mail.sina.net
Open in
urlscan Pro
123.126.45.223
Malicious Activity!
Public Scan
Effective URL: https://mail.sina.net/login
Submission: On November 20 via manual from US
Summary
TLS certificate: Issued by GeoTrust CN RSA CA G1 on September 11th 2019. Valid for: 2 years.
This is the only time mail.sina.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sina (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 5 | 123.126.45.223 123.126.45.223 | 4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network) | |
2 | 2.18.233.49 2.18.233.49 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
10 | 47.246.43.224 47.246.43.224 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
2 | 49.7.36.100 49.7.36.100 | 23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC) | |
1 | 49.7.40.174 49.7.40.174 | 23724 (CHINANET-...) (CHINANET-IDC-BJ-AP IDC) | |
20 | 6 |
ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
webmail.sina.net | |
mail.sina.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-233-49.deploy.static.akamaitechnologies.com
n.sinaimg.cn |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
www.sinaimg.cn |
ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
sbeacon.sina.com.cn |
ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
visitor.sina.com.cn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
sinaimg.cn
n.sinaimg.cn www.sinaimg.cn |
283 KB |
5 |
sina.net
1 redirects
webmail.sina.net mail.sina.net |
6 KB |
3 |
sina.com.cn
sbeacon.sina.com.cn visitor.sina.com.cn |
112 KB |
20 | 3 |
Domain | Requested by | |
---|---|---|
10 | www.sinaimg.cn |
mail.sina.net
www.sinaimg.cn |
4 | mail.sina.net |
www.sinaimg.cn
mail.sina.net |
2 | sbeacon.sina.com.cn |
www.sinaimg.cn
mail.sina.net |
2 | n.sinaimg.cn |
mail.sina.net
|
1 | visitor.sina.com.cn |
www.sinaimg.cn
|
1 | webmail.sina.net | 1 redirects |
20 | 6 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sina.com GeoTrust CN RSA CA G1 |
2019-09-11 - 2021-12-10 |
2 years | crt.sh |
www.sina.com.cn DigiCert SHA2 Secure Server CA |
2019-10-23 - 2021-01-21 |
a year | crt.sh |
sina.cn GeoTrust RSA CA 2018 |
2018-03-09 - 2020-03-08 |
2 years | crt.sh |
*.sina.com.cn GeoTrust CN RSA CA G1 |
2019-09-11 - 2021-11-09 |
2 years | crt.sh |
This page contains 2 frames:
Primary Page:
https://mail.sina.net/login
Frame ID: FF58DD877AF2418306F1416F93E535B3
Requests: 19 HTTP requests in this frame
Frame:
https://sbeacon.sina.com.cn/ckctl.html
Frame ID: 8EF088C01FA8661463704822A1974EC9
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://webmail.sina.net/classic/index.php
HTTP 302
https://mail.sina.net/login Page URL
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: 微博
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://webmail.sina.net/classic/index.php
HTTP 302
https://mail.sina.net/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
mail.sina.net/ Redirect Chain
|
19 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.css
n.sinaimg.cn/mail/webface/entmail/css/141126/ |
10 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
weidunMaster20150511.css
www.sinaimg.cn/rny/webface/mailSpacial/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery_1.9.1.min1013.js
www.sinaimg.cn/rny/webface/entmail/js/ |
90 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins201810151.js
www.sinaimg.cn/rny/webface/entmail/js/133557/ |
119 KB 41 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login.js
n.sinaimg.cn/mail/webface/entmail/js/141126/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone.png
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
31 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suda_s_v851c.js
www.sinaimg.cn/unipro/pub/ |
16 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kefu.js
www.sinaimg.cn/rny/webface/help/201810153/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entLogoRetina.png
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginBg.jpg
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themePicture.jpg
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
122 KB 122 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ckctl.html
sbeacon.sina.com.cn/ Frame 8EF0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.gif
sbeacon.sina.com.cn/ |
35 B 627 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
easemob.js
visitor.sina.com.cn/webim/ |
573 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginIco8.png
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_scan_code.php
mail.sina.net/qrauth/ |
112 B 363 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
check_scan_status.php
mail.sina.net/qrauth/ |
79 B 251 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_qr_image.php
mail.sina.net/qrauth/ |
590 B 686 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
check_scan_status.php
mail.sina.net/qrauth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mail.sina.net
- URL
- https://mail.sina.net/qrauth/check_scan_status.php
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sina (Online)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate function| $ function| jQuery object| LAN_CONF object| SUDA object| GB_SUDA function| _S_pSt function| _S_acTrack function| _S_uaTrack string| _S_PID_ object| easemobim function| rsa_encrypt function| easemobIM function| easemobIMS0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
mail.sina.net
n.sinaimg.cn
sbeacon.sina.com.cn
visitor.sina.com.cn
webmail.sina.net
www.sinaimg.cn
mail.sina.net
123.126.45.223
2.18.233.49
47.246.43.224
49.7.36.100
49.7.40.174
03079d665d06d84cf92908b0c104607fac62b7d05f238f7d2de67a021ae4b24a
491262fddf313b3eda002cd2460f88e6df22716615f4ece7f3649e37fc29f78b
619a7498d73cd07ba13ca19bb2f458c5226cd4fc16d2e7bcb79e6333524fddd4
73e28ab023095c981ce704fd77c7eebffd944fd67326e6c60cf8a1ac83be7ab1
7e21649f1e1ea0d4a21b6bcf7abfc90ffbd4c379b0e4bc3f95a97512619dce16
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89acccdd96eaf7d22d8ebfe514fedf2076b2e72d4e9e260d61dcbe44e39f7079
89f74c6a233f2e44aa9d2c6aac6c26ba383d1287ebbb8c7fa20370d3d7564d16
9c2384160beaecc4d781b2529ae430f73d6e4d8791294f95b1e16652512f6564
a123d16f53b255e05ee11e6f8818edaeb54c500af4f7e205b2981341bb292c1b
aea76f4f6effb78e54b579de546b719c78dfa4926425efd7b53924dab6f92fbc
c54837c1c6632667bc6942464c6c2f98f733e09fc2a44572beca5394a11768ad
cb3493315f671f4271b0d2580024b2a5380c67c57af3a395bda1419c993850aa
dcfc4d743cd1edf71e9ae881f06b5c8b984e930dd476207f90d0dfba9b2e903d
e168432878f24a13962cfdbc975048199ecad77c15ba8c9f59e1c29d1bdf55bb
ea560ffebda3436c4f20fc4ee6a6ee9bb9e7df5901c9bd5b9b6c1306d6bf5e38
f2da0ad4be6e790134bdde2306eaf09d68253cb7e1853492ec79106a2f245798
f5f7e01baa87a4c6a7d9bf0d8e7610c8155b8cdfdc84062233178f675584666f