urlscan.io logo urlscan.io
SecurityTrails logo

email.189.cn Open in urlscan Pro
240e:96c:6000:102:3::3fb  Public Scan

Go To Rescan Add Verdict Report
URL: https://email.189.cn/jquery-3.3.1.min.js
Submission: On April 06 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 240e:96c:6000:102:3::3fb, located in China and belongs to CHINANET-BACKBONE No.31,Jin-rong Street, CN. The main domain is email.189.cn.
TLS certificate: Issued by Secure Site CA G2 on August 1st 2023. Valid for: a year.
This is the only time email.189.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 240e:96c:6000... 4134 (CHINANET-...)
3 1
Apex Domain
Subdomains		 Transfer
3 189.cn
email.189.cn
83 KB
3 1
Domain Requested by
3 email.189.cn email.189.cn
3 1

This site contains no links.

Subject Issuer Validity Valid
*.189.cn
Secure Site CA G2		 2023-08-01 -
2024-08-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://email.189.cn/jquery-3.3.1.min.js
Frame ID: 5D1B660A3A5F1865390C91281A8BAE83
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

83 kB
Transfer

151 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jquery-3.3.1.min.js
email.189.cn/ 		9 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://email.189.cn/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:96c:6000:102:3::3fb , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d7c46c576c75daa35ebe08252914651cb74cd8366599815c53639f7caa19922f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

ali-swift-global-savetime
1712365968
cache-control
no-store
content-type
text/html
date
Sat, 06 Apr 2024 01:12:48 GMT
eagleid
de49211917123659686223252e
expires
Sat, 06 Apr 2024 01:12:48 GMT
pragma
no-cache
server
Tengine
timing-allow-origin
*
via
cache39.l2cn3124[116,116,403-1280,M], cache26.l2cn3124[118,0], cache26.l2cn3124[118,0], vcache28.cn5626[275,275,403-1280,M], vcache5.cn5626[276,0]
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-cachetime
0
x-swift-error
orig response 4XX error
x-swift-savetime
Sat, 06 Apr 2024 01:12:48 GMT
ePCVP6gwPUM1.294cc83.js
email.189.cn/h6vDiegGBDr0/ 		141 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://email.189.cn/h6vDiegGBDr0/ePCVP6gwPUM1.294cc83.js
Requested by
Host: email.189.cn
URL: https://email.189.cn/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:96c:6000:102:3::3fb , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
125fded643c5849a3dcdf831c85906209b30734caf9ebb2bc0d93cc9fe3c3d4f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://email.189.cn/jquery-3.3.1.min.js
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 06 Apr 2024 01:12:49 GMT
via
cache4.l2cn3160[37,44,304-0,M], cache22.l2cn3160[45,0], cache22.l2cn3160[46,0], vcache26.cn5626[57,75,200-0,H], vcache5.cn5626[79,0]
content-encoding
gzip
age
0
x-swift-cachetime
108000
x-cache
HIT TCP_REFRESH_HIT dirn:5:1205624416
x-swift-savetime
Sat, 06 Apr 2024 01:12:49 GMT
content-length
74063
last-modified
Fri, 31 Mar 2023 02:45:25 GMT
server
Tengine
etag
W/"64264945-2355c"
ali-swift-global-savetime
1712365969
content-type
text/javascript; charset=UTF-8
cache-control
max-age=2592000, public
timing-allow-origin
*
eagleid
de49211917123659693135836e
expires
Mon, 06 May 2024 01:12:49 GMT
favicon.ico
email.189.cn/ 		6 B
263 B 		Other
General
Check archive.org
Download Go to
Full URL
https://email.189.cn/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:96c:6000:102:3::3fb , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Tengine /
Resource Hash
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://email.189.cn/jquery-3.3.1.min.js
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 06 Apr 2024 01:12:51 GMT
via
cache55.l2cn3124[159,159,400-1280,M], cache17.l2cn3124[160,0], cache17.l2cn3124[160,0], vcache17.cn5626[202,201,400-1280,M], vcache5.cn5626[203,0]
server
Tengine
x-swift-error
orig response 4XX error
x-swift-cachetime
0
ali-swift-global-savetime
1712365971
content-type
text/html
x-cache
MISS TCP_MISS dirn:-2:-2
cache-control
no-store
x-swift-savetime
Sat, 06 Apr 2024 01:12:51 GMT
timing-allow-origin
*
eagleid
de49211917123659712344673e
expires
Sat, 06 Apr 2024 01:12:51 GMT

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $_ts function| $b_setup function| $bf89a016$

2 Cookies

Domain/Path Name / Value
email.189.cn/ Name: 4khhWNSbEsFUO
Value: 60IpDrfR7zmhFRo.lYRxzvY2XQDUOdfrim14v2LiKWcQxo.uKDla2mCaYC_KPYwMXKJGTi.lw4swm8BEGVu22Lqa
email.189.cn/ Name: 4khhWNSbEsFUP
Value: 0B3XTffhYhKDUu1RaVav4jnzxIo23gYYLZNN1N3ikWCRO8Pn0owX2Jor.FMT2p0I1mpZr4tF0TIJv0izwxlzfPMgcm7M2EmfdH1NKust24ErWmKzHNNbg5PznDOTsI3hcYdWj188_H1p3AgQXVlVLFO.8Eit5VoGD7TKyivgPP6g3G..yYLcDjQ5kMhR_SEnMmrSFeANjUBikDmsXIlv7Bjq1aFMRTahQl2KmObrllw7

2 Console Messages

Source Level URL
Text
network error URL: https://email.189.cn/jquery-3.3.1.min.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://email.189.cn/favicon.ico
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.189.cn
240e:96c:6000:102:3::3fb
125fded643c5849a3dcdf831c85906209b30734caf9ebb2bc0d93cc9fe3c3d4f
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
d7c46c576c75daa35ebe08252914651cb74cd8366599815c53639f7caa19922f