urlscan.io logo urlscan.io
SecurityTrails logo

vailon.toven68530.workers.dev Open in urlscan Pro
2606:4700:3033::ac43:cdca  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
Effective URL: https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
Submission: On August 24 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 4 HTTP transactions. The main IP is 2606:4700:3033::ac43:cdca, located in United States and belongs to CLOUDFLARENET, US. The main domain is vailon.toven68530.workers.dev.
TLS certificate: Issued by WE1 on July 19th 2024. Valid for: 3 months.
This is the only time vailon.toven68530.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
2 8.45.52.223 24429 (TAOBAO Zh...)
1 240e:c3:2800:... 63838 (CT-HUNAN-...)
4 4
Apex Domain
Subdomains		 Transfer
2 bytescm.com
lf-cdn-tos.bytescm.com — Cisco Umbrella Rank: 13607
6 KB
1 douyinstatic.com
sf1-cdn-tos.douyinstatic.com — Cisco Umbrella Rank: 113514
5 KB
1 workers.dev
vailon.toven68530.workers.dev
86 KB
4 3
Domain Requested by
2 lf-cdn-tos.bytescm.com vailon.toven68530.workers.dev
1 sf1-cdn-tos.douyinstatic.com
1 vailon.toven68530.workers.dev
4 3

This site contains links to these domains. Also see Links.

Domain
beian.miit.gov.cn
www.12377.cn
www.beian.gov.cn
Subject Issuer Validity Valid
toven68530.workers.dev
WE1		 2024-07-19 -
2024-10-17		 3 months crt.sh
*.bytescm.com
RapidSSL TLS RSA CA G1		 2024-05-21 -
2025-05-20		 a year crt.sh
*.douyinstatic.com
RapidSSL TLS RSA CA G1		 2024-05-15 -
2025-05-14		 a year crt.sh

This page contains 1 frames:

Primary Page: https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
Frame ID: FDE1F57FC4EADCEB1085CE487E871B83
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

【抖音】记录美好生活-Douyin.com

Page URL History Show full URLs

  1. http://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml HTTP 307
    https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml Page URL

Page Statistics

4
Requests

100 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

98 kB
Transfer

265 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml HTTP 307
    https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request list_1.shtml
vailon.toven68530.workers.dev/jameskimonyo/
Redirect Chain
  • http://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
  • https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
205 KB
86 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:cdca , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c4e06a3bc67f6440620ea1bf5d81f1e9b01bacaa5b9652e8aa9eaa6834ef7f4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b82f5cd5f5142bd-EWR
content-encoding
br
content-security-policy
upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
content-security-policy-report-only
default-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.bytednsdoc.com *.zijieimg.com *.zjurl.cn *.pstatp.com *.bytecdn.cn *.isnssdk.com *.365yg.com *.ipstatp.com *.amemv.com *.ibytedtos.com *.ixigua.com *.ixiguavideo.com *.hypstarcdn.com *.tiktokcdn.com *.topbuzzcdn.com *.muscdn.com *.huoshanzhibo.com *.huoshanxiaoshipin.cn *.huoshanxiaoshipin.net *.huoshanvideo.cn *.huoshanvideo.net *.ieshuodong.cn *.ieshuodong.net *.byteoversea.com *.byted.org *.bytedance.net *.bytescm.com *.bytedance.com *.toutiaocloud.com *.snssdk.com *.toutiao.com *.huoshan.com *.douyin.com *.douyincdn.com *.jinritemai.com *.chengzijianzhan.com *.baike.com *.ribaoapi.com *.bytexservice.com *.pglstatp-toutiao.com *.oceanengine.com *.dyvideotape.com at.alicdn.com g.alicdn.com *.iesdouyin.com *.byteimg.com *.zjcdn.com bytedance: android-webview-video-poster: snssdk1128: *.bytednsdoc.com *.douyinpic.com *.douyinstatic.com *.bdxiguaimg.com *.bdxiguastatic.com *.bytegoofy.com unpkg.com unpkg.byted-static.com *.draftstatic.com *.bytetcc.com;img-src 'self' blob: data: android-webview-video-poster: 'unsafe-inline' 'unsafe-eval' *.douyin.com *.pstatp.com *.byteimg.com *.douyincdn.com *.toutiao.com *.snssdk.com *.pglstatp-toutiao.com *.byted.org *.oceanengine.com *.feiliao.com *.ixigua.com *.bdxiguaimg.com *.bdxiguastatic.com *.iesdouyin.com *.bytecdn.cn *.ribaoapi.com *.365yg.com *.bytexservice.com *.tiktokcdn.com *.douyinpic.com *.douyinstatic.com *.bytedance.net *.bytescm.com *.bytednsdoc.com *.bytegoofy.com;media-src 'self' blob: data: 'unsafe-inline' 'unsafe-eval' *.ixigua.com *.snssdk.com *.pstatp.com *.zjcdn.com *.365yg.com *.bytecdn.cn *.douyinvod.com *.bytedance.net *.bytescm.com *.bytegoofy.com *.bytednsdoc.com;upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
content-type
text/html; charset=utf-8
date
Sat, 24 Aug 2024 11:21:41 GMT
eagleid
0830559a17244985013351053e
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNK3q6IXNGe2C5GWr51euZfvV7PpO6j6PvkHSt%2FGrqwYI%2BM2K8jZ092en%2F2X6Xh56C00SKr2dGrgiCdbW7MDDc9TiIUMhXGk82sQDVEWZ7QvkquMpzhTt57r9doQlXGqCO12Om8%2B8FYoBOAxrDrHzJrknR%2FBGvof%2BxXnqA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
inner; dur=77 cdn-cache;desc=MISS,edge;dur=186,origin;dur=82
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
cache43.l2nu29[82,0], cache16.l2us2[241,0], ens-cache6.us24[268,0]
x-alicdn-da-ups-status
endOs,0,404
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-tt-logid
202408241921416C4B7D3EAA682EA41A1B
x-tt-trace-host
01ae3485c412db67097a2fefa88ba0f972294f74f50cc603f83ffaf7b78aee4fe0bccf02a1aafe621168f4445cfd7ff06d38dbb2d777f802d6c253725b20fde77922bf301b4d67274a1e9f9da3882fb6b010f2ce8e10e7294fe11180b74367f9ccf3b4d501aecd8a02e075d1f8f01bff7f4cb717c163ce02ad69e057fe2ffd34b3
x-tt-trace-id
00-2408241921416C4B7D3EAA682EA41A1B-311470447BD9F16A-00
x-tt-trace-tag
id=03;cdn-cache=miss;type=dyn
x-xss-protection
1; mode=block

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
Non-Authoritative-Reason
HSTS
index.9a8fb5b4.css
lf-cdn-tos.bytescm.com/obj/static/ies/fe_app_new/pages/not_found_web/ 		7 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lf-cdn-tos.bytescm.com/obj/static/ies/fe_app_new/pages/not_found_web/index.9a8fb5b4.css
Requested by
Host: vailon.toven68530.workers.dev
URL: https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.52.223 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9f76427d98e054664d24c2e1cc9b613a57d8e282f03ae6868f01422b68ce893a

Request headers

Referer
https://vailon.toven68530.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
content-md5
Vfbe5FmhudB13Adz4dzhvA==
x-tt-trace-id
00-240719043442D8594A27AF9EE9A051AF-4B5AEB787DE064D8-00
age
3163622
x-swift-cachetime
31355885
x-tos-storage-class
STANDARD
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache;desc=HIT,edge;dur=4
x-swift-savetime
Sat, 20 Jul 2024 22:36:37 GMT
x-tos-request-id
2ef65b997c62ca7066997c62-a91936b
x-tos-response-time
Thu, 18 Jul 2024 20:34:42 GMT
x-tt-logid
20240719043442D8594A27AF9EE9A051AF
etag
W/"55f6dee459a1b9d075dc0773e1dce1bc"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
x-tt-trace-host
016dcf8bf6b15629ffb9b654039a401ae4c35f2d792aaed45fbbdc453abc01cb2ef9613b010915bf4df4fb567f87ccce650e7f0b519244608054625e2259c2175af965fc74c9cb093bb621db0bf8aa692a2dd18d9afd89ed4772cd0a0ef1deaeaf
x-response-cache
edge_hit
access-control-allow-headers
*
eagleid
082d349b17244985043002486e
date
Thu, 18 Jul 2024 20:34:42 GMT
via
cache28.l2us1[0,11,200-0,H], cache21.l2us1[12,0], ens-cache15.us19[0,0,200-0,H], ens-cache7.us19[4,0]
x-cache
HIT TCP_HIT dirn:12:14702646
x-tos-hash-crc64ecma
5410563114445507767
content-length
3710
last-modified
Mon, 05 Feb 2024 06:33:06 GMT
server
Tengine
ali-swift-global-savetime
1721334882
timing-allow-origin
*
truncated
/ 		24 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4f79837a1c8363138494d0551d94ec099dfebfb37fe04e5bfc49920bd902d21

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
index.90e09027.js
lf-cdn-tos.bytescm.com/obj/static/ies/fe_app_new/pages/not_found_web/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf-cdn-tos.bytescm.com/obj/static/ies/fe_app_new/pages/not_found_web/index.90e09027.js
Requested by
Host: vailon.toven68530.workers.dev
URL: https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.45.52.223 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7d4c760637bae1febc4fee2682d304ac775ff51786089197dd82ecef2ed4ac38

Request headers

Referer
https://vailon.toven68530.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
br
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
content-md5
Onue+aa6EM83hxntYYYcKA==
x-tt-trace-id
00-2408031759172681CF7176AB22FDDB54-261A450B51FC8D3C-00
age
1819347
x-swift-cachetime
31536000
x-tos-storage-class
STANDARD
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache;desc=HIT,edge;dur=5
x-swift-savetime
Sat, 03 Aug 2024 09:59:17 GMT
x-tos-request-id
f6b39dadff75f21166adff75-a906b9a
x-tos-response-time
Sat, 03 Aug 2024 09:59:17 GMT
x-tt-logid
202408031759172681CF7176AB22FDDB54
etag
W/"3a7b9ef9a6ba10cf378719ed61861c28"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
x-tt-trace-host
017edda725a3f66d3d7e307f13fd373ea13427520e42b38a91f44ca63ce93587785163f146c88cdde1a4c05c8ff1ecd485d81f76a3ae2447a4974378cb65373b72913d91ff6ceb69166bc554bd2c9a7a9370150d6cb57eb5b3edfc00be82ba30af
x-response-cache
edge_hit
access-control-allow-headers
*
eagleid
082d349b17244985043002490e
date
Sat, 03 Aug 2024 09:59:17 GMT
via
cache5.l2us1[276,276,200-0,M], cache36.l2us1[277,0], ens-cache10.us19[0,0,200-0,H], ens-cache7.us19[5,0]
x-cache
HIT TCP_HIT dirn:12:570446829
x-tos-hash-crc64ecma
2672735822021183165
content-length
1242
last-modified
Mon, 05 Feb 2024 06:33:06 GMT
server
Tengine
ali-swift-global-savetime
1722679157
timing-allow-origin
*
truncated
/ 		19 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a20583c81805fe64f7fa210851ce29754af9d25fd6aa5a3225a9557529602513

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5de6895eb5334edc33be5b63f9e77c27a079df01e41998908e21eb993b0a5147

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
favicon_v2.ico
sf1-cdn-tos.douyinstatic.com/obj/eden-cn/kpchkeh7upepld/fe_app_new/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://sf1-cdn-tos.douyinstatic.com/obj/eden-cn/kpchkeh7upepld/fe_app_new/favicon_v2.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
240e:c3:2800:6:8000:0:b00:38 , China, ASN63838 (CT-HUNAN-HENGYANG-IDC Hengyang, CN),
Reverse DNS
Software
Byte-nginx /
Resource Hash
1fd2b6b6e7c1280f211a486b524e57fea14fc6d6a3038898ecaf739747b43b72

Request headers

Referer
https://vailon.toven68530.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 24 Aug 2024 11:21:47 GMT
via
cache06.hnhyct02
x-tt-trace-tag
id=5
content-md5
cUX/BKv8a3T2hW0EtLEagg==
age
1092684
x-tt-trace-id
202408120350224b0d2711bdd302502EC7
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
STANDARD
server-timing
inner; dur=4
content-length
4286
x-request-id
20bbb8fb375ff28197bf1937993ed527
x-tos-request-id
5ceb73b743f81fc366b743f8-ad37066-ac371de
x-tos-response-time
Sat, 10 Aug 2024 10:42:00 GMT
last-modified
Fri, 13 May 2022 02:44:47 GMT
server
Byte-nginx
x-tt-logid
20240812035023962B811FF0EC32A9E90A
etag
"7145ff04abfc6b74f6856d04b4b11a82"
access-control-allow-methods
GET, POST, OPTIONS, HEAD
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
x-request-ip
2a0d:5600:24:1500:1011:15f2:36cb:5b9e
cache-control
max-age=2592000
x-response-cinfo
2a0d:5600:24:1500:1011:15f2:36cb:5b9e
x-tt-trace-host
01313d7ab9bb256ecbd6546bf43a92d0216d9bb5d66bca580674949adbda5959fda342f43acd6bea4b16f1aa09bcdb83bece05b3f2b02c3cb038a6e87d5f2f9c90ee732dd058c7d3514fa0e65fe19b60e96890e1757306a4eb15e5ab94ac21b201
accept-ranges
bytes
x-response-cache
edge_hit
access-control-allow-headers
*
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| _ object| listener object| gStore function| Pagelet function| _instanceof function| _typeof object| Raven

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://vailon.toven68530.workers.dev/jameskimonyo/list_1.shtml
Message:
The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests ;report-uri https://i.snssdk.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=douyin_inapp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block