th-instrument.com

.com crawl

First seen 2026-04-12 · Last seen 2026-05-01 · ok HTTP/1.1 200 1767 ms crawled 2026-05-06

CN · 121.46.231.31 · AS4811 China Telecom Group

Reputation 67/100 wrong cert no dmarc policy

Classifying

HTML metadata

Title: 404 Not Found

Technology

Server: unknown

Registration

Registrar

Alibaba Cloud Computing (Beijing) Co., Ltd.

Created

2003-10-14

Expires

2027-10-14 512 days left

Updated

2024-10-14

Name servers

dns31.hichina.com
dns32.hichina.com

DNS records live

NS

dns31.hichina.com
dns32.hichina.com

MX

10 ip19.tradeinfo.com.cn
20 ip11.fetic.cn

Email authentication partial

SPF

v=spf1 a mx ip4:60.12.16.1/28 ip4:220.191.169.16/28 -all

strict (-all)

DMARC

not published

DKIM

dkim: v=DKIM1; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ1XFQCEr2/cnnfekjUR2Nnyx064GG+g+/SxPAie0hOIIz4k8yT5VObdPegpH6XHmP3opH75DRUg5GxGHGXml…

selectors probed

Certificate (current) wrong cert

—

from 2025-09-29 to 2035-09-27

Expires in 3417 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 70/100 Checked over plain HTTP: http://th-instrument.com/

present

content-security-policy
x-frame-options
x-content-type-options
referrer-policy

findings

checked over plain HTTP
CSP allows unsafe inline scripts/styles
CSP uses wildcard sources
missing Permissions Policy

Header values

referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: default-src 'self' https://*; script-src 'self' 'unsafe-inline' 'unsafe-eval' http://* https://*; style-src 'self' 'unsafe-inline' http://* https://*; img-src 'self' data: blob: http://* https://*; font-src 'self' data: http://* https://*; connect-src 'self' http://* https://*; frame-src 'self' https://*; object-src 'none'; media-src 'self' https://*; worker-src 'self' https://* blob:; report-uri /csp-report-endpoint;

Linked from (1)

cdshiyanji.com×2