urlscan.io logo urlscan.io
SecurityTrails logo

youxuan2024-e6h.pages.dev Open in urlscan Pro
172.66.45.48  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Effective URL: https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Submission: On October 29 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 18 HTTP transactions. The main IP is 172.66.45.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is youxuan2024-e6h.pages.dev.
TLS certificate: Issued by WE1 on September 30th 2024. Valid for: 3 months.
This is the only time youxuan2024-e6h.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Cloudflare (Online)

Domain & IP information

IP Address AS Autonomous System
1 6 172.66.45.48 13335 (CLOUDFLAR...)
7 47.246.23.231 24429 (TAOBAO Zh...)
1 2404:2280:1b8... 24429 (TAOBAO Zh...)
1 2409:8c1c:300... 132525 (CMNET-HEI...)
1 240e:95d:802:... 136192 (CHINATELE...)
18 6
6    172.66.45.48 (United States)

ASN13335 (CLOUDFLARENET, US)
youxuan2024-e6h.pages.dev
7    47.246.23.231 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
lf3-cdn-tos.bytegoofy.com
1    2404:2280:1b8:0:3::7fc (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
i.snssdk.com
1    2409:8c1c:300:2:3c:: (China)

ASN132525 (CMNET-HEILONGJIANG-CN HeiLongJiang Mobile Communication Company Limited, CN)
mon.zijieapi.com
1    240e:95d:802:201:8000:0:b00:44 (China)

ASN136192 (CHINATELECOM-HUBEI-XIANGYANG-IDC Xiangyang, Hubei Province, P.R.China., CN)
sf1-cdn-tos.douyinstatic.com
Apex Domain
Subdomains		 Transfer
7 bytegoofy.com
lf3-cdn-tos.bytegoofy.com — Cisco Umbrella Rank: 121299
659 KB
6 pages.dev
youxuan2024-e6h.pages.dev
21 KB
1 douyinstatic.com
sf1-cdn-tos.douyinstatic.com — Cisco Umbrella Rank: 164604
5 KB
1 zijieapi.com
mon.zijieapi.com — Cisco Umbrella Rank: 24481
1 KB
1 snssdk.com
i.snssdk.com — Cisco Umbrella Rank: 58072
mcs.snssdk.com Failed
403 B
0 Failed
function sub() { [native code] }. Failed
18 6
Domain Requested by
7 lf3-cdn-tos.bytegoofy.com youxuan2024-e6h.pages.dev
lf3-cdn-tos.bytegoofy.com
6 youxuan2024-e6h.pages.dev 1 redirects youxuan2024-e6h.pages.dev
1 sf1-cdn-tos.douyinstatic.com
1 mon.zijieapi.com lf3-cdn-tos.bytegoofy.com
1 i.snssdk.com lf3-cdn-tos.bytegoofy.com
0 dispatch_message Failed lf3-cdn-tos.bytegoofy.com
0 mcs.snssdk.com Failed lf3-cdn-tos.bytegoofy.com
18 7

This site contains links to these domains. Also see Links.

Domain
www.douyin.com
Subject Issuer Validity Valid
youxuan2024-e6h.pages.dev
WE1		 2024-09-30 -
2024-12-29		 3 months crt.sh
*.bytegoofy.com
RapidSSL TLS RSA CA G1		 2024-05-21 -
2025-05-20		 a year crt.sh
*.snssdk.com
RapidSSL TLS RSA CA G1		 2024-05-21 -
2025-05-20		 a year crt.sh
*.zijieapi.com
RapidSSL TLS RSA CA G1		 2024-05-21 -
2025-05-21		 a year crt.sh
*.douyinstatic.com
RapidSSL TLS RSA CA G1		 2024-05-15 -
2025-05-14		 a year crt.sh

This page contains 2 frames:

Primary Page: https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Frame ID: C7AC7A42D048C8030A492E2F7D2CD82E
Requests: 16 HTTP requests in this frame

Frame: bytedance://dispatch_message/
Frame ID: 98FD868F7F89F42AF8D7897F48661463
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

【抖音】新闻动态

Page URL History Show full URLs

  1. http://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C HTTP 307
    https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C Page URL
  2. https://youxuan2024-e6h.pages.dev/cdn-cgi/phish-bypass?atok=ODIVw4OXkv6PJjM9RW6wxpTCc.0fxpHhqMKdDyzXTH0-173017... HTTP 301
    https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C Page URL

Page Statistics

18
Requests

83 %
HTTPS

60 %
IPv6

6
Domains

7
Subdomains

6
IPs

3
Countries

686 kB
Transfer

2721 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C HTTP 307
    https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C Page URL
  2. https://youxuan2024-e6h.pages.dev/cdn-cgi/phish-bypass?atok=ODIVw4OXkv6PJjM9RW6wxpTCc.0fxpHhqMKdDyzXTH0-1730172136-0.0.1.1-%2Fnews%3Ftype%3D%25C3%25A5%25C2%25A5%25C2%25A2%25C3%25A4%25C2%25BE%25C2%2588%25C3%25A6%25C2%25A6%25C2%259C HTTP 301
    https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C HTTP 307
  • https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
news
youxuan2024-e6h.pages.dev/
Redirect Chain
  • http://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
  • https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
376537650dacf34e242795f3a7708b36ae1b94c3807d700e68ff4c2bdaa0c407
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-ray
8da00a4edd9e09ba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 29 Oct 2024 03:22:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FH7tyHjcDkZDfIfp%2FcJLolfd%2FgUXOfriOnUpH3XcFOQVltOP4JAQt2gt%2BdMHV8CfkPW%2BuC3WfznC1BSyNmLcuqHsB%2FhBDIQNNOJnKJdxlUpezjYNH%2BA05Op6UlA33OJZtfDjvb4zExQavXOd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Non-Authoritative-Reason
HSTS
cf.errors.css
youxuan2024-e6h.pages.dev/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://youxuan2024-e6h.pages.dev/cdn-cgi/styles/cf.errors.css
Requested by
Host: youxuan2024-e6h.pages.dev
URL: https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
content-encoding
gzip
etag
W/"67180f5f-5df3"
x-content-type-options
nosniff
cf-ray
8da00a4ffed309ba-MIA
expires
Tue, 29 Oct 2024 05:22:16 GMT
date
Tue, 29 Oct 2024 03:22:16 GMT
content-type
text/css
last-modified
Tue, 22 Oct 2024 20:47:27 GMT
server
cloudflare
x-frame-options
DENY
icon-exclamation.png
youxuan2024-e6h.pages.dev/cdn-cgi/images/ 		452 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://youxuan2024-e6h.pages.dev/cdn-cgi/images/icon-exclamation.png?1376755637
Requested by
Host: youxuan2024-e6h.pages.dev
URL: https://youxuan2024-e6h.pages.dev/cdn-cgi/styles/cf.errors.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://youxuan2024-e6h.pages.dev/cdn-cgi/styles/cf.errors.css

Response headers

vary
Accept-Encoding
cache-control
max-age=7200, public
etag
"67180f5f-1c4"
x-content-type-options
nosniff
cf-ray
8da00a5349d009ba-MIA
expires
Tue, 29 Oct 2024 05:22:17 GMT
accept-ranges
bytes
content-length
452
date
Tue, 29 Oct 2024 03:22:17 GMT
content-type
image/png
last-modified
Tue, 22 Oct 2024 20:47:27 GMT
server
cloudflare
x-frame-options
DENY
favicon.ico
youxuan2024-e6h.pages.dev/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://youxuan2024-e6h.pages.dev/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82578df2ed9c0299fbea09a8da532245ca5e54b1c442b604c64e1b818c0b36a6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWNXUKOJBQVJPFkRhXGq%2BTJuEoant2vtFDe4QsE7MxtbdM1XETtoPNeOekuH%2BlI8I2dvqUGdl20YDJzbmEq4j9dJ5NTTgaIkB8Kc8zfpO5szo9qQdYHxB%2FStBlkn5Ffe%2BZVcgUrMkYpSxV32"}],"group":"cf-nel","max_age":604800}
cf-ray
8da00a545adb09ba-MIA
date
Tue, 29 Oct 2024 03:22:17 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
Primary Request news
youxuan2024-e6h.pages.dev/
Redirect Chain
  • https://youxuan2024-e6h.pages.dev/cdn-cgi/phish-bypass?atok=ODIVw4OXkv6PJjM9RW6wxpTCc.0fxpHhqMKdDyzXTH0-1730172136-0.0.1.1-%2Fnews%3Ftype%3D%25C3%25A5%25C2%25A5%25C2%25A2%25C3%25A4%25C2%25BE%25C2%2...
  • https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
31 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.45.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
436faf2b8f3bdfddb5e28256938edcc9715a894679351985c5a9e3ce57e889fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
max-age=120
cf-cache-status
DYNAMIC
cf-ray
8da00a736fd009ba-MIA
content-encoding
br
content-security-policy
upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
content-security-policy-report-only
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.bytednsdoc.com *.zijieimg.com *.zjurl.cn *.pstatp.com *.bytecdn.cn *.isnssdk.com *.365yg.com *.ipstatp.com *.amemv.com *.ibytedtos.com *.ixigua.com *.ixiguavideo.com *.hypstarcdn.com *.tiktokcdn.com *.topbuzzcdn.com *.muscdn.com *.huoshanzhibo.com *.huoshanxiaoshipin.cn *.huoshanxiaoshipin.net *.huoshanvideo.cn *.huoshanvideo.net *.ieshuodong.cn *.ieshuodong.net *.byteoversea.com *.byted.org *.bytedance.net *.bytescm.com *.bytedance.com *.toutiaocloud.com *.snssdk.com *.toutiao.com *.huoshan.com *.douyin.com *.douyincdn.com *.jinritemai.com *.chengzijianzhan.com *.baike.com *.ribaoapi.com *.bytexservice.com *.pglstatp-toutiao.com *.oceanengine.com *.dyvideotape.com at.alicdn.com g.alicdn.com *.iesdouyin.com *.byteimg.com *.zjcdn.com bytedance: android-webview-video-poster: snssdk1128: *.bytednsdoc.com *.douyinpic.com *.douyinstatic.com *.bdxiguaimg.com *.bdxiguastatic.com *.bytegoofy.com unpkg.com unpkg.byted-static.com *.draftstatic.com *.bytetcc.com;img-src 'self' blob: data: android-webview-video-poster: 'unsafe-inline' 'unsafe-eval' *.douyin.com *.pstatp.com *.byteimg.com *.douyincdn.com *.toutiao.com *.snssdk.com *.pglstatp-toutiao.com *.byted.org *.oceanengine.com *.feiliao.com *.ixigua.com *.bdxiguaimg.com *.bdxiguastatic.com *.iesdouyin.com *.bytecdn.cn *.ribaoapi.com *.365yg.com *.bytexservice.com *.tiktokcdn.com *.douyinpic.com *.douyinstatic.com *.bytedance.net *.bytescm.com *.bytednsdoc.com *.bytegoofy.com;media-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.ixigua.com *.snssdk.com *.pstatp.com *.zjcdn.com *.365yg.com *.bytecdn.cn *.douyinvod.com *.bytedance.net *.bytescm.com *.bytegoofy.com *.bytednsdoc.com;upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
content-type
text/html; charset=utf-8
date
Tue, 29 Oct 2024 03:22:24 GMT
eagleid
0830559a17301721441788735e
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iGldsB4wy%2FDxdSlQQWviRRRu%2FLLYHcBV7%2BvAVdZrExG77JPLKhMXc6XiUkhN2BfMAL80Ce2fXLRMVjwBGFz1BPc8Eqs9psSxMIF%2F5yy%2F8fWuzIj0sncmGjqAn5d1RXwhOnw7JkOC1lIuieK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
inner; dur=45 cdn-cache;desc=MISS,edge;dur=178,origin;dur=54 cfL4;desc="?proto=QUIC&rtt=33557&sent=29&recv=23&lost=0&retrans=0&sent_bytes=14899&recv_bytes=7309&delivery_rate=525&cwnd=12000&unsent_bytes=0&cid=22c55be10c354448&ts=7763&x=1" cfHdrFlush;dur=0
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
cache34.l2nu16[54,0], cache10.l2et2-2[77,0], ens-cache6.us24[232,0]
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-tt-logid
20241029112224CD0F725233E18D01A5BC
x-tt-trace-host
01ae3485c412db67097a2fefa88ba0f9721c1566d47b7d0105d65f4f668ee72fd00f3421ab29e2a97f69061418615b04563fd0a15554eea3966e4458f109b7e470067edf093ac95233453675a81f5a5c0d941c70fd74c7303edece8f81142c195460122df33840df68d25f971a3ff5c300
x-tt-trace-id
00-241029112224CD0F725233E18D01A5BC-1066B24E25A83489-00
x-tt-trace-tag
id=03;cdn-cache=miss;type=dyn
x-xss-protection
1; mode=block

Redirect headers

cache-control
private, no-cache
cf-ray
8da00a733f9a09ba-MIA
content-length
167
content-type
text/html
date
Tue, 29 Oct 2024 03:22:22 GMT
location
https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
server
cloudflare
x-content-type-options
nosniff
x-frame-options
DENY
vendor~index.48a509c4.css
lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/common/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/common/vendor~index.48a509c4.css
Requested by
Host: youxuan2024-e6h.pages.dev
URL: https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.23.231 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
86500463d64c4bfbb09b785b96c3d370ffa0b748b0ac1e0404d8754cdbc6b032

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://youxuan2024-e6h.pages.dev/

Response headers

content-md5
MPt5KHbh6TH8VxofnCQ1xw==
content-encoding
br
etag
W/"30fb792876e1e931fc571a1f9c2435c7"
age
10251248
x-tos-request-id
f361bf83e90368006683e903-a815454
server-timing
cdn-cache;desc=HIT,edge;dur=9
x-cache
HIT TCP_HIT dirn:11:525006887
content-type
text/css; charset=utf-8
last-modified
Mon, 17 Jun 2024 07:22:42 GMT
x-server
goofy
x-tt-trace-host
01679503b9f77d82a42a5fb41e4df8ea7658d7c6cb6552900dbc3093b7e4b7fe4a6c94ee7592d0436c79e8174f51047e5257f9f8d9813666c341bd90030b962a0b99b3ebc62cafa9c2ff7c3961882ca8bad9183335688908a03e10c76d506d918b
cache-control
max-age=31536000
access-control-request-methods
OPTIONS, HEAD, GET
x-swift-cachetime
31536000
ali-swift-global-savetime
1719920899
x-swift-savetime
Tue, 02 Jul 2024 11:48:19 GMT
x-tt-trace-id
00-240702194819E7697152BE050C63BDFD-355B6E19311CFBF7-00
content-length
734
eagleid
2ff6179717301721475184905e
x-response-cache
edge_hit
server
Tengine
access-control-allow-methods
OPTIONS, HEAD, GET
date
Tue, 02 Jul 2024 11:48:19 GMT
x-tos-storage-class
STANDARD
vary
Accept-Encoding
timing-allow-origin
*
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
via
cache14.l2us2[31763,31762,200-0,M], cache14.l2us2[31763,0], ens-cache5.us22[0,0,200-0,H], ens-cache3.us22[9,0]
x-tos-response-time
Tue, 02 Jul 2024 11:48:19 GMT
x-tos-hash-crc64ecma
4810508968828165756
access-control-allow-origin
*
x-tt-logid
20240702194819E7697152BE050C63BDFD
base.28e88a77.css
lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/common/ 		859 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/common/base.28e88a77.css
Requested by
Host: youxuan2024-e6h.pages.dev
URL: https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.23.231 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
aad42b4a8ffc12bc1186a5891ae5c66dd6d2849a0df162f8d67ec9bf1fcde1ad

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://youxuan2024-e6h.pages.dev/

Response headers

content-md5
2dZ2r53zwfqgiu7H0TJgkA==
content-encoding
br
etag
W/"d9d676af9df3c1faa08aeec7d1326090"
age
10624039
x-tos-request-id
6c7e187e38cc8b24667e38cc-a931c92
server-timing
cdn-cache;desc=HIT,edge;dur=4
x-cache
HIT TCP_HIT dirn:12:476068093
content-type
text/css; charset=utf-8
last-modified
Mon, 17 Jun 2024 07:22:42 GMT
x-server
goofy
x-tt-trace-host
01c2e7023ce17e3ccc716f2c86ec1292962bbbed2ce5b9d902ea17aeb119feb37e5d004bcd535cf02c100bb7a37095cb5235043f45dc22f98bf3ebfec867392476187868f1e44513d609c537b827c96bae14203f8c69287dbab9162e375db5649d
cache-control
max-age=31536000
access-control-request-methods
OPTIONS, HEAD, GET
x-swift-cachetime
31536000
ali-swift-global-savetime
1719548108
x-swift-savetime
Fri, 28 Jun 2024 04:15:08 GMT
x-tt-trace-id
00-2406281215083F08338E1FDCC90D0BB7-66EFFA2A233C0BAF-00
content-length
456
eagleid
2ff6179717301721475184912e
x-response-cache
edge_hit
server
Tengine
access-control-allow-methods
OPTIONS, HEAD, GET
date
Fri, 28 Jun 2024 04:15:08 GMT
x-tos-storage-class
STANDARD
vary
Accept-Encoding
timing-allow-origin
*
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
via
cache37.l2us2[224,224,200-0,M], cache19.l2us2[226,0], ens-cache11.us22[0,0,200-0,H], ens-cache3.us22[4,0]
x-tos-response-time
Fri, 28 Jun 2024 04:15:08 GMT
x-tos-hash-crc64ecma
18349287904233920931
access-control-allow-origin
*
x-tt-logid
202406281215083F08338E1FDCC90D0BB7
vendor~index.6a66abba.js
lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/common/ 		2 MB
455 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/common/vendor~index.6a66abba.js
Requested by
Host: youxuan2024-e6h.pages.dev
URL: https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.23.231 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
cba523a63c44dc501acc3f8e40c31f792b6079ea7d5fa9f432a511addb775f72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://youxuan2024-e6h.pages.dev
Referer
https://youxuan2024-e6h.pages.dev/

Response headers

content-md5
ZVG+Hikt5rKKNYNKrQK66g==
content-encoding
br
etag
W/"6551be1e292de6b28a35834aad02baea"
age
8553243
x-tos-request-id
e2f6f69dd1d8d4da669dd1d8-a923983
server-timing
cdn-cache;desc=HIT,edge;dur=41
x-cache
HIT TCP_HIT dirn:12:114154293
content-type
application/javascript
last-modified
Mon, 22 Jul 2024 02:42:12 GMT
x-server
goofy
x-tt-trace-host
0164baf5d944135de66b1af737074a5cd403ccb912bfed13dc3b46bfb147af9a355f08dc0d229b6b07069df89af2d3994d237d783e0ea3cdfa536ae9467667e6e6745a943362e91a80e28550d35a24af2473d097a5fa6c1658c12f0f07facc6d43
cache-control
max-age=31536000
access-control-request-methods
OPTIONS, HEAD, GET
x-swift-cachetime
31468225
ali-swift-global-savetime
1721618904
x-swift-savetime
Mon, 22 Jul 2024 22:17:59 GMT
x-tt-trace-id
00-240722112824B4E3BC720E258301469F-7716D9B76352A8AC-00
content-length
464356
eagleid
2ff6179f17301721475174819e
x-response-cache
edge_hit
server
Tengine
access-control-allow-methods
OPTIONS, HEAD, GET
date
Mon, 22 Jul 2024 03:28:24 GMT
x-tos-storage-class
STANDARD
vary
Accept-Encoding
timing-allow-origin
*
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
via
cache5.l2us2[0,0,200-0,H], cache16.l2us2[2,0], ens-cache1.us22[0,12,200-0,H], ens-cache11.us22[41,0]
x-tos-response-time
Mon, 22 Jul 2024 03:28:24 GMT
x-tos-hash-crc64ecma
2839620986475557256
access-control-allow-origin
*
x-tt-logid
20240722112824B4E3BC720E258301469F
index.ce4570da.js
lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/ 		533 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/index.ce4570da.js
Requested by
Host: youxuan2024-e6h.pages.dev
URL: https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.23.231 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
3ff4a53e74cb93c4dcd8fabb6940cffff5f8df0cc057a74d99bfef186182cc7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://youxuan2024-e6h.pages.dev
Referer
https://youxuan2024-e6h.pages.dev/

Response headers

content-md5
oj9EJPgYUqOLhHSuVczrrQ==
content-encoding
br
etag
W/"a23f4424f81852a38b8474ae55ccebad"
age
6993596
x-tos-request-id
ce72e0b59e37523b66b59e37-a924338
server-timing
cdn-cache;desc=HIT,edge;dur=3
x-cache
HIT TCP_HIT dirn:11:813326634
content-type
application/javascript
last-modified
Fri, 09 Aug 2024 03:11:16 GMT
x-server
goofy
x-tt-trace-host
0163eb20dd5784bbf88ab7387aa6c6cc1cdaf344b7a3ca1825013f3988d695be8059f9a377de4399d832c1ff881bc8571beb90bb79aeee5dcb48c919d56470b702c24d4149f3e0af384d71318222abad480969e916fb285347b53a0172a62bcf96
cache-control
max-age=31536000
access-control-request-methods
OPTIONS, HEAD, GET
x-swift-cachetime
31473761
ali-swift-global-savetime
1723178551
x-swift-savetime
Fri, 09 Aug 2024 21:59:50 GMT
x-tt-trace-id
00-240809124231489BDE63EB541F061CA2-104BDD0E39F9C846-00
content-length
138194
eagleid
2ff6179f17301721475174825e
x-response-cache
edge_hit
server
Tengine
access-control-allow-methods
OPTIONS, HEAD, GET
date
Fri, 09 Aug 2024 04:42:31 GMT
x-tos-storage-class
STANDARD
vary
Accept-Encoding
timing-allow-origin
*
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
via
cache15.l2us2[0,2,200-0,H], cache36.l2us2[4,0], ens-cache2.us22[0,0,200-0,H], ens-cache11.us22[3,0]
x-tos-response-time
Fri, 09 Aug 2024 04:42:31 GMT
x-tos-hash-crc64ecma
17613934252271686899
access-control-allow-origin
*
x-tt-logid
20240809124231489BDE63EB541F061CA2
browser.cn.js
lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/ 		62 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/browser.cn.js?bid=douyin_home_web
Requested by
Host: youxuan2024-e6h.pages.dev
URL: https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.23.231 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
450c2f363c6ba560e0b4a31e43f4a1ff7357b61dae2448b695cec396f6ec97ae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://youxuan2024-e6h.pages.dev
Referer
https://youxuan2024-e6h.pages.dev/

Response headers

content-md5
u7C4V5ZtYucn4//dFEJDKg==
content-encoding
br
etag
W/"bbb0b857966d62e727e3ffdd1442432a"
age
13911312
access-control-allow-methods
OPTIONS, HEAD, GET
x-tos-request-id
9b7c934c0fe30b2d664c0fe3-a9e8c90
server-timing
cdn-cache;desc=HIT,edge;dur=11
x-cache
HIT TCP_HIT dirn:12:412038776
date
Tue, 21 May 2024 03:07:15 GMT
x-tos-storage-class
STANDARD
content-type
application/javascript
vary
Accept-Encoding
x-server
goofy
last-modified
Tue, 05 Jul 2022 06:51:17 GMT
x-tt-trace-host
01983b264c70fee177a1b6a04df1b83dbef2a9dbc4955a78506ebf94bebece6962b45149eac138c632d137cacb99039711c2d86c09aa98b84dc5c8c155bd5e99001035e980f5b19aec7a4e20735c1ea16e28f48d5572eb73c629f2abb3f6d5c9b2
cache-control
max-age=31536000
access-control-request-methods
OPTIONS, HEAD, GET
timing-allow-origin
*
x-swift-cachetime
28248727
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
via
cache29.l2us2[0,29,200-0,H], cache14.l2us2[31,0], ens-cache16.us22[0,0,200-0,H], ens-cache11.us22[11,0]
ali-swift-global-savetime
1716260835
x-tos-response-time
Tue, 21 May 2024 03:07:15 GMT
x-swift-savetime
Fri, 28 Jun 2024 04:15:08 GMT
access-control-allow-origin
*
x-tt-trace-id
00-240521110715EE490267F15D5ADF7393-3C107EFB5F24F7E2-00
content-length
20082
eagleid
2ff6179f17301721476335410e
x-tt-logid
20240521110715EE490267F15D5ADF7393
server
Tengine
x-response-cache
edge_hit
/
i.snssdk.com/log/sentry/v2/api/slardar/main/ 		0
403 B 		Other
General
Check archive.org
Download Go to
Full URL
https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
Requested by
Host: lf3-cdn-tos.bytegoofy.com
URL: https://lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/browser.cn.js?bid=douyin_home_web
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1b8:0:3::7fc , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/csp-report
Referer
https://youxuan2024-e6h.pages.dev/

Response headers

timing-allow-origin
*
x-tt-trace-tag
id=03;cdn-cache=miss;type=dyn
via
cache23.l2nu16-1[5,0], ens-cache16.us23[217,0]
server-timing
cdn-cache;desc=MISS,edge;dur=212,origin;dur=5
x-tt-trace-id
00-2410291122309CE03041BFEB8768AD9E-0226E7346EFBB54E-00
eagleid
082679a417301721502596999e
date
Tue, 29 Oct 2024 03:22:30 GMT
x-tt-logid
202410291122309CE03041BFEB8768AD9E
server
Tengine
x-tt-trace-host
01a87f0111c5939b40914381049799727d33d0ee466e48a3c9cf81286135c1fcf054feb001583d1ab8cec126f5f87428aae52bc6da802b89560bb6b8010b21eb58
sdk_setting
mon.zijieapi.com/slardar/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mon.zijieapi.com/slardar/sdk_setting?bid=douyin_home_web
Requested by
Host: lf3-cdn-tos.bytegoofy.com
URL: https://lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/browser.cn.js?bid=douyin_home_web
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c1c:300:2:3c:: , China, ASN132525 (CMNET-HEILONGJIANG-CN HeiLongJiang Mobile Communication Company Limited, CN),
Reverse DNS
Software
TLB /
Resource Hash
7dd05747b9690e96a54b372ee8f171640e2da7551fbb94e7284494b6089d21e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://youxuan2024-e6h.pages.dev/

Response headers

content-encoding
br
upstream-caught
1730172150693206
x-tt-trace-tag
id=11;cdn-cache=miss;type=dyn
access-control-allow-credentials
true
access-control-allow-origin
https://youxuan2024-e6h.pages.dev
x-tt-trace-id
00-241029112230985DCB1205D6706440DC-6258138A76A376BB-00
server-timing
inner; dur=3, cdn-cache;desc=miss, edge;dur=1, origin;dur=30
date
Tue, 29 Oct 2024 03:22:30 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding, Origin
x-tt-logid
20241029112230985DCB1205D6706440DC
server
TLB
x-tt-trace-host
01a87f0111c5939b40914381049799727d81d3f05215232f320a31c0b03d864442ffacfcd945e5791f52a945a97e62aad10579a1b13d7b69374d291755ebc38a68409373d847bbca4ad4fac6b7bf126a239e5c76d27f0b3f7c0bddd511acba67e11a1c9ad81a5f1a0f60aeeb9a91e6d24c
webid
mcs.snssdk.com/ Frame 		0
0
webid
mcs.snssdk.com/ 		0
0
/
dispatch_message/ Frame 98FD 		0
0
favicon_v2.ico
sf1-cdn-tos.douyinstatic.com/obj/eden-cn/kpchkeh7upepld/fe_app_new/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sf1-cdn-tos.douyinstatic.com/obj/eden-cn/kpchkeh7upepld/fe_app_new/favicon_v2.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
240e:95d:802:201:8000:0:b00:44 , China, ASN136192 (CHINATELECOM-HUBEI-XIANGYANG-IDC Xiangyang, Hubei Province, P.R.China., CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
1fd2b6b6e7c1280f211a486b524e57fea14fc6d6a3038898ecaf739747b43b72

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://youxuan2024-e6h.pages.dev/

Response headers

x-request-ip
2001:550:1d05:1::13
content-md5
cUX/BKv8a3T2hW0EtLEagg==
x-request-id
36543dcf46511787fc81b5d1f83500bc
x-bdcdn-cache-status
TCP_HIT
etag
"7145ff04abfc6b74f6856d04b4b11a82"
age
705247
access-control-allow-methods
GET, POST, OPTIONS, HEAD
x-tos-request-id
9858ad10e31ef2216710e31e-a95491f-a182510
server-timing
inner; dur=7
x-tos-storage-class
STANDARD
date
Tue, 29 Oct 2024 03:22:29 GMT
content-type
image/vnd.microsoft.icon
last-modified
Fri, 13 May 2022 02:44:47 GMT
access-control-allow-headers
*
x-tt-trace-host
01aca85a6aaf8272e79314291c2667a1c1152112bb83a3fb1c8fb481c265b88193eb362cc3ef344d7524241b76d4ab12b2f50bfc41eafdb25446722642be95215e07004bab92e0bba21e9c964b7d21e25317a1af49fe956efe54235e521ef4073ae30ae07b8b3a17c5e79e06853295e45ddc3670dac6e5597cd5334a94d77ca3b8
cache-control
max-age=2592000
timing-allow-origin
*
x-tt-trace-tag
id=5
via
cache11.xyct
x-tos-response-time
Thu, 17 Oct 2024 10:12:46 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-tt-trace-id
20241021072823481a1f6af2511EB7F146
content-length
4286
x-response-cache
edge_hit
server
Byte-nginx
x-response-cinfo
2001:550:1d05:1::13
x-tt-logid
20241021072823094DD18FFB39EAC1AC64
monitors.3.7.0.cn.js
lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/plugins/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/plugins/monitors.3.7.0.cn.js
Requested by
Host: lf3-cdn-tos.bytegoofy.com
URL: https://lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/browser.cn.js?bid=douyin_home_web
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.23.231 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9fb9a25417195bfac1e83a7d0d65ec41bf85d4590ff21c07496a5db1ff9bbd27

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://youxuan2024-e6h.pages.dev
Referer
https://youxuan2024-e6h.pages.dev/

Response headers

content-md5
ineIzS9QjEfhROu87Rz8Xg==
content-encoding
br
etag
W/"8a7788cd2f508c47e144ebbced1cfc5e"
age
4301474
access-control-allow-methods
OPTIONS, HEAD, GET
x-tos-request-id
6329bbdeb2542dcf66deb254-a86e015
server-timing
cdn-cache;desc=HIT,edge;dur=3
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
date
Mon, 09 Sep 2024 08:31:16 GMT
x-tos-storage-class
STANDARD
content-type
application/javascript
vary
Accept-Encoding
x-server
goofy
last-modified
Tue, 05 Jul 2022 06:51:17 GMT
x-tt-trace-host
010e8be259e7c847c932fc8642b7bafd53bb6ac618baf670cc70e42c836557c89d68605076a33605f4c4e0919ea1e71ec9056e2fe2ae1a5d1b0ce122aed9a9443eecdb66b50a944848c06d2974b644870c5dc07657191c5bac8581864cacb71cd2
cache-control
max-age=31536000
access-control-request-methods
OPTIONS, HEAD, GET
timing-allow-origin
*
x-swift-cachetime
31536000
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
via
cache32.l2us2[564,564,200-0,M], cache40.l2us2[566,0], ens-cache10.us22[0,0,200-0,H], ens-cache11.us22[3,0]
ali-swift-global-savetime
1725870676
x-tos-response-time
Mon, 09 Sep 2024 08:31:16 GMT
x-swift-savetime
Mon, 09 Sep 2024 08:31:16 GMT
access-control-allow-origin
*
x-tt-trace-id
00-24090916311662FA8940FD349FF9BDE1-249BE4592F5004AC-00
content-length
13081
eagleid
2ff6179f17301721509206160e
x-tt-logid
2024090916311662FA8940FD349FF9BDE1
server
Tengine
x-response-cache
edge_hit
sentry.3.7.0.cn.js
lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/plugins/ 		96 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/plugins/sentry.3.7.0.cn.js
Requested by
Host: lf3-cdn-tos.bytegoofy.com
URL: https://lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/browser.cn.js?bid=douyin_home_web
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.23.231 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
e3d2e0bcc9b9a8f6ae25ac83e168e0b76b93de7bc7e12b8b693605e2f22d30ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://youxuan2024-e6h.pages.dev
Referer
https://youxuan2024-e6h.pages.dev/

Response headers

content-md5
23e/j6eInPO6WR9BmM0E2A==
content-encoding
br
etag
W/"db77bf8fa7889cf3ba591f4198cd04d8"
age
14503394
access-control-allow-methods
OPTIONS, HEAD, GET
x-tos-request-id
fbf2e5430714d0d166430714-a924bdb
server-timing
cdn-cache;desc=HIT,edge;dur=1
x-cache
HIT TCP_MEM_HIT dirn:-2:-2
date
Tue, 14 May 2024 06:39:16 GMT
x-tos-storage-class
STANDARD
content-type
application/javascript
vary
Accept-Encoding
x-server
goofy
last-modified
Tue, 05 Jul 2022 06:51:17 GMT
x-tt-trace-host
01f882a2a357919e533bab6052d66dc29b28372b4b88d65eb83e64134691f66215d32a84dde1fca18fa7332ecd71d4511f40bb2ea4098880d594ace1e5d18b9096c57767a498195af8a628af5eacb970048c96666540a2f62352ea01345413ec2a
cache-control
max-age=31536000
access-control-request-methods
OPTIONS, HEAD, GET
timing-allow-origin
*
x-swift-cachetime
27663025
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
via
cache6.l2us2[0,0,200-0,H], cache37.l2us2[1,0], ens-cache10.us22[0,0,200-0,H], ens-cache11.us22[1,0]
ali-swift-global-savetime
1715668756
x-tos-response-time
Tue, 14 May 2024 06:39:16 GMT
x-swift-savetime
Fri, 28 Jun 2024 02:28:51 GMT
access-control-allow-origin
*
x-tt-trace-id
00-2405141439168BCB70BB031B6A63AE36-6BBB413169A9F5E8-00
content-length
31957
eagleid
2ff6179f17301721509226164e
x-tt-logid
202405141439168BCB70BB031B6A63AE36
server
Tengine
x-response-cache
edge_hit

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mcs.snssdk.com
URL
https://mcs.snssdk.com/webid
Domain
mcs.snssdk.com
URL
https://mcs.snssdk.com/webid
Domain
dispatch_message
URL
bytedance://dispatch_message/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Cloudflare (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 string| SlardarMonitorObject function| Slardar object| a object| m object| xss function| filterCSS function| filterXSS function| isSafeUrl object| __SLARDAR__ object| webpackJsonp object| core object| regeneratorRuntime object| TEAVisualEditor object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| Adapter function| _ object| monitors object| sentry object| __SENTRY__

4 Cookies

Domain/Path Name / Value
.youxuan2024-e6h.pages.dev/ Name: __cf_mw_byp
Value: ODIVw4OXkv6PJjM9RW6wxpTCc.0fxpHhqMKdDyzXTH0-1730172136-0.0.1.1-/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
.youxuan2024-e6h.pages.dev/ Name: _tea_utm_cache_1243
Value: undefined
.mon.zijieapi.com/ Name: MONITOR_WEB_ID
Value: 7276130a-7216-4290-b1cd-8b548019d728
.youxuan2024-e6h.pages.dev/ Name: MONITOR_WEB_ID
Value: 7276130a-7216-4290-b1cd-8b548019d728

11 Console Messages

Source Level URL
Text
network error URL: https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://youxuan2024-e6h.pages.dev/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://youxuan2024-e6h.pages.dev/news?type=%C3%A5%C2%A5%C2%A2%C3%A4%C2%BE%C2%88%C3%A6%C2%A6%C2%9C
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security error URL: https://lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/browser.cn.js?bid=douyin_home_web
Message:
[Report Only] Refused to connect to 'https://mon.zijieapi.com/slardar/sdk_setting?bid=douyin_home_web' because it violates the following Content Security Policy directive: "default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.bytednsdoc.com *.zijieimg.com *.zjurl.cn *.pstatp.com *.bytecdn.cn *.isnssdk.com *.365yg.com *.ipstatp.com *.amemv.com *.ibytedtos.com *.ixigua.com *.ixiguavideo.com *.hypstarcdn.com *.tiktokcdn.com *.topbuzzcdn.com *.muscdn.com *.huoshanzhibo.com *.huoshanxiaoshipin.cn *.huoshanxiaoshipin.net *.huoshanvideo.cn *.huoshanvideo.net *.ieshuodong.cn *.ieshuodong.net *.byteoversea.com *.byted.org *.bytedance.net *.bytescm.com *.bytedance.com *.toutiaocloud.com *.snssdk.com *.toutiao.com *.huoshan.com *.douyin.com *.douyincdn.com *.jinritemai.com *.chengzijianzhan.com *.baike.com *.ribaoapi.com *.bytexservice.com *.pglstatp-toutiao.com *.oceanengine.com *.dyvideotape.com at.alicdn.com g.alicdn.com *.iesdouyin.com *.byteimg.com *.zjcdn.com bytedance: android-webview-video-poster: snssdk1128: *.bytednsdoc.com *.douyinpic.com *.douyinstatic.com *.bdxiguaimg.com *.bdxiguastatic.com *.bytegoofy.com unpkg.com unpkg.byted-static.com *.draftstatic.com *.bytetcc.com". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
security error URL: https://lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/common/vendor~index.6a66abba.js(Line 329)
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security error URL: https://lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/common/vendor~index.6a66abba.js(Line 329)
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security error URL: https://lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/common/vendor~index.6a66abba.js(Line 329)
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security error URL: https://lf3-cdn-tos.bytegoofy.com/goofy/ies/douyin_home_web/common/vendor~index.6a66abba.js(Line 329)
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
network error
Message:
A bad HTTP response code (403) was received when fetching the script.
security error URL: https://lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/plugins/sentry.3.7.0.cn.js
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security error URL: https://lf3-cdn-tos.bytegoofy.com/goofy/slardar/fe/sdk/plugins/sentry.3.7.0.cn.js
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN