tdstjx.com Open in urlscan Pro
2606:4700:3031::6815:1973 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tdstjx.com/
Submission Tags: krdprod
Submission: On October 31 via api (October 31st 2021, 1:24:55 pm UTC) from US — Scanned from JP

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3031::6815:1973, located in United States and belongs to CLOUDFLARENET, US. The main domain is tdstjx.com.
TLS certificate: Issued by R3 on October 31st 2021. Valid for: 3 months.

This is the only time tdstjx.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700:303... 2606:4700:3031::6815:1973	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1 2	23.225.166.66 23.225.166.66	40065 (CNSERVERS) (CNSERVERS)
2	162.253.67.147 162.253.67.147	40065 (CNSERVERS) (CNSERVERS)
3	154.218.13.200 154.218.13.200	137443 (ANCHGLOBA...) (ANCHGLOBAL-AS-AP Anchnet Asia Limited)
18	6

10 2606:4700:3031::6815:1973 (United States)

ASN13335 (CLOUDFLARENET, US)

tdstjx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.225.166.66 (Los Angeles, United States) 1 redirects

ASN40065 (CNSERVERS, US)

www.gd4488.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.253.67.147 (Clackamas, United States)

ASN40065 (CNSERVERS, US)

www.gd567b.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 154.218.13.200 (Hong Kong)

ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK)

www.gd4441.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	tdstjx.com tdstjx.com	28 KB
3	gd4441.com www.gd4441.com	12 KB
2	gd567b.com www.gd567b.com	1 KB
2	gd4488.com 1 redirects www.gd4488.com	1 KB
2	baidu.com hm.baidu.com	13 KB
18	5

	Domain	Requested by
10	tdstjx.com	tdstjx.com
3	www.gd4441.com	www.gd567b.com www.gd4441.com
2	www.gd567b.com	www.gd4488.com
2	www.gd4488.com	1 redirects tdstjx.com
2	hm.baidu.com	tdstjx.com
18	5

This site contains links to these domains. Also see Links.

Domain
beian.miit.gov.cn

Subject Issuer	Validity	Valid
*.tdstjx.com R3	`2021-10-31` - `2022-01-29`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2021-07-01` - `2022-08-02`	a year	crt.sh
gd4488.com R3	`2021-08-24` - `2021-11-22`	3 months	crt.sh
www.gd5502.com R3	`2021-10-10` - `2022-01-08`	3 months	crt.sh
*.gd4441.com R3	`2021-08-26` - `2021-11-24`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://tdstjx.com/
Frame ID: E6D7B6EEBC0BF01519DFD2FA19B783DA
Requests: 12 HTTP requests in this frame

Frame: https://www.gd4441.com/?att=177
Frame ID: 15B90298A64FABCEDEC55147D04E78CE
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

送彩金线上娱乐-专业购彩平台

Page Statistics

18
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

56 kB
Transfer

146 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://beian.miit.gov.cn/
Title: 域名备案中。。。。

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://www.gd4488.com/a HTTP 301
https://www.gd4488.com/a/

18 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tdstjx.com/ 22 KB
6 KB 162ms
148ms Document
text/html 2606:4700:3031::6815:1973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdstjx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 52c47fde40354d6dda0a57fad65191c7c6412fa526fd1e17bf2decf916f74838

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

date: Sun, 31 Oct 2021 13:24:41 GMT
content-type: text/html
last-modified: Wed, 07 Jul 2021 08:26:59 GMT
x-powered-by: ASP.NET
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8XK%2FB2i04bEdPo7rUNVCGRV%2BjpsaqvkrQr6iMWGIsF7pfiF4gqmY3IbeUk3AU8eRWy56C1INUKU%2BOJAsG0Zvbw%2FVK1bIPtwHt4v53aeXLsLKShjR9KKBJwVVnksaxKqnrMjdBf2YEIb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a6d347c8fccf8ab-NRT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 crj100.css
tdstjx.com/kfyyy/ 18 KB
5 KB 14ms
13ms Stylesheet
text/css 2606:4700:3031::6815:1973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdstjx.com/kfyyy/crj100.css
Requested by: Host: tdstjx.com
URL: https://tdstjx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3424e751de9bd1d10f84c20f67cbd20bdb5a115efd64aac7d6e19625ef9c5e2c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 13:24:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 31 May 2021 21:12:08 GMT
server: cloudflare
etag: W/"ece76e9d6156d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBsERIMIdGgKGv%2BC4fuutfSf0L4d%2FL40dvZcE6muf7kiPA%2Bq63q1GFHa7J%2FRVEBjg%2Fz7WSiPc3tDiock0TOGbb37QttZA9T3p9zaYAGZPjcz1ul9m%2Ba2wBkpLxoEpNHsx5QEwJXHBM%2F3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6a6d347d89b2f8ab-NRT

GET
H2 200 news_v9.css
tdstjx.com/kfyyy/ 26 KB
6 KB 49ms
48ms Stylesheet
text/css 2606:4700:3031::6815:1973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdstjx.com/kfyyy/news_v9.css
Requested by: Host: tdstjx.com
URL: https://tdstjx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ba9e9f47f8eecf247d90a31c9eee7164310c47a41362ef92f486aa10e8c8af87

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 13:24:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 31 May 2021 21:12:08 GMT
server: cloudflare
etag: W/"61e07b9d6156d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSaXexzxtWnjjKqmvTviZyxA7rY5EuY7PBlwwegNSpmB1f0LSeHN7Oo6hpSELGWq1UTiCFseRe9%2Fjep12o998SjtT2vlizdujCv33bZsGzh9MO2BOkKQd4q4pyzC4gjSaHjp5VDyfCuo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6a6d347d89b4f8ab-NRT

GET
H2 200 share_style2_16.css
tdstjx.com/kfyyy/ 4 KB
1 KB 13ms
12ms Stylesheet
text/css 2606:4700:3031::6815:1973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdstjx.com/kfyyy/share_style2_16.css
Requested by: Host: tdstjx.com
URL: https://tdstjx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4f3bbb9343dd0982f32a73cfdd8b4c83f7f682bb238258b127b7ccf700c1995b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 13:24:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 31 May 2021 21:12:08 GMT
server: cloudflare
etag: W/"e7458d9d6156d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7zAE9aKxaeWt6jaOpQxXcvaorlsKVe8O5QNsSX8BrpKfxJXvIb%2F4IUZqrchLSIF28YgSWpMaryPVVGiEXYpI4Vy1tY7EdW2sWkKcyGtaNpq6HtgMo9%2BkRRibSXMt%2FokgR%2F2IHUnjLQ3"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6a6d347d89b6f8ab-NRT

GET
H2 200 autopush.js Show response
tdstjx.com/ 2 KB
971 B 22ms
21ms Script
application/x-javascript 2606:4700:3031::6815:1973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdstjx.com/autopush.js
Requested by: Host: tdstjx.com
URL: https://tdstjx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 29a0e9de7bfd4f9f23d3bb8ac0beddde1e976b0a830255a67aac0f7890f2feb1

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 13:24:41 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 81
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 02 Jun 2021 03:09:21 GMT
server: cloudflare
etag: W/"bfa139af5c57d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=duer77N%2FtbIy261CzKLwTL0DzA02Xeaa%2FbnzzA6M3XiDR2Wlr1HhRJe4nAm4AYtjqiAyPMeEzjg5csaorA%2FBEMimFzGjYoc%2FGio1%2B9PSdKCKmbOlXR1euZDXCU0tnKVKUqJk%2BqIJagbN"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=14400
cf-ray: 6a6d347d89b7f8ab-NRT

GET
H2 200 logo.png
tdstjx.com/kfyyy/ 5 KB
6 KB 12ms
11ms Image
image/png 2606:4700:3031::6815:1973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdstjx.com/kfyyy/logo.png
Requested by: Host: tdstjx.com
URL: https://tdstjx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bf965c5243c36ecb6e1a9fb2f906ed23340131402ea56fc41c8601ac07e59e9b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 13:24:41 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 80
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5369
last-modified: Mon, 31 May 2021 21:12:08 GMT
server: cloudflare
etag: "8de38d9d6156d71:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Zdx6g%2FiMlp8k%2Fw3a%2F2ySsNx5%2B%2FuRG2PeiX5UYYOFp%2BcaqnY%2F1ATVyQIOWLvh6Rs9J0fNsyjYl2PhdhScL3c2PZFHTlCjlqCc2%2F660HiYgNEKXMvtreza1Jvwp4lWmyWgpGicqTfYyNm"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6a6d347dda74f8ab-NRT

GET
H2 200 count.php Show response
tdstjx.com/kfyyy/ 23 B
332 B 137ms
136ms Script
text/html 2606:4700:3031::6815:1973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdstjx.com/kfyyy/count.php
Requested by: Host: tdstjx.com
URL: https://tdstjx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40, ASP.NET
Resource Hash: 7f93d80cd89d3c5baedc598914117d3ccb0aeb172b09b50683e288109e00a040

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 13:24:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40, ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6r%2B4dkmQy1CUYyHZyUtUXvXEt5E%2BUdrBpbFtDovABOoMJLUML0kn%2B7pDzrSQX9FunA772nLYiyHdFg1ECqyaZvqj9RX8XmJ32dy5XONwpNEjr%2FW9P0WD3y3ncPM3xijZGPM57CK7SXn2"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 6a6d347dda75f8ab-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 35 KB
13 KB 583ms
472ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?729c7b3ff359771b87025d4695b8f287

Requested by

Host: tdstjx.com
URL: https://tdstjx.com/autopush.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

efa5a5d92a1e3cd2a2614f6dba3d95e902f7831bc6eb1ee0243a472add80d273

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 31 Oct 2021 13:24:41 GMT
Content-Encoding: gzip
Server: apache
Etag: 80ab3a5caf335300ab6eef80d687add8
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 12899

GET
H2

200

/ Show response
www.gd4488.com/a/ Frame 15B9
Redirect Chain

https://www.gd4488.com/a
https://www.gd4488.com/a/

878 B
1 KB

119ms
119ms

Document
text/html

23.225.166.66
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gd4488.com/a/

Requested by

Host: tdstjx.com
URL: https://tdstjx.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.225.166.66 Los Angeles, United States, ASN40065 (CNSERVERS, US),

Reverse DNS

Software

nginx /

Resource Hash

170f5949b08223e7fb49524474fc9b740690feaeb2fc6d6ee8056b61188ec90f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/

Response headers

server: nginx
date: Sun, 31 Oct 2021 13:24:42 GMT
content-type: text/html
content-length: 878
last-modified: Fri, 01 Oct 2021 05:21:15 GMT
etag: "61569acb-36e"
strict-transport-security: max-age=31536000
accept-ranges: bytes

Redirect headers

server: nginx
date: Sun, 31 Oct 2021 13:24:42 GMT
content-type: text/html
content-length: 162
location: https://www.gd4488.com/a/
strict-transport-security: max-age=31536000

GET
H2 404 searchbg.gif
tdstjx.com/images/ 1 KB
1 KB 148ms
147ms Image
text/html 2606:4700:3031::6815:1973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdstjx.com/images/searchbg.gif
Requested by: Host: tdstjx.com
URL: https://tdstjx.com/kfyyy/crj100.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/kfyyy/crj100.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 13:24:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AiaxriWSdEkaRPBfTPeP7YVItwSSc92HmyKI9aBD5HxLhKR%2BbDE0VQu8VYGFJd0Msl%2BdxTNidJXT14BzBUNRV7z1qfQos2Ri%2B05zQugypzdLXFFp2vToD30qDssXGkQb6ty2I5LR3ByO"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6a6d347dea86f8ab-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 404 ico_5.png
tdstjx.com/images/ 1 KB
1 KB 153ms
152ms Image
text/html 2606:4700:3031::6815:1973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdstjx.com/images/ico_5.png
Requested by: Host: tdstjx.com
URL: https://tdstjx.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 13:24:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1qO255EZ7usJjZJqag4DH%2FP34OoX8SvUIOYBdZ5FH5bZUHoFUnA8%2BtFvcoCEMd1nrK84cNFuK3CQJDN1dqZFqvRooiunOXj5L13OFq%2FOLXf%2FLV1CEJqUtxyEVVuVWs%2Bs79ibOaA5cH2l"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6a6d347dea8af8ab-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 404 art_icon.png
tdstjx.com/images/ 1 KB
1 KB 148ms
147ms Image
text/html 2606:4700:3031::6815:1973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tdstjx.com/images/art_icon.png
Requested by: Host: tdstjx.com
URL: https://tdstjx.com/kfyyy/news_v9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/kfyyy/news_v9.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 13:24:41 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjNYo4Pol0m8WU3w2pMOJH%2BC8IIlMl0FbSYAVg8Dbs5cfH9g2wsi7dH5l5oj7o%2FldWHxi%2BRm0cMGOOTGTOeki6sxU4eFFcFBZ49q6ofAhUet7B60bkRW%2B%2BwLIK6VDVb%2BRI%2Fmx0rMFFYa"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 6a6d347dea8cf8ab-NRT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 139ms
138ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1403727549&si=729c7b3ff359771b87025d4695b8f287&v=1.2.88&lv=1&sn=64152&r=0&ww=1600&ct=!!&u=https%3A%2F%2Ftdstjx.com%2F&tt=%E9%80%81%E5%BD%A9%E9%87%91%E7%BA%BF%E4%B8%8A%E5%A8%B1%E4%B9%90-%E4%B8%93%E4%B8%9A%E8%B4%AD%E5%BD%A9%E5%B9%B3%E5%8F%B0

Requested by

Host: tdstjx.com
URL: https://tdstjx.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://tdstjx.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Oct 2021 13:24:42 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 404
Not Found 0.5141566757973466
www.gd567b.com/ Frame 15B9 0
0 614ms
107ms Image
text/html 162.253.67.147
CNSERVERS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gd567b.com/0.5141566757973466
Requested by: Host: www.gd4488.com
URL: https://www.gd4488.com/a/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 162.253.67.147 Clackamas, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.gd4488.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
www.gd567b.com/ Frame 15B9 884 B
1 KB 333ms
111ms Document
text/html 162.253.67.147
CNSERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gd567b.com/
Requested by: Host: www.gd4488.com
URL: https://www.gd4488.com/a/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 162.253.67.147 Clackamas, United States, ASN40065 (CNSERVERS, US),
Reverse DNS
Software: Microsoft-IIS/8.5 /
Resource Hash: 03aec23a103cc08b3050fa9cd61101969e94a6b57b74336cab0debb6ea735e69

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.gd4488.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Thu, 26 Aug 2021 11:50:59 GMT
Accept-Ranges: bytes
ETag: "75a95aa3709ad71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
Date: Sun, 31 Oct 2021 13:24:40 GMT
Content-Length: 805

GET
H2 403 0.7667284429186161
www.gd4441.com/ Frame 15B9 0
0 882ms
234ms Image
text/html 154.218.13.200
ANCHGLOBAL-AS-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gd4441.com/0.7667284429186161
Requested by: Host: www.gd567b.com
URL: https://www.gd567b.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.218.13.200 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.gd567b.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 / Show response
www.gd4441.com/ Frame 15B9 16 KB
11 KB 134ms
134ms Document
text/html 154.218.13.200
ANCHGLOBAL-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gd4441.com/?att=177
Requested by: Host: www.gd567b.com
URL: https://www.gd567b.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.218.13.200 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software: nginx/1.17.3 /
Resource Hash: 60b9b55c44fbde780a14188f7f463fb599651eb2759e4b96c7702d8b7404f369

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.gd567b.com/

Response headers

date: Sun, 31 Oct 2021 13:24:44 GMT
content-type: text/html; charset=utf-8
expires: Sun, 31 Oct 2021 13:24:43 GMT
cache-control: no-cache no-store no-cache max-age=0
content-encoding: gzip
server: nginx/1.17.3
guard-cache: BYPASS
guard-store: BYPASS

GET
H2 200 configjs.js Show response
www.gd4441.com/static/data/ Frame 15B9 2 KB
1 KB 79ms
78ms Script
application/javascript 154.218.13.200
ANCHGLOBAL-AS-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gd4441.com/static/data/configjs.js
Requested by: Host: www.gd4441.com
URL: https://www.gd4441.com/?att=177
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 154.218.13.200 , Hong Kong, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software: nginx/1.17.3 /
Resource Hash: d1ddab8de4c78b6dbacf8138fa6e30ab80e55d6702a5d301ba44a9749a5f490a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://www.gd4441.com/?att=177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 13:24:44 GMT
content-encoding: gzip
last-modified: Sat, 30 Oct 2021 12:54:05 GMT
server: nginx/1.17.3
guard-cache: HIT
etag: W/"617d406d-993"
content-type: application/javascript; charset=utf-8
guard-store: BYPASS
cache-control: max-age=36000
content-length: 1164
expires: Sun, 31 Oct 2021 15:47:09 GMT

GET
DATA 200
OK truncated
/ Frame 15B9 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a3022dc00c0d68520e04e0daf6bc3c20402caa6fb473b275c58474043dee22a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: 7BA12AE5C0AB0B7F
.tdstjx.com/	1970-01-20 07:07:02	Name: Hm_lvt_729c7b3ff359771b87025d4695b8f287 Value: 1635686682
.tdstjx.com/	1969-12-31 23:59:59	Name: Hm_lpvt_729c7b3ff359771b87025d4695b8f287 Value: 1635686682

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tdstjx.com/images/searchbg.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tdstjx.com/images/art_icon.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://tdstjx.com/images/ico_5.png Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://www.gd4488.com/a/ Message: Mixed Content: The page at 'https://www.gd4488.com/a/' was loaded over HTTPS, but requested an insecure element 'http://www.gd567b.com/0.5141566757973466'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.gd567b.com/0.5141566757973466 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	URL: https://www.gd567b.com/ Message: Mixed Content: The page at 'https://www.gd567b.com/' was loaded over HTTPS, but requested an insecure element 'http://www.gd4441.com/0.7667284429186161'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://www.gd4441.com/0.7667284429186161 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
tdstjx.com
www.gd4441.com
www.gd4488.com
www.gd567b.com
103.235.46.191
154.218.13.200
162.253.67.147
23.225.166.66
2606:4700:3031::6815:1973
03aec23a103cc08b3050fa9cd61101969e94a6b57b74336cab0debb6ea735e69
170f5949b08223e7fb49524474fc9b740690feaeb2fc6d6ee8056b61188ec90f
29a0e9de7bfd4f9f23d3bb8ac0beddde1e976b0a830255a67aac0f7890f2feb1
2a3022dc00c0d68520e04e0daf6bc3c20402caa6fb473b275c58474043dee22a
3424e751de9bd1d10f84c20f67cbd20bdb5a115efd64aac7d6e19625ef9c5e2c
4f3bbb9343dd0982f32a73cfdd8b4c83f7f682bb238258b127b7ccf700c1995b
52c47fde40354d6dda0a57fad65191c7c6412fa526fd1e17bf2decf916f74838
58d64bad8f43a6c332a2e1639a566bd482c812b3f892d4aba9ae15be8d06eb8f
60b9b55c44fbde780a14188f7f463fb599651eb2759e4b96c7702d8b7404f369
7f93d80cd89d3c5baedc598914117d3ccb0aeb172b09b50683e288109e00a040
ba9e9f47f8eecf247d90a31c9eee7164310c47a41362ef92f486aa10e8c8af87
bf965c5243c36ecb6e1a9fb2f906ed23340131402ea56fc41c8601ac07e59e9b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1ddab8de4c78b6dbacf8138fa6e30ab80e55d6702a5d301ba44a9749a5f490a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efa5a5d92a1e3cd2a2614f6dba3d95e902f7831bc6eb1ee0243a472add80d273

tdstjx.com Open in urlscan Pro 2606:4700:3031::6815:1973 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

100 %HTTPS

20 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

56 kBTransfer

146 kBSize

3 Cookies

1 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

3 Cookies

7 Console Messages

Indicators

tdstjx.com Open in urlscan Pro
2606:4700:3031::6815:1973 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

56 kB
Transfer

146 kB
Size

3
Cookies

18 HTTP transactions
1 data transactions