urlscan.io logo urlscan.io
SecurityTrails logo

3.tdtz.xyz Open in urlscan Pro
104.233.173.201  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://messummit.com/
Effective URL: https://3.tdtz.xyz/x-tz/tz3.html
Submission: On July 31 via api from SG — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 104.233.173.201, located in United States and belongs to PEGTECHINC-AP-03, US. The main domain is 3.tdtz.xyz.
TLS certificate: Issued by R3 on May 19th 2023. Valid for: 3 months.
This is the only time 3.tdtz.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 137.175.92.117 54600 (PEGTECHINC)
1 137.175.39.188 54600 (PEGTECHINC)
2 42.236.74.130 4837 (CHINA169-...)
1 104.233.173.201 398993 (PEGTECHIN...)
13 5
Apex Domain
Subdomains		 Transfer
4 messummit.com
messummit.com
www.messummit.com
2 KB
2 51.la
js.users.51.la — Cisco Umbrella Rank: 69021 Failed
ia.51.la Failed
5 KB
1 tdtz.xyz
3.tdtz.xyz
645 B
0 tdkp.xyz Failed
hhh.tdkp.xyz Failed
fff.tdkp.xyz Failed
13 4
Domain Requested by
3 www.messummit.com www.messummit.com
2 js.users.51.la www.messummit.com
3.tdtz.xyz
1 3.tdtz.xyz www.messummit.com
1 messummit.com 1 redirects
0 ia.51.la Failed 3.tdtz.xyz
0 fff.tdkp.xyz Failed 3.tdtz.xyz
0 hhh.tdkp.xyz Failed 3.tdtz.xyz
13 7

This site contains no links.

Subject Issuer Validity Valid
*.users.51.la
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-14 -
2024-05-15		 a year crt.sh
1.tdtz.xyz
R3		 2023-05-19 -
2023-08-17		 3 months crt.sh

This page contains 1 frames:

Frame: https://fff.tdkp.xyz/
Frame ID: 53BF1E416C018F5D8CC1BD832CD6464C
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://messummit.com/ HTTP 301
    http://www.messummit.com/index.php Page URL
  2. https://3.tdtz.xyz/x-tz/tz3.html Page URL

Page Statistics

13
Requests

23 %
HTTPS

0 %
IPv6

4
Domains

7
Subdomains

5
IPs

2
Countries

7 kB
Transfer

13 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://messummit.com/ HTTP 301
    http://www.messummit.com/index.php Page URL
  2. https://3.tdtz.xyz/x-tz/tz3.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://messummit.com/ HTTP 301
  • http://www.messummit.com/index.php

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
index.php
www.messummit.com/
Redirect Chain
  • http://messummit.com/
  • http://www.messummit.com/index.php
2 KB
745 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.messummit.com/index.php
Protocol
HTTP/1.1
Server
137.175.92.117 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
4a4d60981de99b066c35dd4b8e4e4ec65d6e621ed796b7ce5654cdc3305a2f60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 31 Jul 2023 21:16:07 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Mon, 31 Jul 2023 21:16:06 GMT
Location
http://www.messummit.com/index.php
Server
nginx
common.js
www.messummit.com/ 		347 B
503 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.messummit.com/common.js
Requested by
Host: www.messummit.com
URL: http://www.messummit.com/index.php
Protocol
HTTP/1.1
Server
137.175.92.117 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
4dc7f7f765e63fc00b45821fbd82305c28b3a164aeb7a45212347062fc3dc1ea

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.messummit.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 21:16:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
347
Content-Type
application/x-javascript
tj.js
www.messummit.com/ 		206 B
362 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.messummit.com/tj.js
Requested by
Host: www.messummit.com
URL: http://www.messummit.com/index.php
Protocol
HTTP/1.1
Server
137.175.92.117 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
nginx /
Resource Hash
d4ac6138e911d7067677e47a8a2aaf3c2b207d488652adc92d491091dca19b57

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
http://www.messummit.com/index.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 21:16:07 GMT
Server
nginx
Connection
keep-alive
Content-Length
206
Content-Type
application/x-javascript
ke2.js
137.175.39.188/x-zhongzhuan/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
http://137.175.39.188/x-zhongzhuan/ke2.js
Requested by
Host: www.messummit.com
URL: http://www.messummit.com/common.js
Protocol
HTTP/1.1
Server
137.175.39.188 , United States, ASN54600 (PEGTECHINC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
http://www.messummit.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers
21731985.js
js.users.51.la/ 		0
0
21733773.js
js.users.51.la/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/21733773.js
Requested by
Host: www.messummit.com
URL: http://www.messummit.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.236.74.130 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
hn.kd.ny.adsl
Software
openresty /
Resource Hash

Request headers

Referer
http://www.messummit.com/
accept-language
zh-SG,zh;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Mon, 31 Jul 2023 21:16:41 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Primary Request tz3.html
3.tdtz.xyz/x-tz/ 		640 B
645 B 		Document
General
Check archive.org
Download Go to
Full URL
https://3.tdtz.xyz/x-tz/tz3.html
Requested by
Host: www.messummit.com
URL: http://www.messummit.com/common.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.233.173.201 , United States, ASN398993 (PEGTECHINC-AP-03, US),
Reverse DNS
Software
nginx /
Resource Hash
e9f92cd612b69e05b7db90b81eea0423fee0ac5031e21beca291ebbfbdf57135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://www.messummit.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
zh-SG,zh;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 01 Aug 2023 05:21:39 GMT
etag
W/"64c85614-280"
last-modified
Tue, 01 Aug 2023 00:47:16 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
21489619.js
js.users.51.la/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.users.51.la/21489619.js
Requested by
Host: 3.tdtz.xyz
URL: https://3.tdtz.xyz/x-tz/tz3.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
42.236.74.130 , China, ASN4837 (CHINA169-BACKBONE CHINA UNICOM China169 Backbone, CN),
Reverse DNS
hn.kd.ny.adsl
Software
openresty /
Resource Hash
1205cff14c4bbc5fb1e057729b692d5885dd0177afde01bd7f35948cca5ab636

Request headers

accept-language
zh-SG,zh;q=0.9
Referer
https://3.tdtz.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date
Mon, 31 Jul 2023 21:16:43 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
0.38088259760975185
hhh.tdkp.xyz/ 		0
0
0.02425121984248313
fff.tdkp.xyz/ 		0
0
go1
ia.51.la/ 		0
0
/
hhh.tdkp.xyz/ 		0
0
/
fff.tdkp.xyz/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
js.users.51.la
URL
https://js.users.51.la/21731985.js
Domain
hhh.tdkp.xyz
URL
https://hhh.tdkp.xyz/0.38088259760975185
Domain
fff.tdkp.xyz
URL
https://fff.tdkp.xyz/0.02425121984248313
Domain
ia.51.la
URL
https://ia.51.la/go1?id=21489619&rt=1690838172221&rl=1600*1200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1690838172221&tt=&kw=&cu=https%253A%252F%252F3.tdtz.xyz%252Fx-tz%252Ftz3.html&pu=http%253A%252F%252Fwww.messummit.com%252F
Domain
hhh.tdkp.xyz
URL
https://hhh.tdkp.xyz/
Domain
fff.tdkp.xyz
URL
https://fff.tdkp.xyz/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Domain/Path Name / Value
3.tdtz.xyz/ Name: __tins__21489619
Value: %7B%22sid%22%3A%201690838172221%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201690839972221%7D
3.tdtz.xyz/ Name: __51cke__
Value:
3.tdtz.xyz/ Name: __51laig__
Value: 1

8 Console Messages

Source Level URL
Text
javascript warning URL: http://www.messummit.com/common.js(Line 13)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://137.175.39.188/x-zhongzhuan/ke2.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.messummit.com/common.js(Line 13)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://137.175.39.188/x-zhongzhuan/ke2.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: http://137.175.39.188/x-zhongzhuan/ke2.js
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: http://www.messummit.com/tj.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21731985.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.messummit.com/tj.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21731985.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://www.messummit.com/tj.js(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://js.users.51.la/21733773.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://hhh.tdkp.xyz/0.38088259760975185
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network error URL: https://fff.tdkp.xyz/0.02425121984248313
Message:
Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR