde2306eaf09d68253cb7e1853492ec79106a2f245798` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mail.sina.net/login X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers pragma no-cache date Wed, 20 Nov 2019 14:07:15 GMT content-encoding gzip server nginx/1.14.1 x-via-ssl ssl.47.sinag1.bx.lb.sinanode.com vary Accept-Encoding content-type text/html; charset=UTF-8 status 200 cache-control private, must-revalidate, max-age=0, proxy-revalidate, no-transform expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	check_scan_status.php Show response mail.sina.net/qrauth/	79 B 251 B	14236ms 14236ms	XHR text/html	123.126.45.223 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Full URL https://mail.sina.net/qrauth/check_scan_status.php Requested by Host: www.sinaimg.cn URL: https://www.sinaimg.cn/rny/webface/entmail/js/133557/plugins201810151.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 123.126.45.223 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS Software nginx/1.14.1 / Resource Hash `c54837c1c6632667bc6942464c6c2f98f733e09fc2a44572beca5394a11768ad` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://mail.sina.net/login Origin https://mail.sina.net X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Wed, 20 Nov 2019 14:07:29 GMT content-encoding gzip server nginx/1.14.1 x-via-ssl ssl.47.sinag1.bx.lb.sinanode.com vary Accept-Encoding content-type text/html; charset=utf-8 status 200 cache-control no-cache
GET H2	200	get_qr_image.php mail.sina.net/qrauth/	590 B 686 B	227ms 227ms	Image image/png	123.126.45.223 CHINA169-BJ China...
General Check archive.org Show headers Download Go to Show image Full URL https://mail.sina.net/qrauth/get_qr_image.php?code=40a29a12c7cad38f80bd50be5bc59f93 Requested by Host: mail.sina.net URL: https://mail.sina.net/login Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 123.126.45.223 Beijing, China, ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN), Reverse DNS Software nginx/1.14.1 / Resource Hash `dcfc4d743cd1edf71e9ae881f06b5c8b984e930dd476207f90d0dfba9b2e903d` Request headers Referer https://mail.sina.net/login User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.97 Safari/537.36 Response headers status 200 date Wed, 20 Nov 2019 14:07:15 GMT server nginx/1.14.1 x-via-ssl ssl.47.sinag1.bx.lb.sinanode.com content-type image/png
POST		check_scan_status.php mail.sina.net/qrauth/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mail.sina.net
URL: https://mail.sina.net/qrauth/check_scan_status.php

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Sina (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

mail.sina.net
n.sinaimg.cn
sbeacon.sina.com.cn
visitor.sina.com.cn
webmail.sina.net
www.sinaimg.cn
mail.sina.net
123.126.45.223
2.18.233.49
47.246.43.224
49.7.36.100
49.7.40.174
03079d665d06d84cf92908b0c104607fac62b7d05f238f7d2de67a021ae4b24a
491262fddf313b3eda002cd2460f88e6df22716615f4ece7f3649e37fc29f78b
619a7498d73cd07ba13ca19bb2f458c5226cd4fc16d2e7bcb79e6333524fddd4
73e28ab023095c981ce704fd77c7eebffd944fd67326e6c60cf8a1ac83be7ab1
7e21649f1e1ea0d4a21b6bcf7abfc90ffbd4c379b0e4bc3f95a97512619dce16
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89acccdd96eaf7d22d8ebfe514fedf2076b2e72d4e9e260d61dcbe44e39f7079
89f74c6a233f2e44aa9d2c6aac6c26ba383d1287ebbb8c7fa20370d3d7564d16
9c2384160beaecc4d781b2529ae430f73d6e4d8791294f95b1e16652512f6564
a123d16f53b255e05ee11e6f8818edaeb54c500af4f7e205b2981341bb292c1b
aea76f4f6effb78e54b579de546b719c78dfa4926425efd7b53924dab6f92fbc
c54837c1c6632667bc6942464c6c2f98f733e09fc2a44572beca5394a11768ad
cb3493315f671f4271b0d2580024b2a5380c67c57af3a395bda1419c993850aa
dcfc4d743cd1edf71e9ae881f06b5c8b984e930dd476207f90d0dfba9b2e903d
e168432878f24a13962cfdbc975048199ecad77c15ba8c9f59e1c29d1bdf55bb
ea560ffebda3436c4f20fc4ee6a6ee9bb9e7df5901c9bd5b9b6c1306d6bf5e38
f2da0ad4be6e790134bdde2306eaf09d68253cb7e1853492ec79106a2f245798
f5f7e01baa87a4c6a7d9bf0d8e7610c8155b8cdfdc84062233178f675584666f

mail.sina.net Open in urlscan Pro 123.126.45.223 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

20 Requests

95 %HTTPS

0 %IPv6

3 Domains

6 Subdomains

6 IPs

3 Countries

401 kBTransfer

1029 kBSize

0 Cookies

1 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

0 Cookies

Indicators

mail.sina.net Open in urlscan Pro
123.126.45.223 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

95 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

6
IPs

3
Countries

401 kB
Transfer

1029 kB
Size

0
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!