thczipper.com
HTML metadata
Technology
- Server
- wts
Contact
- Phone
Registration
- Registrar
- Xiamen 35.com Information Co., Ltd.
- Created
- 2007-09-24
- Expires
- 2029-09-24 1223 days left
- Updated
- 2025-05-26
- Name servers
-
- ns1.35.net
- ns2.35.net
- ns3.35.net
- ns4.35.net
DNS records live
- NS
-
- ns1.35.net
- ns2.35.net
- ns3.35.net
- ns4.35.net
- MX
-
- 10 mxbiz2.qq.com
- 5 mxbiz1.qq.com
Email authentication weak
- SPF
-
v=spf1 include:spf.mail.qq.com ~allsoftfail (~all) - DMARC
- not published
- DKIM
- no key found at common selectors
Certificate (current)
sslTrus (RSA) DV CA
Expires in 29 days
HTTP security headers
- present
-
- content-security-policy
- x-content-type-options
- referrer-policy
- findings
-
- missing HSTS
- CSP allows unsafe inline scripts/styles
- CSP uses wildcard sources
- missing frame protection
- missing Permissions Policy
Header values
- referrer-policy
origin-when-cross-origin- x-content-type-options
nosniff- content-security-policy
frame-ancestors 'self' *.youku.com *.bilibili.com *.ixigua.com *.qq.com *.youtube.com; default-src 'self' baidu.com font.googleapis.com *.youku.com *.bilibili.com *.ixigua.com *.qq.com *.googletagmanager.com *.youtube.com; style-src 'self' *.googleapis.com *.tq.cn *.baidu.com *.bdimg.com 'unsafe-inline'; media-src *; script-src 'self' *.cnzz.com *.baidu.com *.bdimg.com *.tq.cn *.jutoo.cn *.googletagmanager.com *.google-analytics.com *.bcebos.com *.bdstatic.com 'unsafe-eval' 'unsafe-inline'; img-src 'self' *.juntong.net blob: *.tq.cn *.cnzz.com *.mmstat.com *.baidu.com *.bdimg.com *.qq.com *.idqqimg.com *.jutoo.cn *.google-analytics.com *.ytimg.com data:;worker-src blob:;connect-src 'self' *.baidu.com *.bdimg.com *.google-analytics.com data:;font-src 'self' *.googleapis.com fonts.gstatic.com data:;object-src 'self' *.tq.cn;, upgrade-insecure-requests