urlscan.io logo urlscan.io
SecurityTrails logo

www.395t.com Open in urlscan Pro
103.106.190.188  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.395t.com/misc.php?mod=mobile
Submission: On August 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 27 HTTP transactions. The main IP is 103.106.190.188, located in Hong Kong and belongs to HFTCL-AS-AP High Family Technology Co., Limited, HK. The main domain is www.395t.com.
TLS certificate: Issued by R3 on July 31st 2023. Valid for: 3 months.
This is the only time www.395t.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 103.106.190.188 142032 (HFTCL-AS-...)
1 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:249... 16509 (AMAZON-02)
1 171.13.14.66 4134 (CHINANET-...)
1 58.254.150.48 136958 (UNICOM-GU...)
4 15.204.67.21 16276 (OVH)
2 103.235.46.191 55967 (BAIDU Bei...)
1 103.235.46.40 55967 (BAIDU Bei...)
27 8
16    103.106.190.188 (Hong Kong)

ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK)
www.395t.com
1    2600:9000:223d:b600:0:e2b1:a380:93a1 (United States)

ASN16509 (AMAZON-02, US)
jspassport.ssl.qhimg.com
1    2600:9000:2490:5600:12:30a1:de00:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ssl.qhres2.com
1    171.13.14.66 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)
PTR: 13.171.broad.ha.dynamic.163data.com.cn
s.360.cn
1    58.254.150.48 (China)

ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN)
zz.bdstatic.com
4    15.204.67.21 (Hillsboro, United States)

ASN16276 (OVH, FR)
PTR: vps-5c6980ad.vps.ovh.us
www.km159.com
2    103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com
1    103.235.46.40 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
sp0.baidu.com
Apex Domain
Subdomains		 Transfer
16 395t.com
www.395t.com
212 KB
4 km159.com
www.km159.com
4 KB
3 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 9097
sp0.baidu.com — Cisco Umbrella Rank: 20736
12 KB
1 bdstatic.com
zz.bdstatic.com — Cisco Umbrella Rank: 31718
553 B
1 360.cn
s.360.cn — Cisco Umbrella Rank: 27808
240 B
1 qhres2.com
s.ssl.qhres2.com — Cisco Umbrella Rank: 95843
929 B
1 qhimg.com
jspassport.ssl.qhimg.com — Cisco Umbrella Rank: 97942
467 B
27 7
Domain Requested by
16 www.395t.com www.395t.com
4 www.km159.com www.395t.com
2 hm.baidu.com www.395t.com
1 sp0.baidu.com www.395t.com
1 zz.bdstatic.com www.395t.com
1 s.360.cn www.395t.com
1 s.ssl.qhres2.com jspassport.ssl.qhimg.com
1 jspassport.ssl.qhimg.com www.395t.com
27 8

This site contains links to these domains. Also see Links.

Domain
www.km159.com
dz.km159.com
www.9ppy.com
wpa.qq.com
Subject Issuer Validity Valid
www.395t.com
R3		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.ssl.qhimg.com
WoTrus DV Server CA [Run by the Issuer]		 2023-03-27 -
2024-03-26		 a year crt.sh
*.ssl.qhres2.com
WoTrus DV Server CA [Run by the Issuer]		 2023-02-28 -
2024-02-28		 a year crt.sh
*.s.360.cn
WoTrus DV Server CA [Run by the Issuer]		 2022-12-16 -
2023-12-16		 a year crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.395t.com/misc.php?mod=mobile
Frame ID: 3A32913F7381CE726E9F7A8120AC1784
Requests: 25 HTTP requests in this frame

Frame: https://www.395t.com/misc.php?mod=mobile&view=true
Frame ID: 2F7DADE37E3FEAB3B1A40B546D031EFB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

手机版 快马论坛

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

230 kB
Transfer

505 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request misc.php
www.395t.com/ 		13 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
2df277e81089fdebf12a0eff4437d45139f85c04199c2b578460b4da630bfa7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 03 Aug 2023 18:37:31 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
jquery1.42.min.js
www.395t.com/template/esc_004/js/ 		71 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.395t.com/template/esc_004/js/jquery1.42.min.js
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 10:28:36 GMT
server
nginx
etag
W/"62345ed4-11a86"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 04 Aug 2023 06:37:31 GMT
jquery.SuperSlide.2.1.3.js
www.395t.com/template/esc_004/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.395t.com/template/esc_004/js/jquery.SuperSlide.2.1.3.js
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1d6f3374e6585f541d143d936c0b264b2104d53a9108bcf81d66e895d03287e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 10:28:36 GMT
server
nginx
etag
W/"62345ed4-2ead"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 04 Aug 2023 06:37:31 GMT
style_17_common.css
www.395t.com/data/cache/ 		74 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.395t.com/data/cache/style_17_common.css?x4I
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
c5970d13f0e1a30d38062318899ec10e0e18ec961a2fd76aa219c9b31be6e522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 10:18:18 GMT
server
nginx
etag
W/"64c78a6a-12992"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 04 Aug 2023 06:37:31 GMT
common.js
www.395t.com/data/cache/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.395t.com/data/cache/common.js?x4I
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e6508a2cfd266d0429b4ae8e91310a884d0fb46b08c6106b845ef40b9cf4fd8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Mon, 31 Jul 2023 10:18:18 GMT
server
nginx
etag
W/"64c78a6a-f803"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 04 Aug 2023 06:37:31 GMT
font-awesome.min.css
www.395t.com/template/esc_004/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.395t.com/template/esc_004/css/font-awesome.min.css
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:31 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 10:28:17 GMT
server
nginx
etag
W/"62345ec1-7918"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Fri, 04 Aug 2023 06:37:31 GMT
logo.png
www.395t.com/static/image/common/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.395t.com/static/image/common/logo.png
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
f87b10049b09f7759df3288240189151ffa3857f1bf22c113beda9ff57749980
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:33 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 18 Mar 2022 11:44:45 GMT
server
nginx
etag
"623470ad-6083"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
24707
expires
Sat, 02 Sep 2023 18:37:33 GMT
logging.js
www.395t.com/data/cache/ 		390 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.395t.com/data/cache/logging.js?x4I
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
843ca4ccc43f7c97d0f24897b2890a713355e0e5e89f6a96001e663e10282b45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:32 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 31 Jul 2023 10:18:18 GMT
server
nginx
etag
"64c78a6a-186"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
390
expires
Fri, 04 Aug 2023 06:37:32 GMT
jquery-1.8.3.min.js
www.395t.com/source/plugin/wq_sign/static/js/common/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.395t.com/source/plugin/wq_sign/static/js/common/jquery-1.8.3.min.js?{VERHASH}
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
84640ded8f1dc007c107f3cc103383dd81264c4cdd473afbc60b5e704168f9a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:32 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Sat, 29 May 2021 14:59:16 GMT
server
nginx
etag
W/"60b256c4-1e4bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Fri, 04 Aug 2023 06:37:32 GMT
newmobile.png
www.395t.com/data/cache/ 		333 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.395t.com/data/cache/newmobile.png
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
258b976d296bf84a8bc5fb7d4bb442368bda2c65c05857e9326c3d66d5dded61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:33 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 29 May 2021 12:41:06 GMT
server
nginx
etag
"60b23662-14d"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
333
expires
Sat, 02 Sep 2023 18:37:33 GMT
c1.png
www.395t.com/template/esc_004/img/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.395t.com/template/esc_004/img/c1.png
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
f87b10049b09f7759df3288240189151ffa3857f1bf22c113beda9ff57749980
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:33 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 18 Mar 2022 11:47:21 GMT
server
nginx
etag
"62347149-6083"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
24707
expires
Sat, 02 Sep 2023 18:37:33 GMT
site_qq.jpg
www.395t.com/static/image/common/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.395t.com/static/image/common/site_qq.jpg
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
1c7caa426a8e9ff45cf44cc4d2ffd5fff9c697bcf1dce09f1e9af1e0bf8977dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:33 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 29 May 2021 15:07:36 GMT
server
nginx
etag
"60b258b8-6a2"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1698
expires
Sat, 02 Sep 2023 18:37:33 GMT
home.php
www.395t.com/ 		0
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.395t.com/home.php?mod=misc&ac=sendmail&rand=1691087851
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:33 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
11.0.1.js
jspassport.ssl.qhimg.com/ 		106 B
467 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:b600:0:e2b1:a380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c58c444af409b74761d5cb4a86fde4b48ee2d4701252b439834f01868c8cb955

Request headers

Referer
https://www.395t.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 03 Aug 2023 18:36:23 GMT
via
1.1 51bcd21e941ceaec99864557d86202ae.cloudfront.net (CloudFront)
kcs-via
HIT from w-fc01.lato;REVALIDATED from w-sc01.lato
last-modified
Wed, 28 Nov 2018 07:43:20 GMT
x-amz-cf-pop
FRA56-P3
age
70
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=600
x-amz-cf-id
RiG8Pa_gWl01mELibR__nvLimJ8P1RZtRmwsaCtcIzlZCdmpe8zQoA==
expires
Thu, 03 Aug 2023 18:46:23 GMT
ab77b6ea7f3fbf79.js
s.ssl.qhres2.com/ssl/ 		478 B
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js
Requested by
Host: jspassport.ssl.qhimg.com
URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:5600:12:30a1:de00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a

Request headers

Referer
https://www.395t.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sun, 02 Jul 2023 23:20:52 GMT
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
kcs-via
HIT from w-fc01.lato;MISS from w-sc02.lato
x-qstatic-hit
1
x-amz-cf-pop
FRA56-P6
age
2747803
x-cache
Hit from cloudfront
content-length
478
last-modified
Mon, 01 Jan 2018 00:00:00 GMT
etag
W/"5ea522c52117c396"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
accept-ranges
bytes
x-amz-cf-id
0hQXdHkA7LfF_Zh8jR1ywM-xWNGev6HftN-XxJkKJOmeXoeJeEGMiQ==
expires
Wed, 29 Jun 2033 23:20:52 GMT
zz.gif
s.360.cn/so/ 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.360.cn/so/zz.gif?url=https%3A%2F%2Fwww.395t.com%2Fmisc.php%3Fmod%3Dmobile&sid=d182b3f28525f2db83acfaaf6e696dba&token=de1l8i2bbo3mf=2d8o5m2?5pfh2pd.bc
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
171.13.14.66 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
13.171.broad.ha.dynamic.163data.com.cn
Software
openresty/1.15.8.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 03 Aug 2023 18:37:36 GMT
Last-Modified
Wed, 24 Apr 2019 07:58:57 GMT
Server
openresty/1.15.8.2
ETag
"5cc01741-0"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
push.js
zz.bdstatic.com/linksubmit/ 		308 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://zz.bdstatic.com/linksubmit/push.js
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
58.254.150.48 , China, ASN136958 (UNICOM-GUANGZHOU-IDC China Unicom Guangdong IP network, CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:36 GMT
content-encoding
br
tracecode
28423809050406101770080314
ohc-response-time
1 0 0 0 0 0
last-modified
Thu, 25 May 2023 05:00:58 GMT
server
JSP3/2.0.14
age
39949
etag
"646eeb8a-134"
ohc-cache-hit
gz3un63 [2], zhuzuncache63 [2]
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
ohc-global-saved-time
Thu, 03 Aug 2023 06:47:22 GMT
newarow.gif
www.km159.com/static/image/common/ 		327 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.km159.com/static/image/common/newarow.gif
Requested by
Host: www.395t.com
URL: https://www.395t.com/data/cache/style_17_common.css?x4I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.204.67.21 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-5c6980ad.vps.ovh.us
Software
nginx /
Resource Hash
144378b0a6ca8b3f4c2fa9ba0fe9dc1ef6e0e91655aa0e9415f5b7ec83bf4028
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 03 Aug 2023 17:19:22 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=31536000
Last-Modified
Sat, 29 May 2021 15:05:50 GMT
Server
nginx
Age
4700
ETag
"60b2584e-147"
X-Cache
HIT from web server ovh-2
Content-Type
image/gif
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
331
Expires
Sat, 02 Sep 2023 17:19:22 GMT
px.png
www.km159.com/static/image/common/ 		210 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.km159.com/static/image/common/px.png
Requested by
Host: www.395t.com
URL: https://www.395t.com/data/cache/style_17_common.css?x4I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.204.67.21 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-5c6980ad.vps.ovh.us
Software
nginx /
Resource Hash
e11970020edea5be0994cf33d189346011dc92c901e946303ba6422b028bc231
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 03 Aug 2023 17:19:21 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Sat, 29 May 2021 15:06:46 GMT
Server
nginx
Age
4699
ETag
"60b25886-d2"
X-Cache
HIT from web server ovh-2
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
210
Expires
Sat, 02 Sep 2023 17:19:21 GMT
pn.png
www.km159.com/static/image/common/ 		592 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.km159.com/static/image/common/pn.png
Requested by
Host: www.395t.com
URL: https://www.395t.com/data/cache/style_17_common.css?x4I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.204.67.21 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-5c6980ad.vps.ovh.us
Software
nginx /
Resource Hash
525036fe705bc74f4b46e9faa480ecd23f7ffc872974c8f0aaed7aad408de2ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 03 Aug 2023 17:19:21 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=31536000
Last-Modified
Sat, 29 May 2021 15:06:32 GMT
Server
nginx
Age
4699
ETag
"60b25878-250"
X-Cache
HIT from web server ovh-2
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
593
Expires
Sat, 02 Sep 2023 17:19:21 GMT
misc.php
www.395t.com/ Frame 2F7D 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.395t.com/misc.php?mod=mobile&view=true
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
b4df10a26854ec75f347981eeea1f9448e8c138d1c7b7ef8b782452de4476a9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.395t.com/misc.php?mod=mobile
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 03 Aug 2023 18:37:35 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
hm.js
hm.baidu.com/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?f08a1040095fde9c90fa9865a9500bbe
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
eccdd74439e14b0e352e11a637149765762e8c7fcc724facadf3620d0273128b
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 03 Aug 2023 18:37:36 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=172800
Server
apache
Etag
0ff6c105c4c1cc7c51f5b0cc12a69b5b
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type
application/javascript
Cache-Control
max-age=0, must-revalidate
Content-Length
11257
browser_big.jpg
www.395t.com/static/image/mobile/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.395t.com/static/image/mobile/browser_big.jpg
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
df3b9c64c733469c3c4612e4334a76da81276ae4893f5ccea16518501ecf93ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:35 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 20 May 2021 11:40:54 GMT
server
nginx
etag
"60a64ac6-66ac"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
26284
expires
Sat, 02 Sep 2023 18:37:35 GMT
scrolltop.png
www.km159.com/static/image/common/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.km159.com/static/image/common/scrolltop.png
Requested by
Host: www.395t.com
URL: https://www.395t.com/data/cache/style_17_common.css?x4I
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
15.204.67.21 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS
vps-5c6980ad.vps.ovh.us
Software
nginx /
Resource Hash
c9a11fc108c17c57cc8196558ec7a9eba3833a0a7023717251bf2a0ed25244fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 03 Aug 2023 17:19:25 GMT
Content-Encoding
br
Strict-Transport-Security
max-age=31536000
Last-Modified
Sat, 29 May 2021 15:07:24 GMT
Server
nginx
Age
4695
ETag
"60b258ac-567"
X-Cache
HIT from web server ovh-2
Content-Type
image/png
Cache-Control
max-age=2592000
Accept-Ranges
bytes
Content-Length
1356
Expires
Sat, 02 Sep 2023 17:19:25 GMT
logo.gif
www.395t.com/static/image/mobile/ Frame 2F7D 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.395t.com/static/image/mobile/logo.gif
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile&view=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.106.190.188 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK),
Reverse DNS
Software
nginx /
Resource Hash
0728dd864754fa05c8b2fba9556e5ca5395598f384a83f9c9ea87804dcc9a42e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/misc.php?mod=mobile&view=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 18:37:35 GMT
strict-transport-security
max-age=31536000
last-modified
Sat, 29 May 2021 15:14:10 GMT
server
nginx
etag
"60b25a42-a29"
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2601
expires
Sat, 02 Sep 2023 18:37:35 GMT
s.gif
sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/ 		0
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://www.395t.com/misc.php?mod=mobile
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.40 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Thu, 03 Aug 2023 18:37:38 GMT
Content-Length
0
Content-Type
text/plain; charset=utf-8
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=745052823&si=f08a1040095fde9c90fa9865a9500bbe&v=1.3.0&lv=1&sn=22717&r=0&ww=1600&u=https%3A%2F%2Fwww.395t.com%2Fmisc.php%3Fmod%3Dmobile&tt=%E6%89%8B%E6%9C%BA%E7%89%88%20%E5%BF%AB%E9%A9%AC%E8%AE%BA%E5%9D%9B
Requested by
Host: www.395t.com
URL: https://www.395t.com/misc.php?mod=mobile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.395t.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 03 Aug 2023 18:37:37 GMT
Strict-Transport-Security
max-age=172800
X-Content-Type-Options
nosniff
Server
apache
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery string| STYLEID string| STATICURL string| IMGDIR string| VERHASH string| charset string| discuz_uid string| cookiepre string| cookiedomain string| cookiepath string| showusercard string| attackevasive string| disallowfloat string| creditnotice string| defaultstyle string| REPORTURL string| SITEURL string| JSPATH string| CSSPATH string| DYNAMICURL function| $C function| _attachEvent function| _detachEvent function| browserVersion function| getEvent function| isUndefined function| in_array function| trim function| strlen function| mb_strlen function| mb_cutstr function| preg_replace function| htmlspecialchars function| display function| checkall function| setcookie function| getcookie function| Ajax function| getHost function| hostconvert function| newfunction function| evalscript function| safescript function| $F function| appendscript function| hash function| stringxor function| ajaxupdateevents function| ajaxupdateevent function| ajaxget function| ajaxpost function| ajaxmenu function| ajaxinnerhtml function| showPreview function| showloading function| doane function| loadcss function| showMenu object| delayShowST function| delayShow boolean| dragMenuDisabled function| dragMenu function| setMenuPosition function| hideMenu function| getCurrentStyle function| fetchOffset function| showTip function| showPrompt function| showCreditPrompt object| showDialogST function| showDialog function| showWindow function| showError function| hideWindow function| AC_FL_RunContent function| AC_GetArgs function| simulateSelect function| switchTab function| imageRotate function| thumbImg number| zoomstatus function| zoom function| showselect function| showColorBox function| ctrlEnter function| parseurl function| codetag function| saveUserdata function| loadUserdata function| initTab function| openDiy function| hasClass function| addClass function| removeClass function| toggleClass function| runslideshow function| toggle_collapse function| updatestring function| getClipboardData function| setCopy function| copycode function| showdistrict function| setDoodle function| initSearchmenu function| searchFocus function| extstyle function| widthauto object| secST function| updatesecqaa function| updateseccode function| checksec function| createPalette function| showForummenu function| showUserApp function| cardInit function| navShow function| strLenCalc function| pluginNotice function| ipNotice function| noticeTitle function| noticeTitleFlash function| relatedlinks function| con_handle_response function| showTopLink function| showCreditmenu function| showUpgradeinfo function| addFavorite function| setHomepage function| setShortcut function| smilies_show function| showfocus function| rateStarHover function| rateStarSet function| img_onmouseoverfunc function| toggleBlind function| checkBlind function| getElementOffset function| mobileplayer function| appendstyle function| detectHtml5Support function| detectPlayer function| tradionalPlayer function| html5Player function| html5APlayer function| html5DPlayer object| BROWSER string| USERAGENT object| CSSLOADED object| JSLOADED object| JSMENU object| CURRENTSTYPE object| EXTRAFUNC string| EXTRASTR object| DISCUZCODE boolean| USERABOUT_BOX object| USERCARDST string| CLIPBOARDSWFDATA object| NOTICETITLE string| NOTICECURTITLE object| safescripts object| evalscripts object| HTML5PLAYER object| HTMLNODE function| lsSubmit function| errorhandle_ls function| wqjq object| _hmt boolean| _bdhm_loaded_f08a1040095fde9c90fa9865a9500bbe object| mini_tangram_log_l0bbmg

8 Cookies

Domain/Path Name / Value
www.395t.com/ Name: T9Ph_2132_saltkey
Value: MX1i3BfE
www.395t.com/ Name: T9Ph_2132_lastvisit
Value: 1691084251
www.395t.com/ Name: T9Ph_2132_sid
Value: Nz7QEG
www.395t.com/ Name: T9Ph_2132_sendmail
Value: 1
www.395t.com/ Name: T9Ph_2132_lastact
Value: 1691087855%09misc.php%09mobile
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: F88D03D7977B1CA3
.www.395t.com/ Name: Hm_lvt_f08a1040095fde9c90fa9865a9500bbe
Value: 1691087857
.www.395t.com/ Name: Hm_lpvt_f08a1040095fde9c90fa9865a9500bbe
Value: 1691087857

5 Console Messages

Source Level URL
Text
javascript warning URL: https://www.395t.com/misc.php?mod=mobile(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.395t.com/misc.php?mod=mobile(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://jspassport.ssl.qhimg.com/11.0.1.js?d182b3f28525f2db83acfaaf6e696dba
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://s.ssl.qhres2.com/ssl/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering warning URL: https://www.395t.com/misc.php?mod=mobile&view=true(Line 5)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
jspassport.ssl.qhimg.com
s.360.cn
s.ssl.qhres2.com
sp0.baidu.com
www.395t.com
www.km159.com
zz.bdstatic.com
103.106.190.188
103.235.46.191
103.235.46.40
15.204.67.21
171.13.14.66
2600:9000:223d:b600:0:e2b1:a380:93a1
2600:9000:2490:5600:12:30a1:de00:93a1
58.254.150.48
0728dd864754fa05c8b2fba9556e5ca5395598f384a83f9c9ea87804dcc9a42e
144378b0a6ca8b3f4c2fa9ba0fe9dc1ef6e0e91655aa0e9415f5b7ec83bf4028
1adeb9b7455c164e01a88173d356742be2a4b5dc4977f0f64fee5b5d4b38e0b3
1c7caa426a8e9ff45cf44cc4d2ffd5fff9c697bcf1dce09f1e9af1e0bf8977dc
1d6f3374e6585f541d143d936c0b264b2104d53a9108bcf81d66e895d03287e0
258b976d296bf84a8bc5fb7d4bb442368bda2c65c05857e9326c3d66d5dded61
2df277e81089fdebf12a0eff4437d45139f85c04199c2b578460b4da630bfa7b
525036fe705bc74f4b46e9faa480ecd23f7ffc872974c8f0aaed7aad408de2ad
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
843ca4ccc43f7c97d0f24897b2890a713355e0e5e89f6a96001e663e10282b45
84640ded8f1dc007c107f3cc103383dd81264c4cdd473afbc60b5e704168f9a4
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
b4df10a26854ec75f347981eeea1f9448e8c138d1c7b7ef8b782452de4476a9e
c31f2003f1c93ac1e34b09f376d97a65da6e110bf451cf1e0e50a7946c5e7212
c58c444af409b74761d5cb4a86fde4b48ee2d4701252b439834f01868c8cb955
c5970d13f0e1a30d38062318899ec10e0e18ec961a2fd76aa219c9b31be6e522
c9a11fc108c17c57cc8196558ec7a9eba3833a0a7023717251bf2a0ed25244fb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
df3b9c64c733469c3c4612e4334a76da81276ae4893f5ccea16518501ecf93ba
e11970020edea5be0994cf33d189346011dc92c901e946303ba6422b028bc231
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6508a2cfd266d0429b4ae8e91310a884d0fb46b08c6106b845ef40b9cf4fd8e
eccdd74439e14b0e352e11a637149765762e8c7fcc724facadf3620d0273128b
f87b10049b09f7759df3288240189151ffa3857f1bf22c113beda9ff57749980