urlscan.io logo urlscan.io
SecurityTrails logo

h2.b193819306.workers.dev Open in urlscan Pro
172.67.157.240  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://h2.b193819306.workers.dev/
Effective URL: https://h2.b193819306.workers.dev/
Submission: On July 18 via automatic, source openphish — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 3 domains to perform 34 HTTP transactions. The main IP is 172.67.157.240, located in United States and belongs to CLOUDFLARENET, US. The main domain is h2.b193819306.workers.dev.
TLS certificate: Issued by WE1 on July 15th 2024. Valid for: 3 months.
This is the only time h2.b193819306.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 172.67.157.240 13335 (CLOUDFLAR...)
1 128.1.157.232 21859 (ZEN-ECN)
15 103.129.252.89 137263 (NETEASE-A...)
6 103.129.252.87 137263 (NETEASE-A...)
2 103.126.92.196 137263 (NETEASE-A...)
2 111.124.203.34 139203 (CHINANET-...)
1 240e:938:a07:... 139203 (CHINANET-...)
3 128.1.157.228 21859 (ZEN-ECN)
34 9
3    172.67.157.240 (United States)

ASN13335 (CLOUDFLARENET, US)
h2.b193819306.workers.dev
1    128.1.157.232 (United States)

ASN21859 (ZEN-ECN, US)
urswebzj.nosdn.127.net
15    103.129.252.89 (Hong Kong)

ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK)
mimg.127.net
6    103.129.252.87 (Hong Kong)

ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK)
mail.163.com
2    103.126.92.196 (Hong Kong)

ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK)
dl.reg.163.com
2    111.124.203.34 (China)

ASN139203 (CHINANET-GUIZHOU-GUIAN-IDC Guizhou GuiAn IDC, CN)
utility.mail.163.com
b.mail.163.com
1    240e:938:a07:6:0:14:203:33 (China)

ASN139203 (CHINANET-GUIZHOU-GUIAN-IDC Guizhou GuiAn IDC, CN)
countly.mail.163.com
3    128.1.157.228 (United States)

ASN21859 (ZEN-ECN, US)
onegoods.nosdn.127.net
mail-activity.nosdn.127.net
Apex Domain
Subdomains		 Transfer
19 127.net
urswebzj.nosdn.127.net — Cisco Umbrella Rank: 132273
mimg.127.net — Cisco Umbrella Rank: 127352
onegoods.nosdn.127.net — Cisco Umbrella Rank: 223087
mail-activity.nosdn.127.net — Cisco Umbrella Rank: 381710
517 KB
11 163.com
mail.163.com — Cisco Umbrella Rank: 37753
dl.reg.163.com — Cisco Umbrella Rank: 154719
utility.mail.163.com — Cisco Umbrella Rank: 310224
countly.mail.163.com — Cisco Umbrella Rank: 53872
b.mail.163.com — Cisco Umbrella Rank: 290165
5 KB
3 workers.dev
h2.b193819306.workers.dev
7 KB
34 3
Domain Requested by
15 mimg.127.net h2.b193819306.workers.dev
mimg.127.net
6 mail.163.com mimg.127.net
3 h2.b193819306.workers.dev mimg.127.net
2 mail-activity.nosdn.127.net h2.b193819306.workers.dev
2 dl.reg.163.com urswebzj.nosdn.127.net
1 b.mail.163.com h2.b193819306.workers.dev
1 onegoods.nosdn.127.net h2.b193819306.workers.dev
1 countly.mail.163.com mimg.127.net
1 utility.mail.163.com mimg.127.net
1 urswebzj.nosdn.127.net h2.b193819306.workers.dev
34 10
Subject Issuer Validity Valid
b193819306.workers.dev
WE1		 2024-07-15 -
2024-10-13		 3 months crt.sh
*.nosdn.127.net
GeoTrust RSA CN CA G2		 2024-05-30 -
2025-06-29		 a year crt.sh
mimg.127.net
GeoTrust RSA CN CA G2		 2023-08-29 -
2024-09-14		 a year crt.sh
*.163.com
GeoTrust RSA CN CA G2		 2024-03-28 -
2025-04-27		 a year crt.sh
*.reg.163.com
GeoTrust RSA CN CA G2		 2023-11-21 -
2024-12-21		 a year crt.sh
*.mail.163.com
GeoTrust RSA CN CA G2		 2023-08-29 -
2024-09-21		 a year crt.sh

This page contains 3 frames:

Primary Page: https://h2.b193819306.workers.dev/
Frame ID: 128724EE84FF117CA919FCB02ED46AFC
Requests: 37 HTTP requests in this frame

Frame: https://dl.reg.163.com/webzj/v1.0.1/pub/index_dl2_new.html?cd=%2F%2Fmimg.127.net%2Fp%2Ffreemail%2Findex%2Funified%2Fstatic%2F2024%2F%2Fcss%2F&cf=urs.163.918051fb.css&MGID=1721310008436.346&wdaId=&pkid=CvViHzl&product=mail163
Frame ID: 4D715E3304C59549ACB0D5B63521D3B6
Requests: 1 HTTP requests in this frame

Frame: https://mail.163.com/preload6.htm?t=1721310010249
Frame ID: 9BCD066F2357A2D7B9C8E802978D1973
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

163网易免费邮-你的专业电子邮局

Page URL History Show full URLs

  1. http://h2.b193819306.workers.dev/ HTTP 307
    https://h2.b193819306.workers.dev/ Page URL

Page Statistics

34
Requests

97 %
HTTPS

13 %
IPv6

3
Domains

10
Subdomains

9
IPs

3
Countries

529 kB
Transfer

1024 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://h2.b193819306.workers.dev/ HTTP 307
    https://h2.b193819306.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
h2.b193819306.workers.dev/
Redirect Chain
  • http://h2.b193819306.workers.dev/
  • https://h2.b193819306.workers.dev/
19 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h2.b193819306.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3285e419d1a7456f7cd6d8165a49746d8b55a01619c8ea216dd3b1aae9357a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.mediav.com *.netstatic.net; connect-src 'self' wss: *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.163yun.com; report-uri https://countly.mail.163.com/stats/csp

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
8a52e1986e83a50c-MIA
content-encoding
br
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.mediav.com *.netstatic.net; connect-src 'self' wss: *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.163yun.com; report-uri https://countly.mail.163.com/stats/csp
content-type
text/html
date
Thu, 18 Jul 2024 13:40:02 GMT
expires
Thu, 18 Jul 2024 14:01:17 GMT
last-modified
Thu, 13 Jun 2024 12:54:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ndN1%2Ffo5qw%2BiJWLigegk0YzLikJokqt1UrfYVT2zgpHvHJeiF10jrGBzS3gcbmMJHiJgL4arCBHZByUGbiVKq3Rkw8UUXQBAdudVbDCnsspideFYaAA8Wly4RBFZab0mGHNFOJAY8GcXMF8K"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://h2.b193819306.workers.dev/
Non-Authoritative-Reason
HSTS
message.js
urswebzj.nosdn.127.net/webzj_cdn101/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urswebzj.nosdn.127.net/webzj_cdn101/message.js
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
128.1.157.232 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
Tengine /
Resource Hash
d0b95a98cd02c0597776669022e750beabc37f7e2525ea0e27a91cc6da24d339

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Sat, 06 Jul 2024 02:06:27 GMT
Via
cache9.l2hk2[1363,1212,304-0,C], cache24.l2hk2[1214,0], cache18.jp6[0,0,200-0,H], cache7.jp6[0,0]
Content-Encoding
gzip
x-nos-object-name
webzj_cdn101%2Fmessage.js
x-nos-request-id
782a42d0-bc1b-4f60-8600-a9b08b322e5d
cdn-ip
128.1.157.232
Age
1078418
X-Swift-CacheTime
2592000
Transfer-Encoding
chunked
X-Cache
HIT TCP_MEM_HIT dirn:-2:-2
Content-Disposition
inline; filename="webzj_cdn101%2Fmessage.js"
Connection
keep-alive
x-nos-storage-class
STANDARD
X-Swift-SaveTime
Sat, 06 Jul 2024 02:06:27 GMT
Last-Modified
Tue, 07 May 2024 10:03:36 Asia/Shanghai
Server
Tengine
x-nos-requesttype
GetObject
Vary
Accept-Encoding
Ali-Swift-Global-Savetime
1720231587
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=61
Timing-Allow-Origin
*
EagleId
80019d9b17213100050738175e
es5-polyfill.js
mimg.127.net/p/freemail/lib/polyfill/ 		2 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/freemail/lib/polyfill/es5-polyfill.js
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
d5292586cfe2230f1c91cae1f71ad9156c23fb60f7cd9d2bce428647b2cad47c

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:03 GMT
content-encoding
gzip
last-modified
Wed, 20 Mar 2019 01:42:20 GMT
server
nginx
etag
W/"5c919a7c-6e6"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Fri, 02 Jun 2034 11:33:31 GMT
index-promote.js
mimg.127.net/external/mail-index/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/external/mail-index/index-promote.js
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
00b3547c824e82e7e0f93b248c027f1eca602f9c8e2cb657e2057f2ccfcd98ea

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:03 GMT
content-encoding
gzip
last-modified
Wed, 02 Nov 2022 11:07:57 GMT
server
nginx
etag
W/"63624f8d-1a5a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Thu, 18 Jul 2024 13:47:49 GMT
bundle.tracing.min.js
mimg.127.net/p/freemail/lib/track/7.57.0/ 		84 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/freemail/lib/track/7.57.0/bundle.tracing.min.js
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
d4455d72dcbb6008621d53a8c9fe408fb15040a76eb48a3407f9fe2f688427d5

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:05 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2023 06:03:22 GMT
server
nginx
etag
W/"64b8ce2a-1511a"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Fri, 02 Jun 2034 11:33:31 GMT
style.00f4906fe40b88d7999d.css
mimg.127.net/p/freemail/index/unified/static/2024/css/ 		76 KB
38 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/freemail/index/unified/static/2024/css/style.00f4906fe40b88d7999d.css
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
3663e7244f97c66ba8605c29b45b836e8e4e20985e5ef196e524541fcc9d8d8f

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:06 GMT
content-encoding
gzip
last-modified
Thu, 16 May 2024 12:06:10 GMT
server
nginx
etag
W/"6645f6b2-12f3c"
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 13 Jul 2034 08:12:18 GMT
t.gif
mimg.127.net/p/freemail/index/lib/img/ 		77 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mimg.127.net/p/freemail/index/lib/img/t.gif
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
3f666934b806964af9be68a39f16151701e7a7b8009ac24e7acb9ac0a7c10aa5

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:06 GMT
last-modified
Tue, 02 Apr 2019 06:02:11 GMT
server
nginx
etag
"5ca2fae3-4d"
vary
Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
77
expires
Sat, 29 Apr 2034 13:47:40 GMT
year.js
mimg.127.net/copyright/ 		24 B
216 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/copyright/year.js?rnd=1578362533107
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
e17d22813188d9ade4f1f3e3d2712382664e6f1a70ff3fa79574d583f8a3f5a7

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:06 GMT
last-modified
Sun, 31 Dec 2023 15:59:50 GMT
server
nginx
etag
"65918ff6-18"
content-type
application/x-javascript
cache-control
max-age=21003132
accept-ranges
bytes
content-length
24
expires
Mon, 30 Dec 2024 15:59:50 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4d541eeef88684fe3f778bfb7ab024fe529fe6e1e89f9954d5abbb3657090af

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
gonganlogo.png
mimg.127.net/p/images/logo/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mimg.127.net/p/images/logo/gonganlogo.png
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
48e7484ac4f925cce2688a289e73fd5e287dbda8f3f7b8ca0c2db6a807f12c4d

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:06 GMT
last-modified
Mon, 11 May 2020 08:00:03 GMT
server
nginx
etag
"5eb90603-574"
vary
Origin
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
1396
expires
Sat, 29 Apr 2034 13:47:37 GMT
mailad-sdk-0.0.19.js
mimg.127.net/p/tools/mailad-sdk/ 		105 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/tools/mailad-sdk/mailad-sdk-0.0.19.js
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
f361e0de649a84f142d9015515bf9af12ffe4c0b131fa80d351b55ffcdc015ed

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:06 GMT
content-encoding
gzip
last-modified
Thu, 02 Feb 2023 09:37:27 GMT
server
nginx
etag
W/"63db8457-1a5ee"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Fri, 02 Jun 2034 11:33:32 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
mailscanlogin-1.2.3.js
mimg.127.net/p/tools/mailscanlogin/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/tools/mailscanlogin/mailscanlogin-1.2.3.js
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
947d2bd56c9c7cba7b54239c5752038fd77e25282636cdbbe73283c150df6ad0

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:07 GMT
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 10:17:03 GMT
server
nginx
etag
W/"65816d9f-1415b"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Fri, 02 Jun 2034 11:33:32 GMT
index-0.0.1.js
mimg.127.net/p/freemail/lib/login-error-popup/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/freemail/lib/login-error-popup/index-0.0.1.js
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
bb1fe0a41b83661ff120a1eb4543c9ffa7f871236037cc300a1b5c7bb0057158

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:07 GMT
content-encoding
gzip
last-modified
Tue, 09 Jun 2020 09:36:39 GMT
server
nginx
etag
W/"5edf5827-1269"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Fri, 02 Jun 2034 11:33:32 GMT
vendors~126~163~yeah.06f721a6e5f589c691f5.js
mimg.127.net/p/freemail/index/unified/static/2024/js/ 		243 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/freemail/index/unified/static/2024/js/vendors~126~163~yeah.06f721a6e5f589c691f5.js
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
0e9e25af2999a6b95958faa5d323a3f7889ef961720c2a836bc6135b01174af6

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:07 GMT
content-encoding
gzip
last-modified
Fri, 24 May 2024 04:14:12 GMT
server
nginx
etag
W/"66501414-3cd98"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Sat, 03 Jun 2034 14:58:32 GMT
163.5f9c155098d23a8c3b43.js
mimg.127.net/p/freemail/index/unified/static/2024/js/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/freemail/index/unified/static/2024/js/163.5f9c155098d23a8c3b43.js
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
b3a13378075cc6ff1b0c92b1d0165197fb4fa37158a9c9034c8874879b7ec868

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:08 GMT
content-encoding
gzip
last-modified
Thu, 13 Jun 2024 12:54:42 GMT
server
nginx
etag
W/"666aec12-131b1"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Thu, 13 Jul 2034 08:12:20 GMT
/
mail.163.com/fetrack/api/27/envelope/ 		2 B
247 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mail.163.com/fetrack/api/27/envelope/?sentry_key=d280472905c5286b79a1f3b8ad3282da&sentry_version=7&sentry_client=sentry.javascript.browser%2F7.57.0
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/lib/track/7.57.0/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.87 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 18 Jul 2024 13:40:09 GMT
server
nginx
vary
origin, access-control-request-method, access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
content-length
2
detail
h2.b193819306.workers.dev/fgw/mailsrv-ipdetail/ 		399 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h2.b193819306.workers.dev/fgw/mailsrv-ipdetail/detail
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/lib/track/7.57.0/bundle.tracing.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ed5fbdaa85eb80b0e9208afb9117542167c1fa4d1f49fffcb7abc96ea74ed1d

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 13:40:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-code
200
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aY4p1l5CJXhPIgseEizaKfabKuRG5WHEI5LRvHvXj7lhdNcYWIrLUaRUGxui7YxYG12O7r%2BvG8p355f%2FJ13CunIeGQzLd5YEuXkK0eULBZyRbYABCPN1fmn6%2B6GDt3SDz8jz1qEa%2BAUMIGrO"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
cache-control
no-cache
expries
Thu, 01 Jan 1970 00:00:00 GMT
cf-ray
8a52e1bf7f55a50c-MIA
alt-svc
h3=":443"; ma=86400
login_index.json
mimg.127.net/cross/static/webmail-js6/ 		281 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/cross/static/webmail-js6/login_index.json
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/lib/track/7.57.0/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
5f1c2315460efd420eaf0376335216d92ad96451937e970c740465a197b7013e

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:08 GMT
last-modified
Thu, 18 Apr 2024 11:56:15 GMT
server
nginx
etag
"66210a5f-119"
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
281
expires
Thu, 18 Jul 2024 14:17:56 GMT
getConf
dl.reg.163.com/dl/ 		63 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.reg.163.com/dl/getConf?callback=URSJSONP1721310008235&pkid=CvViHzl&pd=mail163&mode=1
Requested by
Host: urswebzj.nosdn.127.net
URL: https://urswebzj.nosdn.127.net/webzj_cdn101/message.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.196 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
2e16f4306fff59dd3c5846f5f9926fc99f7a085c36628b354c6f26ccdad44dcf

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Thu, 18 Jul 2024 13:40:09 GMT
Cache-Control
no-store
Server
nginx
Connection
keep-alive
Content-Length
63
Content-Type
text/json;charset=utf-8
truncated
/ 		390 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80b805170e0bb635b2868faf37cfa3ae71d75debc064f65f1107eaddf3330089

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
loading_s.gif
mimg.127.net/p/freemail/index/lib/img/ 		578 B
774 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mimg.127.net/p/freemail/index/lib/img/loading_s.gif
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/index/unified/static/2024/css/style.00f4906fe40b88d7999d.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
065f86db73775341c54048befea1dbd24e6013780ce06db950cee6e5908463be

Request headers

Referer
https://mimg.127.net/p/freemail/index/unified/static/2024/css/style.00f4906fe40b88d7999d.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:08 GMT
last-modified
Tue, 02 Apr 2019 06:02:16 GMT
server
nginx
etag
"5ca2fae8-242"
vary
Origin
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
content-length
578
expires
Sat, 29 Apr 2034 13:47:39 GMT
config.do
mail.163.com/smflow/ 		8 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.163.com/smflow/config.do?domain=163.com&callback=gAdCallback_1002
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/tools/mailad-sdk/mailad-sdk-0.0.19.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.87 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
ef8eac5a80f83a66faef33ba9297e870dfde3d152521551d117f12fd42a84eb1

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 13:40:09 GMT
cache-control
no-cache
content-encoding
gzip
expries
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
content-type
application/json;charset=UTF-8
form3
utility.mail.163.com/time-sync/ 		62 B
161 B 		Script
General
Check archive.org
Download Go to
Full URL
https://utility.mail.163.com/time-sync/form3?callback=sing_17213100082513667
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/index/unified/static/2024/js/163.5f9c155098d23a8c3b43.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.124.203.34 , China, ASN139203 (CHINANET-GUIZHOU-GUIAN-IDC Guizhou GuiAn IDC, CN),
Reverse DNS
Software
nginx /
Resource Hash
bffc2b0befec6fa0d2f73d0be8f8ac6f292d535a81659cdc6883235928ca1183

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:09 GMT
server
nginx
content-length
62
x-cache
from ngx-hd-33-92.163.com
content-type
application/octet-stream
i
countly.mail.163.com/stats/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://countly.mail.163.com/stats/i
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/index/unified/static/2024/js/vendors~126~163~yeah.06f721a6e5f589c691f5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:938:a07:6:0:14:203:33 , China, ASN139203 (CHINANET-GUIZHOU-GUIAN-IDC Guizhou GuiAn IDC, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers
39628e5a6146f059949210bebf88d697.png
onegoods.nosdn.127.net/resupload/2020/6/8/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onegoods.nosdn.127.net/resupload/2020/6/8/39628e5a6146f059949210bebf88d697.png
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.1.157.228 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
Tengine /
Resource Hash
cee64c6ea4503e58c6702cc4e4ae9eacce784f2c054cf2c68f19a1e92b0a7489

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 27 Jun 2024 09:06:33 GMT
via
cache26.l2hk2[0,0,200-0,H], cache17.l2hk2[1,0], cache1.jp6[0,0,200-0,H], cache13.jp6[1,0]
x-nos-object-name
resupload%2F2020%2F6%2F8%2F39628e5a6146f059949210bebf88d697.png
x-nos-request-id
dd3073bc-b0e0-4204-a903-507639206dc1
age
1830815
x-swift-cachetime
2531754
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
content-disposition
inline; filename="resupload%2F2020%2F6%2F8%2F39628e5a6146f059949210bebf88d697.png"
x-swift-savetime
Fri, 28 Jun 2024 01:50:39 GMT
x-nos-storage-class
STANDARD
content-length
7965
last-modified
Mon, 08 Jun 2020 22:52:29 Asia/Shanghai
server
Tengine
etag
39628e5a6146f059949210bebf88d697
x-nos-requesttype
GetObject
ali-swift-global-savetime
1719479193
content-type
image/png;charset=UTF-8
timing-allow-origin
*
eagleid
80019da117213100088415303e
index_dl2_new.html
dl.reg.163.com/webzj/v1.0.1/pub/ Frame 4D71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://dl.reg.163.com/webzj/v1.0.1/pub/index_dl2_new.html?cd=%2F%2Fmimg.127.net%2Fp%2Ffreemail%2Findex%2Funified%2Fstatic%2F2024%2F%2Fcss%2F&cf=urs.163.918051fb.css&MGID=1721310008436.346&wdaId=&pkid=CvViHzl&product=mail163
Requested by
Host: urswebzj.nosdn.127.net
URL: https://urswebzj.nosdn.127.net/webzj_cdn101/message.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.126.92.196 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://h2.b193819306.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 18 Jul 2024 13:40:10 GMT
Expires
Thu, 18 Jul 2024 13:40:09 GMT
Last-Modified
Tue, 07 May 2024 02:56:36 GMT
P3P
policyref="/w3c/p3p.xml", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
i
countly.mail.163.com/stats/ 		0
0
fingerprint-2.1.2.min.js
mimg.127.net/p/tools/fingerprintjs/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/tools/fingerprintjs/fingerprint-2.1.2.min.js
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/index/unified/static/2024/js/vendors~126~163~yeah.06f721a6e5f589c691f5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
b47e37a20b65647b55532c60e2a2aab37c4033833b514bccadc18df663677036

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:09 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 09:23:28 GMT
server
nginx
etag
W/"5fdc7510-7784"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Sat, 03 Jun 2034 00:10:54 GMT
get.do
mail.163.com/smflow/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.163.com/smflow/get.do?ver=1&mailVer=6&uid=nt%40163.com&regTime=0&lastTime=0&mobUser=0&gender=&birthday=0&font=&mod=common&source=server&moduleId=900&callback=gAdCallback_1003
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/tools/mailad-sdk/mailad-sdk-0.0.19.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.87 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
e16507a19dfeba18a30dd65c7b20293fd6a399be398f376b9980e98881a78691

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 13:40:09 GMT
cache-control
no-cache
content-encoding
gzip
expries
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
content-type
application/json;charset=UTF-8
get.do
mail.163.com/smflow/ 		262 B
480 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mail.163.com/smflow/get.do?ver=1&mailVer=6&uid=nt%40163.com&regTime=0&lastTime=0&mobUser=0&gender=&birthday=0&font=&mod=common&source=server&moduleId=148&callback=gAdCallback_1004
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/tools/mailad-sdk/mailad-sdk-0.0.19.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.87 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
b8c409755b6236cf6cedfc516acdbc32507c700e9249ae519482a481e2b09b2b

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 13:40:09 GMT
cache-control
no-cache
content-encoding
gzip
expries
Thu, 01 Jan 1970 00:00:00 GMT
server
nginx
content-type
application/json;charset=UTF-8
init
h2.b193819306.workers.dev/fgw/mailsrv-device-idmapping/webapp/ 		83 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h2.b193819306.workers.dev/fgw/mailsrv-device-idmapping/webapp/init
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/lib/track/7.57.0/bundle.tracing.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.157.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d98edd5e5a3845751e5bf45a26e1b210aabf8caedf35247df21610e447bc5871

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 13:40:09 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-response-code
200
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mUz%2FuhCb9y8VEdpRDVndfG6TTgtQt6lRsrfhH7EukBTY4DPOpBBX1t4FqbFlCiwDQ9y8yzF3R2fcxSTwfWT9plDkxPwubiAkDaYncvVY%2FeEZjX0lMSzxBQniS3Ucwtu9riYXandQP27mCRAp"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
cache-control
no-cache
expries
Thu, 01 Jan 1970 00:00:00 GMT
cf-ray
8a52e1c7ff92a50c-MIA
alt-svc
h3=":443"; ma=86400
fad8bbf2-761d-4564-8104-c8a284f74ed1
mail-activity.nosdn.127.net/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail-activity.nosdn.127.net/fad8bbf2-761d-4564-8104-c8a284f74ed1
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.1.157.228 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
Tengine /
Resource Hash
f8799bf10ff50120422db348b62ccb9dc938525909c17df1ee7f1f2568d73991

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 06:45:09 GMT
via
cache17.l2hk2[1244,1244,304-0,H], cache29.l2hk2[1245,0], cache15.jp6[0,0,200-0,H], cache13.jp6[1,0]
x-nos-object-name
fad8bbf2-761d-4564-8104-c8a284f74ed1
x-nos-request-id
bbca9b6b-8a4e-4972-a1f9-d2082c06acc6
age
24901
x-swift-cachetime
43200
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
content-disposition
inline; filename="fad8bbf2-761d-4564-8104-c8a284f74ed1"
x-swift-savetime
Thu, 18 Jul 2024 06:45:09 GMT
x-nos-storage-class
STANDARD
content-length
95435
last-modified
Mon, 15 Jan 2024 04:06:50 GMT
server
Tengine
etag
"664347903c04f67d70b1809622b128e4"
x-nos-requesttype
GetObject
ali-swift-global-savetime
1721285109
content-type
image/jpeg;charset=UTF-8
timing-allow-origin
*
eagleid
80019da117213100100607576e
9f503c82-285b-44d4-87fa-43c3d7fa4096
mail-activity.nosdn.127.net/ 		144 KB
144 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mail-activity.nosdn.127.net/9f503c82-285b-44d4-87fa-43c3d7fa4096
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
128.1.157.228 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
Tengine /
Resource Hash
941d4f881c099a9f5d43eda0ee42915bad098ec8495aa0b2ff4bab765f9f70f5

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 06:45:09 GMT
via
cache35.l2hk2[1285,1285,304-0,H], cache30.l2hk2[1287,0], cache11.jp6[0,0,200-0,H], cache13.jp6[1,0]
x-nos-object-name
9f503c82-285b-44d4-87fa-43c3d7fa4096
x-nos-request-id
e3dfbe65-c6ee-42d8-bdad-5579fa4a30a0
age
24901
x-swift-cachetime
43200
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
content-disposition
inline; filename="9f503c82-285b-44d4-87fa-43c3d7fa4096"
x-swift-savetime
Thu, 18 Jul 2024 06:45:09 GMT
x-nos-storage-class
STANDARD
content-length
147037
last-modified
Mon, 15 Jan 2024 04:06:50 GMT
server
Tengine
etag
"ab3dbb67f00587c02e79adca3ca00662"
x-nos-requesttype
GetObject
ali-swift-global-savetime
1721285109
content-type
image/png;charset=UTF-8
timing-allow-origin
*
eagleid
80019da117213100100597574e
truncated
/ 		401 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b34692426f17b13db6df00b90be241ae8718bcb0955bba93e686980d7ccc01e8

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		406 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92cb8fbddbb792a1c3079fff36094845eae920837817a43885e288f07b4db81b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
stat.gif
b.mail.163.com/ir/ 		49 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.mail.163.com/ir/stat.gif?ad_oper=show&ad_source=mailad&ad_position=900&uid=nt%40163.com&isIframe=0&sc=0&statId=1_900_191_626&position=0&rnd=1721310009886&product=fl0gsmhkff1ml6iid8ed5qm2i&appName=webmail&appVersion=&moduleId=900&pUrl=&pCUrl=http%3A%2F%2Fr.mail.163.com%2Fr.jsp%3Furl%3Dhttps%253A%252F%252Fv.mail.163.com%252Fpay%253Futm_source%253DLoginBackgroundShow_00%2526towe%253D1%26sign%3D1349958006%26_r_ignore_statId%3D1_900_191_626%26position%3D1%26_r_ignore_moduleId%3D900%26spm%3Dad.0.0.0.900.626%26_r_ignore_uid%3Dnt%2540163.com%26uid%3Dnt%2540163.com%26session_id%3D66423197-67B9-40FE-ACB7-9095E28C55F3&request_time=311&spm=ad.0.0.0.900.1_900_191_626&scene=191
Requested by
Host: h2.b193819306.workers.dev
URL: https://h2.b193819306.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
111.124.203.34 , China, ASN139203 (CHINANET-GUIZHOU-GUIAN-IDC Guizhou GuiAn IDC, CN),
Reverse DNS
Software
nginx /
Resource Hash
93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:10 GMT
last-modified
Thu, 14 Nov 2019 06:49:07 GMT
server
nginx
etag
"5dccf8e3-31"
x-cache
from ngx-hd-33-92.163.com
content-type
image/gif
accept-ranges
bytes
content-length
49
preload6.htm
mail.163.com/ Frame 9BCD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.163.com/preload6.htm?t=1721310010249
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/index/unified/static/2024/js/163.5f9c155098d23a8c3b43.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.87 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.mediav.com *.netstatic.net; connect-src 'self' wss: *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.163yun.com; report-uri https://countly.mail.163.com/stats/csp

Request headers

Referer
https://h2.b193819306.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
max-age=3600
content-encoding
gzip
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.mediav.com *.netstatic.net; connect-src 'self' wss: *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.163yun.com; report-uri https://countly.mail.163.com/stats/csp
content-type
text/html
date
Thu, 18 Jul 2024 13:40:11 GMT
etag
W/"669907a3-381d"
expires
Thu, 18 Jul 2024 14:04:05 GMT
last-modified
Thu, 18 Jul 2024 12:16:35 GMT
server
nginx
vary
Accept-Encoding
favicon.ico
mail.163.com/ 		318 B
808 B 		Other
General
Check archive.org
Download Go to
Full URL
https://mail.163.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.87 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
43c6594eb74940c6e0fb38d55c634425860093660f4eb0cb89334608dd9947eb
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.mediav.com *.netstatic.net; connect-src 'self' wss: *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.163yun.com; report-uri https://countly.mail.163.com/stats/csp

Request headers

Referer
https://h2.b193819306.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 13:40:13 GMT
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.mediav.com *.netstatic.net; connect-src 'self' wss: *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.163yun.com; report-uri https://countly.mail.163.com/stats/csp
last-modified
Sun, 01 Jan 2006 12:37:08 GMT
server
nginx
etag
"43b7ccf4-13e"
content-type
image/x-icon
cache-control
max-age=60
accept-ranges
bytes
content-length
318
expires
Thu, 18 Jul 2024 13:41:13 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
countly.mail.163.com
URL
https://countly.mail.163.com/stats/i

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| URSCFG string| URSOPENBGP function| URS object| JSON3 object| Sentry object| __SENTRY__ function| slowRedir number| slowBackupTimer function| fCheckBrowserVersion function| mimgError object| mailad object| gAd function| MailScanLogin object| MailLoginErrorPopup object| PopConfig object| Notice object| NavNotice object| VideoPromotion object| webpackJsonp object| MailStatsCountly object| Sing object| newLoginPageMailStats object| mailStats function| URSJSONP1721310008235 object| __oMailUtility function| gAdCallback_1002 function| sing_17213100082513667 number| __hasRun function| Fingerprint2 function| gAdCallback_1003 function| gAdCallback_1004 object| __sentry_instrumentation_handlers__

2 Cookies

Domain/Path Name / Value
.h2.b193819306.workers.dev/ Name: starttime
Value:
h2.b193819306.workers.dev/ Name: stats_session_id
Value: 254feaf5-4883-4dd1-a6f3-c865c8c392c0

2 Console Messages

Source Level URL
Text
javascript error URL: https://h2.b193819306.workers.dev/
Message:
Access to XMLHttpRequest at 'https://countly.mail.163.com/stats/i' from origin 'https://h2.b193819306.workers.dev' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://countly.mail.163.com/stats/i
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.mediav.com *.netstatic.net; connect-src 'self' wss: *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.163yun.com; report-uri https://countly.mail.163.com/stats/csp

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.mail.163.com
countly.mail.163.com
dl.reg.163.com
h2.b193819306.workers.dev
mail-activity.nosdn.127.net
mail.163.com
mimg.127.net
onegoods.nosdn.127.net
urswebzj.nosdn.127.net
utility.mail.163.com
countly.mail.163.com
103.126.92.196
103.129.252.87
103.129.252.89
111.124.203.34
128.1.157.228
128.1.157.232
172.67.157.240
240e:938:a07:6:0:14:203:33
00b3547c824e82e7e0f93b248c027f1eca602f9c8e2cb657e2057f2ccfcd98ea
065f86db73775341c54048befea1dbd24e6013780ce06db950cee6e5908463be
0e9e25af2999a6b95958faa5d323a3f7889ef961720c2a836bc6135b01174af6
2e16f4306fff59dd3c5846f5f9926fc99f7a085c36628b354c6f26ccdad44dcf
3663e7244f97c66ba8605c29b45b836e8e4e20985e5ef196e524541fcc9d8d8f
3f666934b806964af9be68a39f16151701e7a7b8009ac24e7acb9ac0a7c10aa5
43c6594eb74940c6e0fb38d55c634425860093660f4eb0cb89334608dd9947eb
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48e7484ac4f925cce2688a289e73fd5e287dbda8f3f7b8ca0c2db6a807f12c4d
5f1c2315460efd420eaf0376335216d92ad96451937e970c740465a197b7013e
6ed5fbdaa85eb80b0e9208afb9117542167c1fa4d1f49fffcb7abc96ea74ed1d
80b805170e0bb635b2868faf37cfa3ae71d75debc064f65f1107eaddf3330089
92cb8fbddbb792a1c3079fff36094845eae920837817a43885e288f07b4db81b
93db6ff0af01c1416a4cf5643fa970e6facf75aa2c38a66404085039c2314e33
941d4f881c099a9f5d43eda0ee42915bad098ec8495aa0b2ff4bab765f9f70f5
947d2bd56c9c7cba7b54239c5752038fd77e25282636cdbbe73283c150df6ad0
9e3285e419d1a7456f7cd6d8165a49746d8b55a01619c8ea216dd3b1aae9357a
a4d541eeef88684fe3f778bfb7ab024fe529fe6e1e89f9954d5abbb3657090af
b34692426f17b13db6df00b90be241ae8718bcb0955bba93e686980d7ccc01e8
b3a13378075cc6ff1b0c92b1d0165197fb4fa37158a9c9034c8874879b7ec868
b47e37a20b65647b55532c60e2a2aab37c4033833b514bccadc18df663677036
b8c409755b6236cf6cedfc516acdbc32507c700e9249ae519482a481e2b09b2b
bb1fe0a41b83661ff120a1eb4543c9ffa7f871236037cc300a1b5c7bb0057158
bffc2b0befec6fa0d2f73d0be8f8ac6f292d535a81659cdc6883235928ca1183
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cee64c6ea4503e58c6702cc4e4ae9eacce784f2c054cf2c68f19a1e92b0a7489
d0b95a98cd02c0597776669022e750beabc37f7e2525ea0e27a91cc6da24d339
d4455d72dcbb6008621d53a8c9fe408fb15040a76eb48a3407f9fe2f688427d5
d5292586cfe2230f1c91cae1f71ad9156c23fb60f7cd9d2bce428647b2cad47c
d98edd5e5a3845751e5bf45a26e1b210aabf8caedf35247df21610e447bc5871
e16507a19dfeba18a30dd65c7b20293fd6a399be398f376b9980e98881a78691
e17d22813188d9ade4f1f3e3d2712382664e6f1a70ff3fa79574d583f8a3f5a7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef8eac5a80f83a66faef33ba9297e870dfde3d152521551d117f12fd42a84eb1
f361e0de649a84f142d9015515bf9af12ffe4c0b131fa80d351b55ffcdc015ed
f8799bf10ff50120422db348b62ccb9dc938525909c17df1ee7f1f2568d73991