urlscan.io logo urlscan.io
SecurityTrails logo

mail.163.com Open in urlscan Pro
103.129.252.87  Public Scan

Go To Rescan Add Verdict Report
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q...
Submission: On June 06 via manual from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 2 domains to perform 23 HTTP transactions. The main IP is 103.129.252.87, located in Hong Kong and belongs to NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK. The main domain is mail.163.com. The Cisco Umbrella rank of the primary domain is 42687.
TLS certificate: Issued by GeoTrust RSA CN CA G2 on March 23rd 2023. Valid for: a year.
This is the only time mail.163.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 103.129.252.87 137263 (NETEASE-A...)
14 103.129.252.89 137263 (NETEASE-A...)
1 163.181.82.231 24429 (TAOBAO Zh...)
1 220.181.15.159 23724 (CHINANET-...)
1 240e:83:201:4... 23724 (CHINANET-...)
23 6
3    103.129.252.87 (Hong Kong)

ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK)
mail.163.com
14    103.129.252.89 (Hong Kong)

ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK)
mimg.127.net
1    163.181.82.231 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
urswebzj.nosdn.127.net
1    220.181.15.159 (China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
PTR: m15159.mail.126.com
fs.mail.163.com
1    240e:83:201:4:220:181:12:191 (China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
countly.mail.163.com
Apex Domain
Subdomains		 Transfer
15 127.net
mimg.127.net — Cisco Umbrella Rank: 109949
urswebzj.nosdn.127.net — Cisco Umbrella Rank: 104101
1 MB
5 163.com
mail.163.com — Cisco Umbrella Rank: 42687
utility.mail.163.com Failed
fs.mail.163.com — Cisco Umbrella Rank: 709643
smartflow.mail.163.com Failed
countly.mail.163.com — Cisco Umbrella Rank: 66381
5 KB
23 2
Domain Requested by
14 mimg.127.net mail.163.com
mimg.127.net
3 mail.163.com mimg.127.net
1 countly.mail.163.com mimg.127.net
1 fs.mail.163.com mimg.127.net
1 urswebzj.nosdn.127.net mimg.127.net
0 smartflow.mail.163.com Failed mimg.127.net
0 utility.mail.163.com Failed mimg.127.net
23 7

This site contains links to these domains. Also see Links.

Domain
help.mail.163.com
u.163.com
corp.163.com
gb.corp.163.com
help.163.com
emarketing.biz.163.com
Subject Issuer Validity Valid
*.163.com
GeoTrust RSA CN CA G2		 2023-03-23 -
2024-04-22		 a year crt.sh
mimg.127.net
GeoTrust RSA CN CA G2		 2022-08-22 -
2023-09-12		 a year crt.sh
*.nosdn.127.net
GeoTrust RSA CN CA G2		 2022-06-01 -
2023-06-28		 a year crt.sh
*.mail.163.com
GeoTrust RSA CN CA G2		 2022-08-22 -
2023-09-19		 a year crt.sh

This page contains 1 frames:

Primary Page: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Frame ID: 26BF6E697EA9A05C1D7B66FC7416218C
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

网易邮箱超大附件下载

Detected technologies

Overall confidence: 100%
Detected patterns
  • /axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Page Statistics

23
Requests

87 %
HTTPS

20 %
IPv6

2
Domains

7
Subdomains

6
IPs

3
Countries

1041 kB
Transfer

2868 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.html
mail.163.com/large-attachment-download/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.87 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
b7648fe6d80bdaa00a53f27f7ecc61eef7682d019315c5385e28fcc44b7a01d5
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.mediav.com *.netstatic.net; connect-src 'self' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.163yun.com; report-uri https://countly.mail.163.com/stats/csp

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

cache-control
max-age=3600
content-encoding
gzip
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.mediav.com *.netstatic.net; connect-src 'self' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.163yun.com; report-uri https://countly.mail.163.com/stats/csp
content-type
text/html
date
Tue, 06 Jun 2023 05:34:50 GMT
etag
W/"6464bcac-15cb"
expires
Tue, 06 Jun 2023 06:30:15 GMT
last-modified
Wed, 17 May 2023 11:38:20 GMT
server
nginx
vary
Accept-Encoding
babel-polyfills.min.js
mimg.127.net/lib/babel-polyfills/3.6.5/ 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/lib/babel-polyfills/3.6.5/babel-polyfills.min.js
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
e191110b3425990c70d8871586f66bc7ccaa451f1599c312df570c63650d43d0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:51 GMT
content-encoding
gzip
last-modified
Thu, 04 Nov 2021 03:03:01 GMT
server
nginx
etag
W/"61834d65-26390"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Tue, 06 Jun 2023 06:00:28 GMT
axios.min.js
mimg.127.net/lib/axios/0.21.0/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/lib/axios/0.21.0/axios.min.js
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
38f9f561f70487d5b6a701758924bec83934f7db588fea654ab092e84b1af4d0

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:51 GMT
content-encoding
gzip
last-modified
Mon, 02 Nov 2020 11:25:22 GMT
server
nginx
etag
W/"5f9feca2-379d"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Tue, 06 Jun 2023 06:12:14 GMT
react.production.min.js
mimg.127.net/lib/react/17.0.2/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/lib/react/17.0.2/react.production.min.js
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
33636ecdd814c51ce9460ad98a75d30e4b548c98e347d168eae3b220c37d4446

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:51 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 02:52:40 GMT
server
nginx
etag
W/"6180a7f8-2ccf"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Tue, 06 Jun 2023 06:32:37 GMT
react-dom.production.min.js
mimg.127.net/lib/react-dom/17.0.2/ 		118 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/lib/react-dom/17.0.2/react-dom.production.min.js
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
451d8cd9435b8878931b54c21ebf0cbf88a5acdd09deb030eb1a40a6ca3f3508

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:51 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 02:52:41 GMT
server
nginx
etag
W/"6180a7f9-1d7fe"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Tue, 06 Jun 2023 05:49:31 GMT
payUmd-0.0.32.js
mimg.127.net/p/tools/mailplus-sdk/ 		1 MB
310 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/tools/mailplus-sdk/payUmd-0.0.32.js
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
2047a2fc53873dfb52d98d0033eaed45538666dee028d1b5c3564cc2ea62e204

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:51 GMT
content-encoding
gzip
last-modified
Thu, 16 Mar 2023 12:48:50 GMT
server
nginx
etag
W/"64131032-11f295"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Wed, 01 Jun 2033 14:16:32 GMT
payUmd-0.0.32.css
mimg.127.net/p/tools/mailplus-sdk/ 		509 KB
260 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/tools/mailplus-sdk/payUmd-0.0.32.css
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
c87d5b40af11bc48c90ab729e8763b60cdcce3ea66ae0c48c775d1c3b03b729b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:51 GMT
content-encoding
gzip
last-modified
Thu, 16 Mar 2023 12:48:49 GMT
server
nginx
etag
W/"64131031-7f556"
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
max-age=315360000
expires
Thu, 02 Jun 2033 10:11:40 GMT
hdurs-0.1.7.js
mimg.127.net/p/freemail/lib/hdurs/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/freemail/lib/hdurs/hdurs-0.1.7.js
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
ee1c94e8aa1beb5bb0cfb78de1f7fdfad8b991a0778753ec786b888aaf5017a7

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:51 GMT
content-encoding
gzip
last-modified
Mon, 01 Aug 2022 03:11:11 GMT
server
nginx
etag
W/"62e7444f-32fd"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Wed, 01 Jun 2033 22:09:47 GMT
main.e9d1ab0d.chunk.css
mimg.127.net/xm/large-attachment-download/static/css/ 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/xm/large-attachment-download/static/css/main.e9d1ab0d.chunk.css
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
9ce4fde9e8f7a660e39b4d9314353d0947a6cefa19e29ad28c84485edecfb562

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:52 GMT
content-encoding
gzip
last-modified
Wed, 23 Nov 2022 12:40:13 GMT
server
nginx
etag
W/"637e14ad-56e1"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=3600
expires
Tue, 06 Jun 2023 05:57:20 GMT
raven-3.27.0.min.js
mimg.127.net/p/freemail/lib/track/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/freemail/lib/track/raven-3.27.0.min.js
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
8b6d98b0cf87dc28a33bbd54f6e64114b0b8417e654b82111fd0579e7efdbdbf

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:52 GMT
content-encoding
gzip
last-modified
Mon, 11 Mar 2019 02:34:58 GMT
server
nginx
etag
W/"5c85c952-92d6"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Sun, 12 Sep 2032 02:12:31 GMT
2.8968873c.chunk.js
mimg.127.net/xm/large-attachment-download/static/js/ 		442 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/xm/large-attachment-download/static/js/2.8968873c.chunk.js
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
54f82bf004124e54cc6ebbe69a10d1cf886acd3f9955a330eb4602b8684c1499

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:52 GMT
content-encoding
gzip
last-modified
Thu, 04 May 2023 10:04:04 GMT
server
nginx
etag
W/"64538314-6e62c"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Tue, 06 Jun 2023 05:51:20 GMT
main.0c75ac58.chunk.js
mimg.127.net/xm/large-attachment-download/static/js/ 		257 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/xm/large-attachment-download/static/js/main.0c75ac58.chunk.js
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
edfaf97427e02a5b51d4c33ffef63462d0e43272f490473f1f550e93b194beb6

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:52 GMT
content-encoding
gzip
last-modified
Wed, 17 May 2023 11:38:20 GMT
server
nginx
etag
W/"6464bcac-404a8"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600
expires
Tue, 06 Jun 2023 05:41:54 GMT
fingerprint-2.1.2.min.js
mimg.127.net/p/tools/fingerprintjs/ 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/tools/fingerprintjs/fingerprint-2.1.2.min.js
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/xm/large-attachment-download/static/js/2.8968873c.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
b47e37a20b65647b55532c60e2a2aab37c4033833b514bccadc18df663677036

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:52 GMT
content-encoding
gzip
last-modified
Fri, 18 Dec 2020 09:23:28 GMT
server
nginx
etag
W/"5fdc7510-7784"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Sun, 12 Sep 2032 04:29:00 GMT
message.js
urswebzj.nosdn.127.net/webzj_cdn101/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://urswebzj.nosdn.127.net/webzj_cdn101/message.js
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/lib/hdurs/hdurs-0.1.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
163.181.82.231 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
73a5fb11b1929f9317f4f31229038158da732fc4ee1d2d4a2df5862186d4086a

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Date
Fri, 19 May 2023 04:36:30 GMT
Via
cache3.l2sg2[0,0,304-0,H], cache21.l2sg2[1,0], ens-cache8.sg13[0,0,200-0,H], ens-cache3.sg13[3,0]
Content-Encoding
gzip
x-nos-object-name
webzj_cdn101%2Fmessage.js
x-nos-request-id
d4f3b6f4-2fed-4de8-b603-09744929c9a4
cdn-ip
163.181.82.231
Age
1558703
X-Swift-CacheTime
2591998
Transfer-Encoding
chunked
X-Cache
HIT TCP_MEM_HIT dirn:1:782920240
Content-Disposition
inline; filename="webzj_cdn101%2Fmessage.js"
Connection
keep-alive
x-nos-storage-class
STANDARD
X-Swift-SaveTime
Fri, 19 May 2023 04:36:32 GMT
Last-Modified
Wed, 14 Dec 2022 17:00:52 Asia/Shanghai
Server
Tengine
x-nos-requesttype
GetObject
Vary
Accept-Encoding
Ali-Swift-Global-Savetime
1684470990
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=61
Timing-Allow-Origin
*
EagleId
a3b5529716860296930868425e
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65c1741c45979b06d286d2b9e0ad5eb946ce024cd40ac188c3e08dac813ee45b

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
163_logo.2b418d2a.png
mimg.127.net/xm/large-attachment-download/static/media/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mimg.127.net/xm/large-attachment-download/static/media/163_logo.2b418d2a.png
Requested by
Host: mail.163.com
URL: https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
0d5aa0eaf8e93237400a4bfda992b5e0002e3f8e4f3c06ac53022ae323bbc12d

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:52 GMT
last-modified
Fri, 15 Jan 2021 11:34:52 GMT
server
nginx
etag
"60017ddc-30a0"
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
12448
expires
Tue, 06 Jun 2023 05:50:20 GMT
form3
utility.mail.163.com/time-sync/ 		0
0
service
fs.mail.163.com/fs/ 		687 B
760 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fs.mail.163.com/fs/service?f=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&op=fs_dl_f_a&ts=1686029692420&browserfp=
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/lib/track/raven-3.27.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
220.181.15.159 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
m15159.mail.126.com
Software
nginx /
Resource Hash
4844090d930345c7e27c327f121de565c64e415599bc039b06e9fb663bbd68d3

Request headers

Accept
application/json, text/plain, */*
Referer
https://mail.163.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:53 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://mail.163.com
access-control-allow-credentials
true
detail
mail.163.com/fgw/mailsrv-ipdetail/ 		381 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mail.163.com/fgw/mailsrv-ipdetail/detail
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/lib/track/raven-3.27.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.87 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
828f693a02b697c48bc21db143f106e8735473f1d0d5eeef5022e0d9e90e8f1b

Request headers

Referer
https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 05:34:52 GMT
content-encoding
gzip
x-response-code
200
server
nginx
content-type
application/json;charset=UTF-8
cache-control
no-cache
expries
Thu, 01 Jan 1970 00:00:00 GMT
init
mail.163.com/fgw/mailsrv-device-idmapping/webapp/ 		82 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mail.163.com/fgw/mailsrv-device-idmapping/webapp/init
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/lib/track/raven-3.27.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.87 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
02b9eeffd9dec9b4a98ce08794abc195352c0927e1f046bc54981cbb9930edc3

Request headers

Referer
https://mail.163.com/large-attachment-download/index.html?p=X-NTES-HUGE-ATTACHMENT&file=djAyeUd6RzB3VGphMGdPVG8rNzU0Q054UT09&title=%E5%BD%B1%E5%83%8F%E7%AE%A1%E7%90%86%E6%A8%A1%E6%9D%BF20230526
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
content-type
application/json

Response headers

pragma
no-cache
date
Tue, 06 Jun 2023 05:34:52 GMT
content-encoding
gzip
x-response-code
200
server
nginx
content-type
application/json;charset=UTF-8
cache-control
no-cache
expries
Thu, 01 Jan 1970 00:00:00 GMT
mailad-sdk-0.0.8.js
mimg.127.net/p/tools/mailad-sdk/ 		58 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mimg.127.net/p/tools/mailad-sdk/mailad-sdk-0.0.8.js
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/xm/large-attachment-download/static/js/main.0c75ac58.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.252.89 , Hong Kong, ASN137263 (NETEASE-AS-AP NETEASE HONG KONG LIMITED, HK),
Reverse DNS
Software
nginx /
Resource Hash
bf2d40ad25dfe968415c59d6ea345f7cdf292bd083e7cf655d15a5c5e1fdb4cb

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://mail.163.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

date
Tue, 06 Jun 2023 05:34:53 GMT
content-encoding
gzip
last-modified
Thu, 23 Jul 2020 07:29:56 GMT
server
nginx
etag
W/"5f193c74-e63e"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
max-age=315360000
expires
Wed, 01 Jun 2033 23:22:00 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1db4f13a62d8460daffc915dfaf709140d778dc78a6453162a37f09558079289

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36

Response headers

Content-Type
image/png
config.do
smartflow.mail.163.com/smflow/ 		0
0
i
countly.mail.163.com/stats/ 		20 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://countly.mail.163.com/stats/i
Requested by
Host: mimg.127.net
URL: https://mimg.127.net/p/freemail/lib/track/raven-3.27.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
240e:83:201:4:220:181:12:191 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx /
Resource Hash
83786d6ca95e7099b09dda2f11b25e7ac860caf70ec87fd35f520fbb58d8a296

Request headers

Referer
https://mail.163.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.90 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 06 Jun 2023 05:34:54 GMT
server
nginx
x-cache
from ngx70-194.163.com
access-control-allow-methods
GET,POST
access-control-allow-origin
https://mail.163.com
content-type
application/octet-stream
access-control-allow-credentials
true
content-length
20
get.do
smartflow.mail.163.com/smflow/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
utility.mail.163.com
URL
https://utility.mail.163.com/time-sync/form3?callback=__jp0
Domain
smartflow.mail.163.com
URL
https://smartflow.mail.163.com/smflow/config.do?domain=163.com&callback=gAdCallback_1002
Domain
smartflow.mail.163.com
URL
https://smartflow.mail.163.com/smflow/get.do?ver=1&mailVer=6&uid=&regTime=0&lastTime=0&mobUser=0&gender=&birthday=0&font=&mod=common&source=server&moduleId=135&callback=gAdCallback_1003

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend function| setImmediate function| clearImmediate function| axios object| React object| ReactDOM object| $UA object| mailplus object| core object| global object| System function| asap object| regeneratorRuntime boolean| _babelPolyfill object| plusStore object| MailLoginModule object| Raven object| webpackJsonplarge-attachment-download object| MailStatsCountly object| Tongji object| __oMailUtility function| __jp0 function| Fingerprint2 object| URSCFG string| URSOPENBGP function| URS object| JSON3 object| mailad function| gAdCallback_1002 object| gAd

1 Cookies

Domain/Path Name / Value
mail.163.com/ Name: stats_session_id
Value: f56c23fd-8fb5-4c19-bf4c-a96e67e4b69b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.mediav.com *.netstatic.net; connect-src 'self' *.127.net *.126.net *.163.com *.126.com *.yeah.net *.188.com *.netease.com *.qiyukf.com qiyukf.com *.youdao.com *.163yun.com; report-uri https://countly.mail.163.com/stats/csp

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

countly.mail.163.com
fs.mail.163.com
mail.163.com
mimg.127.net
smartflow.mail.163.com
urswebzj.nosdn.127.net
utility.mail.163.com
smartflow.mail.163.com
utility.mail.163.com
103.129.252.87
103.129.252.89
163.181.82.231
220.181.15.159
240e:83:201:4:220:181:12:191
02b9eeffd9dec9b4a98ce08794abc195352c0927e1f046bc54981cbb9930edc3
0d5aa0eaf8e93237400a4bfda992b5e0002e3f8e4f3c06ac53022ae323bbc12d
1db4f13a62d8460daffc915dfaf709140d778dc78a6453162a37f09558079289
2047a2fc53873dfb52d98d0033eaed45538666dee028d1b5c3564cc2ea62e204
33636ecdd814c51ce9460ad98a75d30e4b548c98e347d168eae3b220c37d4446
38f9f561f70487d5b6a701758924bec83934f7db588fea654ab092e84b1af4d0
451d8cd9435b8878931b54c21ebf0cbf88a5acdd09deb030eb1a40a6ca3f3508
4844090d930345c7e27c327f121de565c64e415599bc039b06e9fb663bbd68d3
54f82bf004124e54cc6ebbe69a10d1cf886acd3f9955a330eb4602b8684c1499
65c1741c45979b06d286d2b9e0ad5eb946ce024cd40ac188c3e08dac813ee45b
73a5fb11b1929f9317f4f31229038158da732fc4ee1d2d4a2df5862186d4086a
828f693a02b697c48bc21db143f106e8735473f1d0d5eeef5022e0d9e90e8f1b
83786d6ca95e7099b09dda2f11b25e7ac860caf70ec87fd35f520fbb58d8a296
8b6d98b0cf87dc28a33bbd54f6e64114b0b8417e654b82111fd0579e7efdbdbf
9ce4fde9e8f7a660e39b4d9314353d0947a6cefa19e29ad28c84485edecfb562
b47e37a20b65647b55532c60e2a2aab37c4033833b514bccadc18df663677036
b7648fe6d80bdaa00a53f27f7ecc61eef7682d019315c5385e28fcc44b7a01d5
bf2d40ad25dfe968415c59d6ea345f7cdf292bd083e7cf655d15a5c5e1fdb4cb
c87d5b40af11bc48c90ab729e8763b60cdcce3ea66ae0c48c775d1c3b03b729b
e191110b3425990c70d8871586f66bc7ccaa451f1599c312df570c63650d43d0
edfaf97427e02a5b51d4c33ffef63462d0e43272f490473f1f550e93b194beb6
ee1c94e8aa1beb5bb0cfb78de1f7fdfad8b991a0778753ec786b888aaf5017a7