mail.sina.net
Open in
urlscan Pro
36.51.254.76
Malicious Activity!
Public Scan
Effective URL: https://mail.sina.net/login
Submission: On April 13 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GeoTrust CN RSA CA G1 on November 29th 2023. Valid for: a year.
This is the only time mail.sina.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Sina (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 6 | 36.51.254.76 36.51.254.76 | 37936 (SINA 15F) (SINA 15F) | |
11 | 2404:2280:19c... 2404:2280:19c:0:3::7f7 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
2 | 36.51.254.102 36.51.254.102 | 37936 (SINA 15F) (SINA 15F) | |
1 | 123.126.55.72 123.126.55.72 | 4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network) | |
20 | 5 |
ASN37936 (SINA 15F,Ideal Plaza No.58 Bei Si Huan Xi Road, CN)
entadmin.sina.net | |
mail.sina.net |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
n.sinaimg.cn | |
www.sinaimg.cn |
ASN37936 (SINA 15F,Ideal Plaza No.58 Bei Si Huan Xi Road, CN)
sbeacon.sina.com.cn |
ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)
roundrobin.sinakfim.erp.sina.com.cn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
sinaimg.cn
n.sinaimg.cn — Cisco Umbrella Rank: 51675 www.sinaimg.cn — Cisco Umbrella Rank: 163231 |
307 KB |
6 |
sina.net
1 redirects
entadmin.sina.net mail.sina.net |
12 KB |
3 |
sina.com.cn
sbeacon.sina.com.cn — Cisco Umbrella Rank: 128401 roundrobin.sinakfim.erp.sina.com.cn |
2 KB |
20 | 3 |
Domain | Requested by | |
---|---|---|
9 | www.sinaimg.cn |
mail.sina.net
n.sinaimg.cn |
5 | mail.sina.net |
mail.sina.net
www.sinaimg.cn |
2 | sbeacon.sina.com.cn |
www.sinaimg.cn
mail.sina.net |
2 | n.sinaimg.cn |
mail.sina.net
|
1 | roundrobin.sinakfim.erp.sina.com.cn |
mail.sina.net
|
1 | entadmin.sina.net | 1 redirects |
20 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
weibo.com |
beian.miit.gov.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sina.com GeoTrust CN RSA CA G1 |
2023-11-29 - 2024-12-29 |
a year | crt.sh |
*.weibo.cn GeoTrust CN RSA CA G1 |
2023-12-06 - 2025-01-03 |
a year | crt.sh |
*.sina.com.cn GeoTrust CN RSA CA G1 |
2023-09-14 - 2024-09-30 |
a year | crt.sh |
*.sinakfim.erp.sina.com.cn GeoTrust CN RSA CA G1 |
2023-05-29 - 2024-06-28 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://mail.sina.net/login
Frame ID: 0C581BB19AB83F8FB7ABFBE72AEA3819
Requests: 19 HTTP requests in this frame
Frame:
https://sbeacon.sina.com.cn/ckctl.html
Frame ID: 920D1C670FAA4E58FA7BE9D7A5A9A45D
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
企业邮箱-新浪企业邮箱登录页Page URL History Show full URLs
-
https://entadmin.sina.net/
HTTP 302
http://mail.sina.net/login HTTP 307
https://mail.sina.net/login Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: 微博
Search URL Search Domain Scan URL
Title: 京ICP证000007-55
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://entadmin.sina.net/
HTTP 302
http://mail.sina.net/login HTTP 307
https://mail.sina.net/login Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
mail.sina.net/ Redirect Chain
|
19 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.css
n.sinaimg.cn/mail/webface/entmail/css/141126/ |
10 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
weidunMaster20150511.css
www.sinaimg.cn/rny/webface/mailSpacial/ |
5 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery_1.9.1.min1013.js
www.sinaimg.cn/rny/webface/entmail/js/ |
90 KB 38 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
plugins201810151.js
www.sinaimg.cn/rny/webface/entmail/js/133557/ |
119 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
n.sinaimg.cn/mail/webface/entmail/js/140626/ |
18 KB 19 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone.png
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
31 KB 32 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
suda_s_v851c.js
www.sinaimg.cn/unipro/pub/ |
16 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kefu.js
mail.sina.net/static/js/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ckctl.html
sbeacon.sina.com.cn/ Frame 920D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a.gif
sbeacon.sina.com.cn/ |
35 B 446 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webim.js
roundrobin.sinakfim.erp.sina.com.cn/sina/webim/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entLogoRetina.png
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
15 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginBg.jpg
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
themePicture.jpg
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
122 KB 123 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loginIco8.png
www.sinaimg.cn/rny/webface/entmail/css/141126/img/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_scan_code.php
mail.sina.net/qrauth/ |
112 B 367 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
POST |
check_scan_status.php
mail.sina.net/qrauth/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_qr_image.php
mail.sina.net/qrauth/ |
593 B 694 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
mail.sina.net/ |
5 KB 5 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- mail.sina.net
- URL
- https://mail.sina.net/qrauth/check_scan_status.php
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Sina (Online)12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| $ function| jQuery object| LAN_CONF object| SUDA object| GB_SUDA function| _S_pSt function| _S_acTrack function| _S_uaTrack string| _S_PID_ function| rsa_encrypt object| SINAIM0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
entadmin.sina.net
mail.sina.net
n.sinaimg.cn
roundrobin.sinakfim.erp.sina.com.cn
sbeacon.sina.com.cn
www.sinaimg.cn
mail.sina.net
123.126.55.72
2404:2280:19c:0:3::7f7
36.51.254.102
36.51.254.76
03079d665d06d84cf92908b0c104607fac62b7d05f238f7d2de67a021ae4b24a
3a8fde8def234eace19da17ed7bbf3cfe9073d6a2ed33da9dc96599ae1e86d71
619a7498d73cd07ba13ca19bb2f458c5226cd4fc16d2e7bcb79e6333524fddd4
6c990e7e9ef61937a30ff8c0ef76f4be420bb017a0dc9d4fd82c56e36e4c74fa
73e28ab023095c981ce704fd77c7eebffd944fd67326e6c60cf8a1ac83be7ab1
7e21649f1e1ea0d4a21b6bcf7abfc90ffbd4c379b0e4bc3f95a97512619dce16
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89acccdd96eaf7d22d8ebfe514fedf2076b2e72d4e9e260d61dcbe44e39f7079
aea76f4f6effb78e54b579de546b719c78dfa4926425efd7b53924dab6f92fbc
bb636b3efb6747b2e8664c5bb44d7569718ff4fc0724fb76d6e10d28f4abc7e6
cb3493315f671f4271b0d2580024b2a5380c67c57af3a395bda1419c993850aa
cb9b2665ecd6199e4af65ea380600caa2fd25f40a7624df12bc6d15b113cac90
db32e139e024238fe613b839178704ca1aa8eef8bf8b388ea833b93f2e952f3c
db39034db39398bf56b93bfc5cb0fd232d0f686da12bcce5c108d5fbbaeb4cc4
e168432878f24a13962cfdbc975048199ecad77c15ba8c9f59e1c29d1bdf55bb
ea560ffebda3436c4f20fc4ee6a6ee9bb9e7df5901c9bd5b9b6c1306d6bf5e38
f50c732187e84a9b00a00ab0f960993ebaae12bf565ff3c078bc82ae83518243
f5f7e01baa87a4c6a7d9bf0d8e7610c8155b8cdfdc84062233178f675584666f