urlscan.io logo urlscan.io
SecurityTrails logo

email.189.cn Open in urlscan Pro
240e:96c:6000:102:3::3fa  Public Scan

Go To Rescan Add Verdict Report
URL: https://email.189.cn/jquery-3.3.1.min.js
Submission: On June 08 via api from RU — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 3 HTTP transactions. The main IP is 240e:96c:6000:102:3::3fa, located in China and belongs to CHINANET-SH-AP China Telecom Group, CN. The main domain is email.189.cn.
TLS certificate: Issued by Secure Site CA G2 on August 1st 2023. Valid for: a year.
This is the only time email.189.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 240e:96c:6000... 4812 (CHINANET-...)
3 1
Apex Domain
Subdomains		 Transfer
3 189.cn
email.189.cn
91 KB
3 1
Domain Requested by
3 email.189.cn email.189.cn
3 1

This site contains no links.

Subject Issuer Validity Valid
*.189.cn
Secure Site CA G2		 2023-08-01 -
2024-08-31		 a year crt.sh

This page contains 1 frames:

Primary Page: https://email.189.cn/jquery-3.3.1.min.js
Frame ID: 3CE5EE0DC2BDBFFFB80ED88AC9D581CD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

403 Forbidden

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

3
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

91 kB
Transfer

159 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jquery-3.3.1.min.js
email.189.cn/ 		14 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://email.189.cn/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:96c:6000:102:3::3fa , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d24db3c78299b37855aee1ca92316d1ed22283a73681ab04ce134c7a356085e9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

ali-swift-global-savetime
1717838086
cache-control
no-store
content-type
text/html
date
Sat, 08 Jun 2024 09:14:46 GMT
eagleid
de49212317178380866255315e
expires
Sat, 08 Jun 2024 09:14:46 GMT
pragma
no-cache
server
Tengine
timing-allow-origin
*
via
cache12.l2cn1827[36,36,403-1280,M], cache32.l2cn1827[37,0], cache32.l2cn1827[37,0], vcache1.cn5626[53,53,403-1280,M], vcache15.cn5626[54,0]
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-cachetime
0
x-swift-error
orig response 4XX error
x-swift-savetime
Sat, 08 Jun 2024 09:14:46 GMT
ePCVP6gwPUM1.513c6cb.js
email.189.cn/h6vDiegGBDr0/ 		144 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://email.189.cn/h6vDiegGBDr0/ePCVP6gwPUM1.513c6cb.js
Requested by
Host: email.189.cn
URL: https://email.189.cn/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:96c:6000:102:3::3fa , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
faa3815241fa465d73ba1099434af0ec9aeecb3b8c0499ab788aebef441b3c08

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://email.189.cn/jquery-3.3.1.min.js
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 09:14:47 GMT
via
cache36.l2cn2656[41,41,304-0,M], cache2.l2cn2656[43,0], cache2.l2cn2656[43,0], vcache25.cn5626[285,292,200-0,H], vcache15.cn5626[293,0]
content-encoding
gzip
age
0
x-swift-cachetime
108000
x-cache
HIT TCP_REFRESH_HIT dirn:0:301776174
x-swift-savetime
Sat, 08 Jun 2024 09:14:47 GMT
content-length
77200
last-modified
Thu, 23 May 2024 09:34:37 GMT
server
Tengine
etag
W/"664f0dad-2403f"
ali-swift-global-savetime
1717838087
content-type
text/javascript; charset=UTF-8
cache-control
max-age=2592000, public
timing-allow-origin
*
eagleid
de49212317178380874851260e
expires
Mon, 08 Jul 2024 09:14:47 GMT
favicon.ico
email.189.cn/ 		6 B
260 B 		Other
General
Check archive.org
Download Go to
Full URL
https://email.189.cn/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:96c:6000:102:3::3fa , China, ASN4812 (CHINANET-SH-AP China Telecom Group, CN),
Reverse DNS
Software
Tengine /
Resource Hash
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://email.189.cn/jquery-3.3.1.min.js
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 08 Jun 2024 09:14:48 GMT
via
cache5.l2cn2656[49,48,400-1280,M], cache11.l2cn2656[50,0], cache11.l2cn2656[50,0], vcache5.cn5626[63,62,400-1280,M], vcache15.cn5626[69,0]
server
Tengine
x-swift-error
orig response 4XX error
x-swift-cachetime
0
ali-swift-global-savetime
1717838088
content-type
text/html
x-cache
MISS TCP_MISS dirn:-2:-2
cache-control
no-store
x-swift-savetime
Sat, 08 Jun 2024 09:14:48 GMT
timing-allow-origin
*
eagleid
de49212317178380886816483e
expires
Sat, 08 Jun 2024 09:14:48 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $_ts function| $b_setup function| a function| b function| $bf89a016$

2 Cookies

Domain/Path Name / Value
email.189.cn/ Name: 4khhWNSbEsFUO
Value: 60aDCR74n70I5KtrCaJcoIPZZ.2eKhap61Cgyrs7e40f5p7JD6CqYMnLZ_myNWQkpg6UC4BR.odfOSA3_Eh2CgOq
email.189.cn/ Name: 4khhWNSbEsFUP
Value: 0tX_EydWjiqbPTU4TkpR1X3RZD3qTisKWRq5QG70fPG5XYuy0CDlLEf6aB4oILjJWcFeZ2p.Z2xJ123WQyY8_Bk2p6oBCZHC.2U2MfiTEt.L7a9lcXDvO3Clsz9z0mSWHaLacCG6levTzjC6zGQgX6LWa51PNsQLH6Y6ez3ZEpTnuw90BbtDEb3jUJqJPeM23uLMb8wl8FOOjY7NUE89bZ_PAjLsVXUA0WQNXMal_giW

2 Console Messages

Source Level URL
Text
network error URL: https://email.189.cn/jquery-3.3.1.min.js
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://email.189.cn/favicon.ico
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

email.189.cn
240e:96c:6000:102:3::3fa
aea52d27230b89ca1b732866afbe137a98e65100049a56b3293def8d5fe7dda0
d24db3c78299b37855aee1ca92316d1ed22283a73681ab04ce134c7a356085e9
faa3815241fa465d73ba1099434af0ec9aeecb3b8c0499ab788aebef441b3c08