mail.189.cn Open in urlscan Pro
240e:980:9a20:17c5:d41b:ec29:d88a:9da3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.mail.189.cn/rcyyzhw
Effective URL:
https://mail.189.cn/webmail/189client/189_wapdl/index.html
Submission: On November 20 via manual (November 20th 2024, 9:31:39 am UTC) from IN — Scanned from US

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 20 HTTP transactions. The main IP is 240e:980:9a20:17c5:d41b:ec29:d88a:9da3, located in China and belongs to CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN. The main domain is mail.189.cn.
TLS certificate: Issued by WoTrus OV Server CA [Run by the Issuer] on May 20th 2024. Valid for: a year.

This is the only time mail.189.cn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	183.56.201.62 183.56.201.62	135089 (CHINANET-...) (CHINANET-GUANGZHOU-SOUTHBASE-IDC China Telecom)
1	240e:980:9a20... 240e:980:9a20:17c5:7715:91c3:d00b:6c21	58466 (CT-GUANGZ...) (CT-GUANGZHOU-IDC CHINANET Guangdong province network)
1	240e:980:9a20... 240e:980:9a20:17c5:d41b:ec29:d88a:9da3	58466 (CT-GUANGZ...) (CT-GUANGZHOU-IDC CHINANET Guangdong province network)
20	3

1 183.56.201.62 (Guangzhou, China) 1 redirects

ASN135089 (CHINANET-GUANGZHOU-SOUTHBASE-IDC China Telecom, CN)

t.mail.189.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:980:9a20:17c5:7715:91c3:d00b:6c21 (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)

api.mail.189.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 240e:980:9a20:17c5:d41b:ec29:d88a:9da3 (China)

ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN)

mail.189.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	189.cn 1 redirects t.mail.189.cn api.mail.189.cn webmail30.189.cn Failed mail.189.cn	7 KB
0	Failed function sub() { [native code] }. Failed
20	2

	Domain	Requested by
1	mail.189.cn	api.mail.189.cn mail.189.cn
1	api.mail.189.cn
1	t.mail.189.cn	1 redirects
0	webmail30.189.cn Failed
0	openfolder Failed	api.mail.189.cn
20	5

This site contains no links.

Subject Issuer	Validity	Valid
*.189.cn WoTrus OV Server CA [Run by the Issuer]	`2024-05-20` - `2025-05-20`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://mail.189.cn/webmail/189client/189_wapdl/index.html
Frame ID: 8BD8883C1F3F7868D57ED5B37F49BDA3
Requests: 19 HTTP requests in this frame

Frame: mail189://openFolder?account=&folder=inbox&refresh=1&startChannel=
Frame ID: 249B2D5CCFB11CD29A70D46BB6BB0CF8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

189邮箱手机客户端下载

Page URL History Show full URLs

http://t.mail.189.cn/rcyyzhw HTTP 307
https://t.mail.189.cn/rcyyzhw HTTP 302
http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 HTTP 307
https://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 HTTP 307
http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 Page URL
http://mail.189.cn/webmail/189client/189_wapdl/index.html HTTP 307
https://mail.189.cn/webmail/189client/189_wapdl/index.html Page URL

Page Statistics

20
Requests

5 %
HTTPS

67 %
IPv6

2
Domains

5
Subdomains

3
IPs

1
Countries

7 kB
Transfer

20 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.mail.189.cn/rcyyzhw HTTP 307
https://t.mail.189.cn/rcyyzhw HTTP 302
http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 HTTP 307
https://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 HTTP 307
http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 Page URL
http://mail.189.cn/webmail/189client/189_wapdl/index.html HTTP 307
https://mail.189.cn/webmail/189client/189_wapdl/index.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://t.mail.189.cn/rcyyzhw HTTP 307
https://t.mail.189.cn/rcyyzhw HTTP 302
http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 HTTP 307
https://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 HTTP 307
http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8

Request Chain 2

http://api.mail.189.cn:8081/favicon.ico HTTP 302
https://webmail30.189.cn/w2/template/404.html

20 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	startClient.do Show response api.mail.189.cn/mailApi/api/ Redirect Chain http://t.mail.189.cn/rcyyzhw https://t.mail.189.cn/rcyyzhw http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 https://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8	8 KB 3 KB	650ms 284ms	Document text/html	240e:980:9a20:17c5:7715:91c3:d00b:6c21 CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Full URL http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 Protocol HTTP/1.1 Server 240e:980:9a20:17c5:7715:91c3:d00b:6c21 , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software nginx / Resource Hash `139eab2f808e2266e2a013519bb6294a993b8ba5fa096315c2427f0043ce5910` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Cache-Control private Connection keep-alive Content-Encoding gzip Content-Language en-US Content-Type text/html; charset=utf-8 Date Wed, 20 Nov 2024 09:31:34 GMT Server nginx Transfer-Encoding chunked Redirect headers Location http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 Non-Authoritative-Reason HttpsUpgrades
GET		mail189://openFolder?account=&folder=inbox&refresh=1&startChannel= mail189://openFolder?account=&folder=inbox&refresh=1&startChannel= Frame 249B	0 0

GET		404.html webmail30.189.cn/w2/template/ Redirect Chain http://api.mail.189.cn:8081/favicon.ico https://webmail30.189.cn/w2/template/404.html	0 0

GET H/1.1	200 OK	Primary Request index.html Show response mail.189.cn/webmail/189client/189_wapdl/ Redirect Chain http://mail.189.cn/webmail/189client/189_wapdl/index.html https://mail.189.cn/webmail/189client/189_wapdl/index.html	12 KB 4 KB	1213ms 274ms	Document text/html	240e:980:9a20:17c5:d41b:ec29:d88a:9da3 CT-GUANGZHOU-IDC ...
General Check archive.org Show headers Download Go to Full URL https://mail.189.cn/webmail/189client/189_wapdl/index.html Requested by Host: api.mail.189.cn URL: http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 240e:980:9a20:17c5:d41b:ec29:d88a:9da3 , China, ASN58466 (CT-GUANGZHOU-IDC CHINANET Guangdong province network, CN), Reverse DNS Software nginx / Resource Hash `640b4325a8f5b9874d2985e604fce09aabe38bf4db4cdcc0dbbe3a0ee0aed9db` Request headers Referer http://api.mail.189.cn:8081/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers Cache-Control max-age=86400 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Wed, 20 Nov 2024 09:31:38 GMT ETag W/"6163f60c-3047" Expires Thu, 21 Nov 2024 09:31:38 GMT Last-Modified Mon, 11 Oct 2021 08:30:04 GMT Server nginx Transfer-Encoding chunked Redirect headers Location https://mail.189.cn/webmail/189client/189_wapdl/index.html Non-Authoritative-Reason HttpsUpgrades
GET		animator.min.css mail.189.cn/webmail/189client/189_wapdl/css/	0 0

GET		1_2.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		1_3.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		arrow.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		2_1.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		2_2.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		3_1.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		3_2.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		3_3.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		4_1.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		4_2.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		4_3.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		5_1.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		5_2.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		5_3.png mail.189.cn/webmail/189client/189_wapdl/img/	0 0

GET		jquery.js mail.189.cn/webmail/189client/189_wapdl/js/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: openfolder
URL: mail189://openFolder?account=&folder=inbox&refresh=1&startChannel=

Domain: webmail30.189.cn
URL: https://webmail30.189.cn/w2/template/404.html

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/css/animator.min.css

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/1_2.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/1_3.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/arrow.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/2_1.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/2_2.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/3_1.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/3_2.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/3_3.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/4_1.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/4_2.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/4_3.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/5_1.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/5_2.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/img/5_3.png

Domain: mail.189.cn
URL: https://mail.189.cn/webmail/189client/189_wapdl/js/jquery.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			api.mail.189.cn/	1969-12-31 23:59:59	Name: JSESSIONID Value: aaaKDnh6y6cPr545Ybhmz

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: http://api.mail.189.cn:8081/mailApi/api/startClient.do?w=2&f=inbox&r=1&sign=8 Message: Not allowed to launch 'mail189://openFolder?account=&folder=inbox&refresh=1&startChannel=' because a user gesture is required.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mail.189.cn
mail.189.cn
openfolder
t.mail.189.cn
webmail30.189.cn
mail.189.cn
openfolder
webmail30.189.cn
183.56.201.62
240e:980:9a20:17c5:7715:91c3:d00b:6c21
240e:980:9a20:17c5:d41b:ec29:d88a:9da3
139eab2f808e2266e2a013519bb6294a993b8ba5fa096315c2427f0043ce5910
640b4325a8f5b9874d2985e604fce09aabe38bf4db4cdcc0dbbe3a0ee0aed9db

mail.189.cn Open in urlscan Pro 240e:980:9a20:17c5:d41b:ec29:d88a:9da3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

20 Requests

5 %HTTPS

67 %IPv6

2 Domains

5 Subdomains

3 IPs

1 Countries

7 kBTransfer

20 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

1 Console Messages

Indicators

mail.189.cn Open in urlscan Pro
240e:980:9a20:17c5:d41b:ec29:d88a:9da3 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

5 %
HTTPS

67 %
IPv6

2
Domains

5
Subdomains

3
IPs

1
Countries

7 kB
Transfer

20 kB
Size

1
Cookies

20 HTTP transactions
0 data transactions