urlscan.io logo urlscan.io
SecurityTrails logo

vailon.toven68530.workers.dev Open in urlscan Pro
2606:4700:3033::ac43:cdca  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
Effective URL: https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
Submission: On August 24 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 3 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3033::ac43:cdca, located in United States and belongs to CLOUDFLARENET, US. The main domain is vailon.toven68530.workers.dev.
TLS certificate: Issued by WE1 on July 19th 2024. Valid for: 3 months.
This is the only time vailon.toven68530.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 47.246.46.231 24429 (TAOBAO Zh...)
1 240e:93c:1202... 4134 (CHINANET-...)
4 4
Apex Domain
Subdomains		 Transfer
2 bytescm.com
lf-cdn-tos.bytescm.com — Cisco Umbrella Rank: 13607
6 KB
1 douyinstatic.com
sf1-cdn-tos.douyinstatic.com — Cisco Umbrella Rank: 113514
5 KB
1 workers.dev
vailon.toven68530.workers.dev
86 KB
4 3
Domain Requested by
2 lf-cdn-tos.bytescm.com vailon.toven68530.workers.dev
1 sf1-cdn-tos.douyinstatic.com
1 vailon.toven68530.workers.dev
4 3

This site contains links to these domains. Also see Links.

Domain
beian.miit.gov.cn
www.12377.cn
www.beian.gov.cn
Subject Issuer Validity Valid
toven68530.workers.dev
WE1		 2024-07-19 -
2024-10-17		 3 months crt.sh
*.bytescm.com
RapidSSL TLS RSA CA G1		 2024-05-21 -
2025-05-20		 a year crt.sh
*.douyinstatic.com
RapidSSL TLS RSA CA G1		 2024-05-15 -
2025-05-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
Frame ID: 4AEDD7656C9A6EF239D2818AD1738471
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

【抖音】记录美好生活-Douyin.com

Page URL History Show full URLs

  1. http://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml HTTP 307
    https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml Page URL

Page Statistics

4
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

3
Countries

98 kB
Transfer

265 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml HTTP 307
    https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2024_08_22_745738.shtml
vailon.toven68530.workers.dev/politics/
Redirect Chain
  • http://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
  • https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
205 KB
86 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cdca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4e06a3bc67f6440620ea1bf5d81f1e9b01bacaa5b9652e8aa9eaa6834ef7f4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b82f5dbfd0635eb-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
content-security-policy-report-only
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.bytednsdoc.com *.zijieimg.com *.zjurl.cn *.pstatp.com *.bytecdn.cn *.isnssdk.com *.365yg.com *.ipstatp.com *.amemv.com *.ibytedtos.com *.ixigua.com *.ixiguavideo.com *.hypstarcdn.com *.tiktokcdn.com *.topbuzzcdn.com *.muscdn.com *.huoshanzhibo.com *.huoshanxiaoshipin.cn *.huoshanxiaoshipin.net *.huoshanvideo.cn *.huoshanvideo.net *.ieshuodong.cn *.ieshuodong.net *.byteoversea.com *.byted.org *.bytedance.net *.bytescm.com *.bytedance.com *.toutiaocloud.com *.snssdk.com *.toutiao.com *.huoshan.com *.douyin.com *.douyincdn.com *.jinritemai.com *.chengzijianzhan.com *.baike.com *.ribaoapi.com *.bytexservice.com *.pglstatp-toutiao.com *.oceanengine.com *.dyvideotape.com at.alicdn.com g.alicdn.com *.iesdouyin.com *.byteimg.com *.zjcdn.com bytedance: android-webview-video-poster: snssdk1128: *.bytednsdoc.com *.douyinpic.com *.douyinstatic.com *.bdxiguaimg.com *.bdxiguastatic.com *.bytegoofy.com unpkg.com unpkg.byted-static.com *.draftstatic.com *.bytetcc.com;img-src 'self' blob: data: android-webview-video-poster: 'unsafe-inline' 'unsafe-eval' *.douyin.com *.pstatp.com *.byteimg.com *.douyincdn.com *.toutiao.com *.snssdk.com *.pglstatp-toutiao.com *.byted.org *.oceanengine.com *.feiliao.com *.ixigua.com *.bdxiguaimg.com *.bdxiguastatic.com *.iesdouyin.com *.bytecdn.cn *.ribaoapi.com *.365yg.com *.bytexservice.com *.tiktokcdn.com *.douyinpic.com *.douyinstatic.com *.bytedance.net *.bytescm.com *.bytednsdoc.com *.bytegoofy.com;media-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.ixigua.com *.snssdk.com *.pstatp.com *.zjcdn.com *.365yg.com *.bytecdn.cn *.douyinvod.com *.bytedance.net *.bytescm.com *.bytegoofy.com *.bytednsdoc.com;upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
content-type
text/html; charset=utf-8
date
Sat, 24 Aug 2024 11:21:43 GMT
eagleid
a3b55c9b17244985032225324e
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vzoKPOqLc01J6GlcKD9qgqFKS7QWkKIvZoAGfhXhChxL4Vpq68GO5KKSjBnVpEE2JTuB9mXUVmlLcQ2LL4WOqsfgS6BcuJbVw4xuS7ODhBLYHOnXSHtMNJ9EnuDN8kJYyJ4jfTlD4sWnwqAD0M4MGRM1nMrtzk86ckXtXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
inner; dur=63 cdn-cache;desc=MISS,edge;dur=150,origin;dur=69
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
cache4.l2nu16[69,0], ens-cache7.de5[219,0]
x-alicdn-da-ups-status
endOs,0,404
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-tt-logid
202408241921432D99576FCD64459F4324
x-tt-trace-host
01ae3485c412db67097a2fefa88ba0f972341fe6536fd23dc995ae1fd82d25cad58b3573f68b92d5f6db06aaa5fe3a3b2df5418011ffcec9412537c0229dabdaa23c5101336eaf50d175a4c1ad93e9db3882f3618c83dd4c58abb62197516a5a058a802b69a605ab3fc13487f5c66bf3f8
x-tt-trace-id
00-2408241921432D99576FCD64459F4324-4E3BEF7D5F57586B-00
x-tt-trace-tag
id=03;cdn-cache=miss;type=dyn
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
Non-Authoritative-Reason
HSTS
index.9a8fb5b4.css
lf-cdn-tos.bytescm.com/obj/static/ies/fe_app_new/pages/not_found_web/ 		7 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lf-cdn-tos.bytescm.com/obj/static/ies/fe_app_new/pages/not_found_web/index.9a8fb5b4.css
Requested by
Host: vailon.toven68530.workers.dev
URL: https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.46.231 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9f76427d98e054664d24c2e1cc9b613a57d8e282f03ae6868f01422b68ce893a

Request headers

Referer
https://vailon.toven68530.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
content-md5
Vfbe5FmhudB13Adz4dzhvA==
x-tt-trace-id
00-240619235040A08D96DF46651277F3C7-6720847B1F5EF738-00
age
5686264
x-swift-cachetime
31528008
x-tos-storage-class
STANDARD
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache;desc=HIT,edge;dur=2
x-swift-savetime
Wed, 19 Jun 2024 18:03:52 GMT
x-tos-request-id
59372772fe5043bb6672fe50-a8036db
x-tos-response-time
Wed, 19 Jun 2024 15:50:40 GMT
x-tt-logid
20240619235040A08D96DF46651277F3C7
etag
W/"55f6dee459a1b9d075dc0773e1dce1bc"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-tt-trace-host
016f15141e6808a26cd3454f33828c3dade57ce2c049aaf031eb0473aa30c0bf6dd1d5861a0239b5a08912a6bfc3109bcebb7b8a2207cf7214debedacbfca0e639d4519a032321abaa4c4b51ac045366106e38cc1859be66f638cb19281bb6d084
x-response-cache
edge_hit
access-control-allow-headers
*
eagleid
2ff62ea417244985049177826e
date
Wed, 19 Jun 2024 15:50:40 GMT
via
cache17.l2de2[0,0,200-0,H], cache21.l2de2[3,0], ens-cache6.it4[0,0,200-0,H], ens-cache16.it4[2,0]
x-cache
HIT TCP_HIT dirn:11:145571267
x-tos-hash-crc64ecma
5410563114445507767
content-length
3710
last-modified
Mon, 05 Feb 2024 06:33:06 GMT
server
Tengine
ali-swift-global-savetime
1718812240
timing-allow-origin
*
index.90e09027.js
lf-cdn-tos.bytescm.com/obj/static/ies/fe_app_new/pages/not_found_web/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf-cdn-tos.bytescm.com/obj/static/ies/fe_app_new/pages/not_found_web/index.90e09027.js
Requested by
Host: vailon.toven68530.workers.dev
URL: https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.46.231 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7d4c760637bae1febc4fee2682d304ac775ff51786089197dd82ecef2ed4ac38

Request headers

Referer
https://vailon.toven68530.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
content-md5
Onue+aa6EM83hxntYYYcKA==
x-tt-trace-id
00-240726061632193A62A50A372AF4C440-4F0A5A2A68DAC048-00
age
2552712
x-swift-cachetime
30265161
x-tos-storage-class
STANDARD
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache;desc=HIT,edge;dur=2
x-swift-savetime
Fri, 09 Aug 2024 15:17:11 GMT
x-tos-request-id
b174bfa2cec0a62f66a2cec0-a90a02d
x-tos-response-time
Thu, 25 Jul 2024 22:16:32 GMT
x-tt-logid
20240726061632193A62A50A372AF4C440
etag
W/"3a7b9ef9a6ba10cf378719ed61861c28"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-tt-trace-host
01c38c54fe8dc60aa40e01ecdcf4a769eaccdb6820581c3e16fd7841c232945e47929632ef6707a336e4472830b31927d0d432125d94a747477feb4822be328cd198f1ca45daddf14943df728222e655e80f9756c4ef3284a2cf6fa0b12c7e5c10
x-response-cache
edge_hit
access-control-allow-headers
*
eagleid
2ff62ea417244985049187827e
date
Thu, 25 Jul 2024 22:16:32 GMT
via
cache23.l2de2[0,0,200-0,H], cache8.l2de2[1,0], ens-cache2.it4[0,0,200-0,H], ens-cache16.it4[2,0]
x-cache
HIT TCP_HIT dirn:11:528494652
x-tos-hash-crc64ecma
2672735822021183165
content-length
1240
last-modified
Mon, 05 Feb 2024 06:33:06 GMT
server
Tengine
ali-swift-global-savetime
1721945792
timing-allow-origin
*
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4f79837a1c8363138494d0551d94ec099dfebfb37fe04e5bfc49920bd902d21

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5de6895eb5334edc33be5b63f9e77c27a079df01e41998908e21eb993b0a5147

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon_v2.ico
sf1-cdn-tos.douyinstatic.com/obj/eden-cn/kpchkeh7upepld/fe_app_new/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sf1-cdn-tos.douyinstatic.com/obj/eden-cn/kpchkeh7upepld/fe_app_new/favicon_v2.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
240e:93c:1202:0:8000:0:b00:10 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
1fd2b6b6e7c1280f211a486b524e57fea14fc6d6a3038898ecaf739747b43b72

Request headers

Referer
https://vailon.toven68530.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 11:21:46 GMT
via
cache04.hazhengzhou-ct29
x-tt-trace-tag
id=5
content-md5
cUX/BKv8a3T2hW0EtLEagg==
age
1092683
x-tt-trace-id
202408120350224b0d2711bdd302502EC7
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
STANDARD
server-timing
inner; dur=4
content-length
4286
x-request-id
18738353eee4d6a4c2dbed1ca82e1f59
x-tos-request-id
5ceb73b743f81fc366b743f8-ad37066-ac371de
x-tos-response-time
Sat, 10 Aug 2024 10:42:00 GMT
last-modified
Fri, 13 May 2022 02:44:47 GMT
server
Byte-nginx
x-tt-logid
20240812035023962B811FF0EC32A9E90A
etag
"7145ff04abfc6b74f6856d04b4b11a82"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
x-request-ip
2001:ac8:20:3a00:1012:358a:380:27c3
cache-control
max-age=2592000
x-response-cinfo
2001:ac8:20:3a00:1012:358a:380:27c3
x-tt-trace-host
01313d7ab9bb256ecbd6546bf43a92d0216d9bb5d66bca580674949adbda5959fda342f43acd6bea4b16f1aa09bcdb83bece05b3f2b02c3cb038a6e87d5f2f9c90ee732dd058c7d3514fa0e65fe19b60e96890e1757306a4eb15e5ab94ac21b201
accept-ranges
bytes
x-response-cache
edge_hit
access-control-allow-headers
*
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| _ object| listener object| gStore function| Pagelet function| _instanceof function| _typeof object| Raven

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://vailon.toven68530.workers.dev/politics/2024_08_22_745738.shtml
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block