Domain > mail.sinopharm.com

More information on this domain is in AlienVault OTX

Files that talk to mail.sinopharm.com

MD5	A/V
462b7c4b2b5db7dbd9c6531eed3bcea1	[HW32.CDB.13b2] [Backdoor.Hlux.r3] [Kryptik.CCFN] [Backdoor.Win32.Hlux.djae] [Backdoor.Hlux!S3hIEdaLTpA] [Mal/Kelihos-A] [TrojWare.Win32.Kryptik.BLUU] [BackDoor.Slym.14044] [TR/Kryptik.oeons] [Trojan[Backdoor]/Win32.Hlux] [Backdoor:Win32/Kelihos.F] [Trojan/Win32.Tepfer] [W32/Trojan.HBIJ-4969] [Heur.Trojan.Hlux] [Trojan.Win32.Kryptik.BZDO] [Trojan.Crypt_s] [W32/Hlux.BWUN!tr.bdr] [Crypt_s.GGV]

Whois

Property	Value
Email	abuse@list.alibaba-inc.com
NameServer	DNS14.HICHINA.COM
Created	1998-04-15 00:00:00
Changed	2016-12-10 00:00:00
Expires	2018-04-14 00:00:00
Registrar	HICHINA ZHICHENG TEC

DNS Resolutions

Date	IP Address
2017-06-27	124.127.98.175 (ClassC)
2025-05-26	124.127.98.188 (ClassC)
2025-10-01	114.251.127.88 (ClassC)
2026-02-14	106.38.44.228 (ClassC)

HTTP/1.1 200 OKServer: nginxDate: Tue, 15 Oct 2019 11:56:21 GMTContent-Type: text/html;charsetUTF-8Transfer-Encoding: chunkedConnection: keep-aliveVary: Accept-EncodingPragma: No-cacheCache-Control: n

!DOCTYPE html>html>head iddHead>    title>/title> !-- 通过定制功能填充值 -->    base hrefhttps://mail.sinopharm.com/coremail/common/index_cmxt50.jsp />    meta charsetUTF-8>    meta http-equivX-UA-Compatible contentIEEdge,chrome1>        meta namerenderer contentwebkit|ie-stand>    link idfavor relshortcut icon/>    link relstylesheet hrefindex_cmxt50/css/normalize.css />    link relstylesheet hrefindex_cmxt50/css/iconfont/iconfont.css />    link relstylesheet hrefindex_cmxt50/css/custom.css />    link relstylesheet hrefindex_cmxt50/css/custom.cdn.css />    !--if lt IE 8>    link relstylesheet hrefindex_cmxt50/css/IE7-hack.css />    !endif-->/head>body>div classmain-bottom>/div>div classmain-middle>/div>div classmain>    div classcontent>/div>    div classaside-blur>/div>    div classaside-blur2 transparent>/div>    div classaside>/div>        div classseo-link>        a hrefhttp://www.coremail.cn/ target_blank>邮件系统/a>        a hrefhttp://www.coremail.cn/ target_blank>邮件服务器/a>        a hrefhttp://www.corpease.net/ target_blank>企业邮箱/a>        a hrefhttp://www.icoremail.cn/ target_blank>企业邮箱/a>    /div>/div>/body>script typetext/x-handlebar-template idcontentTpl>    div>                a href{{#if facade_custom.logo_link}}{{facade_custom.logo_link}}{{^}}http://www.sinopharm.com{{/if}} target_blank classlogo>            img src{{#isArrayNotNull facade_custom.logo}}{{getFirstElement facade_custom.logo orgId}}{{^}}index_cmxt50/img/logo.png{{/isArrayNotNull}} altCoremail 电子邮件系统>        /a>    /div>    {{#if facade_custom.slogan_text}}    div>        label classslogan>{{facade_custom.slogan_text}}/label>    /div>    {{/if}}    {{#unless facade_custom.background}}    div classversion>        i classsinopharm>img srcindex_cmxt50/img/mail.png>/i>    /div>    {{/unless}}    {{#isArrayNotNull detail_custom.telephone}}    div classhotline>        {{#each detail_custom.telephone}}        span>{{telephone_content}} : {{telephone_num}}/span>        {{/each}}    /div>    {{/i

Subdomains

Date	Domain	IP
mail.sinopharm.com	2017-06-27	124.127.98.175
www.sinopharm.com	2023-11-01	4.34.134.107

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > mail.sinopharm.com

Is this malicious?

Files that talk to mail.sinopharm.com

Whois

DNS Resolutions

Port 443

Subdomains