Submitted URL: https://pub-vlxx.vpn.micah-t.xyz/
Effective URL: https://mail.gov.cn/nsmail/index.php
Submission: On August 30 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 1 IPs in 2 countries across 2 domains to perform 10 HTTP transactions. The main IP is 202.123.110.27, located in China and belongs to XINHUANET CNNIC member, CN. The main domain is mail.gov.cn.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on February 14th 2023. Valid for: a year.
This is the only time mail.gov.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
10 202.123.110.27 4611 (XINHUANET...)
10 1
Apex Domain
Subdomains
Transfer
10 mail.gov.cn
mail.gov.cn
436 KB
1 micah-t.xyz
pub-vlxx.vpn.micah-t.xyz
494 B
10 2
Domain Requested by
10 mail.gov.cn mail.gov.cn
1 pub-vlxx.vpn.micah-t.xyz 1 redirects
10 2

This site contains links to these domains. Also see Links.

Domain
www.gov.cn
app.www.gov.cn
Subject Issuer Validity Valid
mail.gov.cn
GlobalSign RSA OV SSL CA 2018
2023-02-14 -
2024-03-17
a year crt.sh

This page contains 1 frames:

Primary Page: https://mail.gov.cn/nsmail/index.php
Frame ID: EB6EE796C799B250BFD516C1B72C23BB
Requests: 10 HTTP requests in this frame

Screenshot

Page Title

邮箱登录RoundCube Mail

Page URL History Show full URLs

  1. https://pub-vlxx.vpn.micah-t.xyz/ HTTP 301
    https://mail.gov.cn/nsmail/index.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <title>RoundCube

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

10
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

1
IPs

2
Countries

436 kB
Transfer

609 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pub-vlxx.vpn.micah-t.xyz/ HTTP 301
    https://mail.gov.cn/nsmail/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
mail.gov.cn/nsmail/
Redirect Chain
  • https://pub-vlxx.vpn.micah-t.xyz/
  • https://mail.gov.cn/nsmail/index.php
6 KB
3 KB
Document
General
Full URL
https://mail.gov.cn/nsmail/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.123.110.27 , China, ASN4611 (XINHUANET CNNIC member, CN),
Reverse DNS
Software
Apache /
Resource Hash
0dd2af3208cd33ec06e7bca50ae3e1cbf71f1fef8bb9997f955bce16c31f28d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 30 Aug 2023 08:21:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding,User-Agent
X-Frame-Options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7febb1f66b4f1e51-FRA
content-type
text/html
date
Wed, 30 Aug 2023 08:34:32 GMT
location
https://mail.gov.cn/nsmail/index.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o79HjxIojgI6%2FpDqD4tDlfZlycRFTXIeAq4aY1fzh0uP%2FtTj0TkA5BY5jAvCXu%2BaV31Ca30NK2dnu83oWO9FkwyEiVe2Pt8e7q%2FDn5riAuYEt7za8a%2B6bH%2BdbnnlBfgl5ceILSQWXROdiruwj69GS4zY1M8mxjE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
login.css
mail.gov.cn/nsmail/skins/login/default/CSS/
3 KB
2 KB
Stylesheet
General
Full URL
https://mail.gov.cn/nsmail/skins/login/default/CSS/login.css?s=1591174103
Requested by
Host: mail.gov.cn
URL: https://mail.gov.cn/nsmail/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.123.110.27 , China, ASN4611 (XINHUANET CNNIC member, CN),
Reverse DNS
Software
Apache /
Resource Hash
a891c6eb0072fbed60695af69872299650e1f5954f211e6b75cb2a1e4c186c85
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.gov.cn/nsmail/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Jun 2020 08:48:23 GMT
Server
Apache
ETag
"1158ef-c2b-5a72a172f63c0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1250
base-all.js
mail.gov.cn/nsmail/program/js/
245 KB
78 KB
Script
General
Full URL
https://mail.gov.cn/nsmail/program/js/base-all.js?s=1587160903
Requested by
Host: mail.gov.cn
URL: https://mail.gov.cn/nsmail/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.123.110.27 , China, ASN4611 (XINHUANET CNNIC member, CN),
Reverse DNS
Software
Apache /
Resource Hash
cc995ec3bc9d2043f55a1e6e8addae8b67547df6ee5eb9a71be3e0f7f0fe5db3
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.gov.cn/nsmail/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Apr 2020 22:01:43 GMT
Server
Apache
ETag
"3712f7-3d209-5a383b1d31fc0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Transfer-Encoding
chunked
Connection
close
Accept-Ranges
bytes
isolation_admin.js
mail.gov.cn/nsmail/plugins/isolation_admin/
4 KB
1 KB
Script
General
Full URL
https://mail.gov.cn/nsmail/plugins/isolation_admin/isolation_admin.js?s=1419416043
Requested by
Host: mail.gov.cn
URL: https://mail.gov.cn/nsmail/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.123.110.27 , China, ASN4611 (XINHUANET CNNIC member, CN),
Reverse DNS
Software
Apache /
Resource Hash
65f5402cbac759004269934950c4dba652fc30097ec079dee5692cd25d2092df
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.gov.cn/nsmail/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 08:21:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Dec 2014 10:14:03 GMT
Server
Apache
ETag
"45084-1044-50af38d0810c0"
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding,User-Agent
Content-Type
text/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
904
icon_1234.png
mail.gov.cn/nsmail/skins/login/default/images/
8 KB
9 KB
Image
General
Full URL
https://mail.gov.cn/nsmail/skins/login/default/images/icon_1234.png
Requested by
Host: mail.gov.cn
URL: https://mail.gov.cn/nsmail/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.123.110.27 , China, ASN4611 (XINHUANET CNNIC member, CN),
Reverse DNS
Software
Apache /
Resource Hash
b4861b2d77c800ed84b9964f4f9d3ad4bdc5cacc9388264f4d5a7946bf2ef1a1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.gov.cn/nsmail/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 08:21:14 GMT
Last-Modified
Wed, 03 Jun 2020 08:45:18 GMT
Server
Apache
ETag
"cd9b3-21fd-5a72a0c288380"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
8701
icon_1334.jpg
mail.gov.cn/nsmail/skins/login/default/images/
300 KB
300 KB
Image
General
Full URL
https://mail.gov.cn/nsmail/skins/login/default/images/icon_1334.jpg
Requested by
Host: mail.gov.cn
URL: https://mail.gov.cn/nsmail/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.123.110.27 , China, ASN4611 (XINHUANET CNNIC member, CN),
Reverse DNS
Software
Apache /
Resource Hash
b86c201b6b418b84887bc358a26b8aa212adf12ef2455698c938ce2d5a5c6517
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.gov.cn/nsmail/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 08:21:14 GMT
Last-Modified
Fri, 31 Mar 2023 03:32:23 GMT
Server
Apache
ETag
"cd9b9-4af8d-5f829db794910"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
307085
icon_1434.png
mail.gov.cn/nsmail/skins/login/default/images/
3 KB
3 KB
Image
General
Full URL
https://mail.gov.cn/nsmail/skins/login/default/images/icon_1434.png
Requested by
Host: mail.gov.cn
URL: https://mail.gov.cn/nsmail/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.123.110.27 , China, ASN4611 (XINHUANET CNNIC member, CN),
Reverse DNS
Software
Apache /
Resource Hash
c9c394435fb514716cc054c5baa39e45873aa75071220a6c63b33d1ad9b2ae61
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.gov.cn/nsmail/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 08:21:14 GMT
Last-Modified
Wed, 03 Jun 2020 08:45:20 GMT
Server
Apache
ETag
"cd9b5-cd7-5a72a0c470800"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
3287
icon_1534.png
mail.gov.cn/nsmail/skins/login/default/images/
2 KB
2 KB
Image
General
Full URL
https://mail.gov.cn/nsmail/skins/login/default/images/icon_1534.png
Requested by
Host: mail.gov.cn
URL: https://mail.gov.cn/nsmail/index.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.123.110.27 , China, ASN4611 (XINHUANET CNNIC member, CN),
Reverse DNS
Software
Apache /
Resource Hash
e91ee2858cda37dbb0a0a8763ade8cb90879d1b43f8f4b3f80124669113e27ce
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.gov.cn/nsmail/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 08:21:14 GMT
Last-Modified
Wed, 03 Jun 2020 08:45:21 GMT
Server
Apache
ETag
"cd9b6-779-5a72a0c564a40"
X-Frame-Options
SAMEORIGIN
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
1913
logo_wz.jpg
mail.gov.cn/nsmail/skins/login/default/images/
16 KB
16 KB
Image
General
Full URL
https://mail.gov.cn/nsmail/skins/login/default/images/logo_wz.jpg
Requested by
Host: mail.gov.cn
URL: https://mail.gov.cn/nsmail/skins/login/default/CSS/login.css?s=1591174103
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.123.110.27 , China, ASN4611 (XINHUANET CNNIC member, CN),
Reverse DNS
Software
Apache /
Resource Hash
b7496f7b1405eb0b486fb4fc884cc2435e1c4ebaefc68411a53d89190db7171f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.gov.cn/nsmail/skins/login/default/CSS/login.css?s=1591174103
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 08:21:14 GMT
Last-Modified
Tue, 23 Feb 2021 09:49:10 GMT
Server
Apache
ETag
"150723-4053-5bbfdd4829180"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
16467
content_bg.jpg
mail.gov.cn/nsmail/skins/login/default/images/
22 KB
22 KB
Image
General
Full URL
https://mail.gov.cn/nsmail/skins/login/default/images/content_bg.jpg
Requested by
Host: mail.gov.cn
URL: https://mail.gov.cn/nsmail/skins/login/default/CSS/login.css?s=1591174103
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.123.110.27 , China, ASN4611 (XINHUANET CNNIC member, CN),
Reverse DNS
Software
Apache /
Resource Hash
faef8b4f58c67730ff839a3364af8e4bcb9ab7456d8894e021d06fd544928d85
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mail.gov.cn/nsmail/skins/login/default/CSS/login.css?s=1591174103
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 30 Aug 2023 08:21:15 GMT
Last-Modified
Mon, 18 Apr 2016 08:06:02 GMT
Server
Apache
ETag
"e91af-58e1-530bdd4e0ae80"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
22753

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| CONTROL_KEY number| SHIFT_KEY number| CONTROL_SHIFT_KEY function| roundcube_browser object| rcube_event function| rcube_event_engine function| rcube_layer function| rcube_check_email function| find_in_array function| urlencode function| rcube_find_object function| rcube_mouse_is_over function| setCookie function| getCookie function| rcube_console object| bw function| rcube_webmail function| rcube_notice function| ibc_password_audit function| onkeyup_action function| cancel_signature function| rcube_init_settings_tabs function| rcube_show_advanced function| rcmail_show_header_form function| rcmail_hide_header_form function| rcmail_next_sibling function| rcmail_prev_sibling function| rcube_mail_ui undefined| rcmail_ui function| rcube_init_mail_ui function| spam function| deepsearch function| remotedel function| $ function| jQuery object| rcmail function| changetr

1 Cookies

Domain/Path Name / Value
mail.gov.cn/ Name: roundcube_sessid
Value: ttcb3e7lqa5531fkvqfc8n1uj4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN