urlscan.io logo urlscan.io
SecurityTrails logo

www.newsmth.net Open in urlscan Pro
120.92.51.118  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mainwww.newsmth.net/
Effective URL: https://www.newsmth.net/
Submission Tags: falconsandbox
Submission: On March 09 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 6 domains to perform 22 HTTP transactions. The main IP is 120.92.51.118, located in China and belongs to BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN. The main domain is www.newsmth.net.
TLS certificate: Issued by R3 on January 22nd 2021. Valid for: 3 months.
This is the only time www.newsmth.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 120.92.209.69 23724 (CHINANET-...)
3 120.92.51.118 59019 (BJKSCNET ...)
2 103.235.46.191 55967 (BAIDU Bei...)
1 203.205.235.65 132203 (TENCENT-N...)
3 150.109.206.166 132203 (TENCENT-N...)
1 240e:ff:f100:... 4816 (CHINANET-...)
1 203.205.137.184 132203 (TENCENT-N...)
2 203.205.235.61 132203 (TENCENT-N...)
22 9
10    120.92.209.69 (China)

ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN)
mainwww.newsmth.net
static.mysmth.net
3    120.92.51.118 (China)

ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN)
www.newsmth.net
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    203.205.235.65 (China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
ssl.captcha.qq.com
3    150.109.206.166 (Tokyo, Japan)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
captcha.gtimg.com
1    240e:ff:f100:8019::44 (China)

ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN)
t.captcha.qq.com
1    203.205.137.184 (Shenzhen, China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
cdn-go.cn
2    203.205.235.61 (China)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
aegis.qq.com
Domain Requested by
9 static.mysmth.net www.newsmth.net
3 captcha.gtimg.com ssl.captcha.qq.com
t.captcha.qq.com
3 www.newsmth.net static.mysmth.net
2 aegis.qq.com cdn-go.cn
2 hm.baidu.com static.mysmth.net
www.newsmth.net
1 cdn-go.cn t.captcha.qq.com
1 t.captcha.qq.com captcha.gtimg.com
1 ssl.captcha.qq.com static.mysmth.net
1 mainwww.newsmth.net 1 redirects
22 9

This site contains links to these domains. Also see Links.

Domain
www.beian.miit.gov.cn
www.beian.gov.cn
www.hd315.gov.cn
gaj.bjhd.gov.cn
Subject Issuer Validity Valid
newsmth.net
R3		 2021-01-22 -
2021-04-22		 3 months crt.sh
*.mysmth.net
R3		 2021-02-19 -
2021-05-20		 3 months crt.sh
baidu.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-20 -
2021-07-26		 9 months crt.sh
*.captcha.qq.com
DigiCert Secure Site CN CA G3		 2020-11-12 -
2021-12-10		 a year crt.sh
coral.qq.com
Secure Site CA G2		 2020-08-31 -
2021-09-29		 a year crt.sh
*.oct03.sparta.3g.qq.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-10-19 -
2021-11-20		 a year crt.sh
weixin.qq.com
Secure Site CA G2		 2020-09-25 -
2021-09-30		 a year crt.sh
aegis.qq.com
Secure Site CA G2		 2020-03-02 -
2021-05-01		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.newsmth.net/
Frame ID: 2C723734F2393C0BA6033B270387F141
Requests: 15 HTTP requests in this frame

Frame: https://www.newsmth.net/fancy/pvpre.php
Frame ID: 28CD77628DB40A26A02DB3F96379ED64
Requests: 1 HTTP requests in this frame

Frame: https://t.captcha.qq.com/template/drag_ele.html?t=1615251414133
Frame ID: 37EA6D7D00CD205D0ECBB0B2954AB46A
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mainwww.newsmth.net/ HTTP 301
    https://www.newsmth.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

22
Requests

100 %
HTTPS

13 %
IPv6

6
Domains

9
Subdomains

9
IPs

3
Countries

635 kB
Transfer

1268 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mainwww.newsmth.net/ HTTP 301
    https://www.newsmth.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.newsmth.net/
Redirect Chain
  • http://mainwww.newsmth.net/
  • https://www.newsmth.net/
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsmth.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.51.118 , China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
5c10212a99995f6eb872fd79c887cf25dccff3759337a41f463d7979067abd1b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.newsmth.net
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.17.6
date
Tue, 09 Mar 2021 00:56:49 GMT
content-type
text/html;charset=GBK
set-cookie
main[UTMPUSERID]=guest; path=/; domain=.newsmth.net main[UTMPKEY]=66770287; path=/; domain=.newsmth.net main[UTMPNUM]=54036; path=/; domain=.newsmth.net
last-modified
Tue, 09 Mar 2021 00:56:49 GMT
expires
Tue, 09 Mar 2021 01:01:49 GMT
cache-control
max-age=300
content-encoding
gzip
x-frame-options
SAMEORIGIN

Redirect headers

Server
nginx/1.17.6
Date
Tue, 09 Mar 2021 00:56:48 GMT
Content-Type
text/html
Content-Length
169
Connection
keep-alive
Location
https://www.newsmth.net/
X-Frame-Options
SAMEORIGIN
pack_a839d42e7a.css
static.mysmth.net/nForum/css/ 		58 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.mysmth.net/nForum/css/pack_a839d42e7a.css
Requested by
Host: www.newsmth.net
URL: https://www.newsmth.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.209.69 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
48a54d481211d7548a3e8a9dd227a8e6c7181784d4d43e29d8de71efb951edae

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:56:50 GMT
content-encoding
gzip
last-modified
Sun, 14 Feb 2021 01:43:40 GMT
server
nginx/1.17.6
etag
W/"6028804c-e862"
x-cache-status
HIT
content-type
text/css
cache-control
max-age=3600
expires
Tue, 09 Mar 2021 01:55:52 GMT
logo_footer.gif
static.mysmth.net/nForum/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mysmth.net/nForum/img/logo_footer.gif
Requested by
Host: www.newsmth.net
URL: https://www.newsmth.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.209.69 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
78422fde0c383f1f8e6478c5f92a31d84e233bf4e69d1da3f9730f54f9e1a303

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:56:50 GMT
last-modified
Sun, 08 Jan 2012 09:14:08 GMT
server
nginx/1.17.6
etag
"4f095e60-7f2"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=3600
accept-ranges
bytes
content-length
2034
expires
Tue, 09 Mar 2021 01:35:56 GMT
beian.png
static.mysmth.net/nForum/img/legal/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mysmth.net/nForum/img/legal/beian.png
Requested by
Host: www.newsmth.net
URL: https://www.newsmth.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.209.69 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:56:50 GMT
last-modified
Mon, 14 Mar 2016 02:49:41 GMT
server
nginx/1.17.6
etag
"56e626c5-4b38"
x-cache-status
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
19256
expires
Tue, 09 Mar 2021 01:08:27 GMT
hd315.gif
static.mysmth.net/nForum/img/legal/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mysmth.net/nForum/img/legal/hd315.gif
Requested by
Host: www.newsmth.net
URL: https://www.newsmth.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.209.69 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
f909b8469bce3dc96f98fb5d4049759b0a03d4ac8780be023a69d4f641c3e593

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:56:51 GMT
last-modified
Sat, 16 Jul 2011 22:19:12 GMT
server
nginx/1.17.6
etag
"4e220e60-50a"
x-cache-status
HIT
content-type
image/gif
cache-control
max-age=3600
accept-ranges
bytes
content-length
1290
expires
Tue, 09 Mar 2021 01:08:27 GMT
hdfj.jpg
static.mysmth.net/nForum/img/legal/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mysmth.net/nForum/img/legal/hdfj.jpg
Requested by
Host: www.newsmth.net
URL: https://www.newsmth.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.209.69 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
3019540eb6d5eb775fc4272a34a4a39a1cd3785e9e067740182c6a3099b1c713

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:56:51 GMT
last-modified
Sat, 16 Jul 2011 22:19:30 GMT
server
nginx/1.17.6
etag
"4e220e72-31e3"
x-cache-status
HIT
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
content-length
12771
expires
Tue, 09 Mar 2021 01:06:39 GMT
pack_6fd062e654.js
static.mysmth.net/nForum/js/ 		440 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mysmth.net/nForum/js/pack_6fd062e654.js
Requested by
Host: www.newsmth.net
URL: https://www.newsmth.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.209.69 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
812318087d6401013ee565c4348d8b359d2fe3e13d23a318537e3f6e63408a01

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:56:50 GMT
content-encoding
gzip
last-modified
Sun, 14 Feb 2021 01:43:40 GMT
server
nginx/1.17.6
etag
W/"6028804c-6e106"
x-cache-status
HIT
content-type
application/x-javascript
cache-control
max-age=3600
expires
Tue, 09 Mar 2021 00:57:49 GMT
shCore.js
static.mysmth.net/nForum/syntaxhighlighter/scripts/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mysmth.net/nForum/syntaxhighlighter/scripts/shCore.js
Requested by
Host: www.newsmth.net
URL: https://www.newsmth.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.209.69 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
69dc67988fed607ce540a16ba4e87334ee8c421818c8241d5a041f42fa1695df

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:56:50 GMT
content-encoding
gzip
last-modified
Wed, 04 Apr 2012 12:01:36 GMT
server
nginx/1.17.6
etag
W/"4f7c3820-4f98"
x-cache-status
HIT
content-type
application/x-javascript
cache-control
max-age=3600
expires
Tue, 09 Mar 2021 01:55:04 GMT
shAutoloader.js
static.mysmth.net/nForum/syntaxhighlighter/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.mysmth.net/nForum/syntaxhighlighter/scripts/shAutoloader.js
Requested by
Host: www.newsmth.net
URL: https://www.newsmth.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.209.69 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
b2516b7e2d0ea702df3f8ebb8106b330feab03edf1f8eac26bcbf0b3859d3f2f

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:56:50 GMT
content-encoding
gzip
last-modified
Wed, 04 Apr 2012 12:01:39 GMT
server
nginx/1.17.6
etag
W/"4f7c3823-90b"
x-cache-status
HIT
content-type
application/x-javascript
cache-control
max-age=3600
expires
Tue, 09 Mar 2021 01:55:04 GMT
hm.js
hm.baidu.com/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?bbac0322e6ee13093f98d5c4b5a10912
Requested by
Host: static.mysmth.net
URL: https://static.mysmth.net/nForum/js/pack_6fd062e654.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
559151290adffa5161d861a94d47465419ef31edee12dfe3aa55517970f91eea
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Mar 2021 00:56:52 GMT
Content-Encoding
gzip
Server
apache
Etag
090edec1c19df54c84570e50fc5a2acb
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
14040
TCaptcha.js
ssl.captcha.qq.com/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.captcha.qq.com/TCaptcha.js
Requested by
Host: static.mysmth.net
URL: https://static.mysmth.net/nForum/js/pack_6fd062e654.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.235.65 , China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
tencent http server /
Resource Hash
db06064c2824478525e5888885225d6dc218119ba5111306f4cd2c37d8904a9c

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 09 Mar 2021 00:56:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 01 Mar 2021 10:48:09 GMT
Server
tencent http server
Vary
Accept-Encoding
P3P
CP=CAO PSA OUR
Cache-Control
max-age=600
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/x-javascript
ajax_session.json
www.newsmth.net/nForum/user/ 		748 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.newsmth.net/nForum/user/ajax_session.json
Requested by
Host: static.mysmth.net
URL: https://static.mysmth.net/nForum/js/pack_6fd062e654.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.51.118 , China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
3a25f8ce69ce6c165cda1a3deedb822a17a0a3cb6b789034a9e17d08264a2c93
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Referer
https://www.newsmth.net/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Mar 2021 00:56:51 GMT
content-encoding
gzip
server
nginx/1.17.6
x-frame-options
SAMEORIGIN
content-type
application/json;charset=GBK
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 18 Feb 1988 01:00:00 GMT
pvpre.php
www.newsmth.net/fancy/ Frame 28CD 		0
204 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.newsmth.net/fancy/pvpre.php
Requested by
Host: static.mysmth.net
URL: https://static.mysmth.net/nForum/js/pack_6fd062e654.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.51.118 , China, ASN59019 (BJKSCNET Beijing Kingsoft Cloud Internet Technology Co., Ltd, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.newsmth.net
:scheme
https
:path
/fancy/pvpre.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.newsmth.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
main[UTMPUSERID]=guest; main[UTMPKEY]=66770287; main[UTMPNUM]=54036
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newsmth.net/

Response headers

server
nginx/1.17.6
date
Tue, 09 Mar 2021 00:56:51 GMT
content-type
text/html
expires
Tue, 18 Nov 1988 09:00:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
content-encoding
gzip
x-frame-options
SAMEORIGIN
2021-02-18-15-23-51.png
static.mysmth.net/nForum/files/adv/ 		286 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mysmth.net/nForum/files/adv/2021-02-18-15-23-51.png
Requested by
Host: www.newsmth.net
URL: https://www.newsmth.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
120.92.209.69 , China, ASN23724 (CHINANET-IDC-BJ-AP IDC, China Telecommunications Corporation, CN),
Reverse DNS
Software
nginx/1.17.6 /
Resource Hash
9fd60d5a3e5d5d72014bfdf7308e0479c5bfee61998ed41a3bcb026754becdf4

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:56:51 GMT
last-modified
Thu, 18 Feb 2021 07:23:51 GMT
server
nginx/1.17.6
etag
"602e1607-478b1"
x-cache-status
HIT
content-type
image/png
cache-control
max-age=3600
accept-ranges
bytes
content-length
293041
expires
Tue, 09 Mar 2021 01:04:59 GMT
tcaptcha-frame.649719fe.js
captcha.gtimg.com/1/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/tcaptcha-frame.649719fe.js
Requested by
Host: ssl.captcha.qq.com
URL: https://ssl.captcha.qq.com/TCaptcha.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.166 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
85b9e087d69ac8c60cb8b47eb20bc02050b641778c2fe1f60e06c196bec82048

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Mar 2021 00:56:53 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 04 Mar 2021 06:52:19 GMT
server
NWS_UGC_HY
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
51f5ba6d-ccaf-4d9b-95e0-9e426edd17a7
content-type
application/javascript
content-length
28855
expires
Tue, 09 Mar 2021 01:26:53 GMT
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?kb=0&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=98352134&si=bbac0322e6ee13093f98d5c4b5a10912&su=https%3A%2F%2Fwww.newsmth.net%2F&v=1.2.80&lv=1&api=6_0&sn=10269&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.newsmth.net%2FnForum%2Findex&tt=%E6%B0%B4%E6%9C%A8%E7%A4%BE%E5%8C%BA-%E6%BA%90%E4%BA%8E%E6%B8%85%E5%8D%8E%E7%9A%84%E9%AB%98%E7%9F%A5%E7%A4%BE%E7%BE%A4
Requested by
Host: www.newsmth.net
URL: https://www.newsmth.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.newsmth.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 09 Mar 2021 00:56:53 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
drag_ele.html
t.captcha.qq.com/template/ Frame 37EA 		24 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.captcha.qq.com/template/drag_ele.html?t=1615251414133
Requested by
Host: captcha.gtimg.com
URL: https://captcha.gtimg.com/1/tcaptcha-frame.649719fe.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
240e:ff:f100:8019::44 , China, ASN4816 (CHINANET-IDC-GD China Telecom (Group), CN),
Reverse DNS
Software
nginx /
Resource Hash
92fb7633236b4d227ae0b1fab7734747ece46a4825846ff55d3d9f507200bd36

Request headers

Host
t.captcha.qq.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.newsmth.net/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.newsmth.net/

Response headers

Server
nginx
Date
Tue, 09 Mar 2021 00:56:55 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
No-cache
P3P
CP=CAO PSA OUR
Content-Encoding
gzip
aegis.min.js
cdn-go.cn/aegis/aegis-sdk/latest/ Frame 37EA 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1615251414133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.137.184 Shenzhen, China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
X2S_Platform /
Resource Hash
84141f58b8728198052ae27f790a4fb8277f061ba1051da107c27daafae99124

Request headers

Origin
https://t.captcha.qq.com
Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 09 Mar 2021 00:56:56 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 04 Mar 2021 16:06:17 GMT
server
X2S_Platform
vary
Origin
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=666
server_ip
203.205.137.184
x-nws-log-uuid
9041c6b0-df10-4abd-ac65-11e51dbf9370
timing-allow-origin
*
content-length
12871
is-immutable-in-the-future
false
expires
Tue, 09 Mar 2021 01:08:01 GMT
jquery-1.12.4.min.js
captcha.gtimg.com/1/ Frame 37EA 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/jquery-1.12.4.min.js
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1615251414133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.166 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Origin
https://t.captcha.qq.com
Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Mar 2021 00:56:56 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Fri, 22 Jan 2021 02:50:26 GMT
server
NWS_UGC_HY
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
fcf126b3-051d-48c1-a43e-7daaa1f6b5c1
content-type
application/javascript
content-length
33781
expires
Tue, 09 Mar 2021 01:26:55 GMT
drag-ele.0baaae63.js
captcha.gtimg.com/1/ Frame 37EA 		110 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.gtimg.com/1/drag-ele.0baaae63.js
Requested by
Host: t.captcha.qq.com
URL: https://t.captcha.qq.com/template/drag_ele.html?t=1615251414133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
150.109.206.166 Tokyo, Japan, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
NWS_UGC_HY /
Resource Hash
3cf0b7afd365706a58d8e8e236836b7b4ce760b0471451b1d05958e8e7b37603

Request headers

Origin
https://t.captcha.qq.com
Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Mar 2021 00:56:56 GMT
content-encoding
gzip
x-cache-lookup
Hit From Disktank3 Gz
last-modified
Thu, 04 Mar 2021 06:52:18 GMT
server
NWS_UGC_HY
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
cache-control
max-age=1800
x-nws-log-uuid
37eebb2c-2f8d-443c-9fdb-0aff87df0206
content-type
application/javascript
content-length
27227
expires
Tue, 09 Mar 2021 01:26:55 GMT
truncated
/ Frame 37EA 		96 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 37EA 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 37EA 		651 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd9c225bfcf8e04e80dd839fa0660e92ae533167e1d707fe4d8a5b57d1718c45

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 37EA 		612 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac7b1f0233ef528a1e630b5680f497c48dad0164da718961aa76e2bacf5de6c5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 37EA 		597 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16a4969a8bef7595706c99368148d4e8fed12f550fadf5c96ffcf57ba3f738ed

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
speed
aegis.qq.com/ Frame 37EA 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aegis.qq.com/speed?id=AhPIQNzsNIpuLYoVxk&uin=&version=1.32.16&aid=&platform=3&x5Type=3&netType=4&sessionId=session-1615251416733&from=https%3A%2F%2Ft.captcha.qq.com%2Ftemplate%2Fdrag_ele.html%3Ft%3D1615251414133&referer=https%3A%2F%2Fwww.newsmth.net%2F
Requested by
Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.235.61 , China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryQm2JAyA3JxoAZy7Q

Response headers

access-control-allow-origin
https://t.captcha.qq.com
date
Tue, 09 Mar 2021 00:56:58 GMT
vary
Origin
performance
aegis.qq.com/speed/ Frame 37EA 		0
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aegis.qq.com/speed/performance?dnsLookup=6&tcp=873&ssl=582&ttfb=297&contentDownload=0&domParse=1446&resourceDownload=1&firstScreenTiming=25&id=AhPIQNzsNIpuLYoVxk&uin=&version=1.32.16&aid=&platform=3&x5Type=3&netType=4&sessionId=session-1615251416733&from=https%3A%2F%2Ft.captcha.qq.com%2Ftemplate%2Fdrag_ele.html%3Ft%3D1615251414133&referer=https%3A%2F%2Fwww.newsmth.net%2F
Requested by
Host: cdn-go.cn
URL: https://cdn-go.cn/aegis/aegis-sdk/latest/aegis.min.js?_bid=3977
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.205.235.61 , China, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://t.captcha.qq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://t.captcha.qq.com
date
Tue, 09 Mar 2021 00:56:59 GMT
vary
Origin

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| sys_merge object| preimg object| preadv function| front_startup object| _hmt function| $ function| jQuery function| DP_jQuery_1615251411661 function| _ object| Backbone object| plupload object| SYS function| BaseModel function| UserModel object| DIALOG function| front_init object| jQuery17208099483084670431 object| xWidget object| nForumMap function| XRegExp object| SyntaxHighlighter object| login object| home boolean| loaded function| loadJS boolean| __TencentCaptchaExists__ string| AqSCodeCapDomain function| TencentCaptcha boolean| TencentCaptacha_loaded boolean| _bdhm_loaded_bbac0322e6ee13093f98d5c4b5a10912 object| mini_tangram_log_37dq71 function| TCapMsg function| AqSCode

5 Cookies

Domain/Path Name / Value
.newsmth.net/ Name: Hm_lpvt_bbac0322e6ee13093f98d5c4b5a10912
Value: 1615251414
.newsmth.net/ Name: main[UTMPNUM]
Value: 54036
.newsmth.net/ Name: Hm_lvt_bbac0322e6ee13093f98d5c4b5a10912
Value: 1615251414
.newsmth.net/ Name: main[UTMPKEY]
Value: 66770287
.newsmth.net/ Name: main[UTMPUSERID]
Value: guest

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aegis.qq.com
captcha.gtimg.com
cdn-go.cn
hm.baidu.com
mainwww.newsmth.net
ssl.captcha.qq.com
static.mysmth.net
t.captcha.qq.com
www.newsmth.net
103.235.46.191
120.92.209.69
120.92.51.118
150.109.206.166
203.205.137.184
203.205.235.61
203.205.235.65
240e:ff:f100:8019::44
02a58e6412f474b7393c5bfbad51a827a857cb5a51c9e281132a258755eb3db7
16a4969a8bef7595706c99368148d4e8fed12f550fadf5c96ffcf57ba3f738ed
3019540eb6d5eb775fc4272a34a4a39a1cd3785e9e067740182c6a3099b1c713
3a25f8ce69ce6c165cda1a3deedb822a17a0a3cb6b789034a9e17d08264a2c93
3cf0b7afd365706a58d8e8e236836b7b4ce760b0471451b1d05958e8e7b37603
48a54d481211d7548a3e8a9dd227a8e6c7181784d4d43e29d8de71efb951edae
559151290adffa5161d861a94d47465419ef31edee12dfe3aa55517970f91eea
5c10212a99995f6eb872fd79c887cf25dccff3759337a41f463d7979067abd1b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69dc67988fed607ce540a16ba4e87334ee8c421818c8241d5a041f42fa1695df
78422fde0c383f1f8e6478c5f92a31d84e233bf4e69d1da3f9730f54f9e1a303
812318087d6401013ee565c4348d8b359d2fe3e13d23a318537e3f6e63408a01
84141f58b8728198052ae27f790a4fb8277f061ba1051da107c27daafae99124
85b9e087d69ac8c60cb8b47eb20bc02050b641778c2fe1f60e06c196bec82048
88bbd2b60ebb24de3f714477e760110ab86842f88f4db455627982356d0edf17
92fb7633236b4d227ae0b1fab7734747ece46a4825846ff55d3d9f507200bd36
9fd60d5a3e5d5d72014bfdf7308e0479c5bfee61998ed41a3bcb026754becdf4
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513
ac7b1f0233ef528a1e630b5680f497c48dad0164da718961aa76e2bacf5de6c5
b2516b7e2d0ea702df3f8ebb8106b330feab03edf1f8eac26bcbf0b3859d3f2f
cd9c225bfcf8e04e80dd839fa0660e92ae533167e1d707fe4d8a5b57d1718c45
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
db06064c2824478525e5888885225d6dc218119ba5111306f4cd2c37d8904a9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f909b8469bce3dc96f98fb5d4049759b0a03d4ac8780be023a69d4f641c3e593