urlscan.io logo urlscan.io
SecurityTrails logo

www.douyin.com Open in urlscan Pro
163.181.129.237  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://40plus.asia/
Effective URL: https://www.douyin.com/
Submission Tags: phishingrod
Submission: On November 29 via api from DE — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 5 domains to perform 8 HTTP transactions. The main IP is 163.181.129.237, located in Tokyo, Japan and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is www.douyin.com. The Cisco Umbrella rank of the primary domain is 71564.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on June 30th 2023. Valid for: a year.
This is the only time www.douyin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18.183.120.164 16509 (AMAZON-02)
1 163.181.129.237 24429 (TAOBAO Zh...)
1 2409:8c20:8ab... ()
2 47.89.66.221 24429 (TAOBAO Zh...)
8 5
Apex Domain
Subdomains		 Transfer
2 ibytedapm.com
lf3-short.ibytedapm.com — Cisco Umbrella Rank: 37223
27 KB
1 byted-static.com
lf-waf-js.byted-static.com
3 KB
1 douyin.com
www.douyin.com — Cisco Umbrella Rank: 71564
2 KB
1 40plus.asia
40plus.asia
347 B
0 zijieapi.com Failed
mon.zijieapi.com Failed
8 5
Domain Requested by
2 lf3-short.ibytedapm.com www.douyin.com
lf3-short.ibytedapm.com
1 lf-waf-js.byted-static.com www.douyin.com
1 www.douyin.com www.douyin.com
1 40plus.asia
0 mon.zijieapi.com Failed lf3-short.ibytedapm.com
8 5

This site contains no links.

Subject Issuer Validity Valid
40plus.asia
R3		 2023-11-29 -
2024-02-27		 3 months crt.sh
*.douyin.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-06-30 -
2024-07-30		 a year crt.sh
*.byted-static.com
RapidSSL TLS RSA CA G1		 2023-06-30 -
2024-06-28		 a year crt.sh
*.ibytedapm.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-06-30 -
2024-07-30		 a year crt.sh

This page contains 1 frames:

Frame: https://www.douyin.com/
Frame ID: BD5582A367AA2C8BE41225F822E13E1F
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://40plus.asia/ Page URL
  2. https://www.douyin.com/ Page URL

Page Statistics

8
Requests

63 %
HTTPS

25 %
IPv6

5
Domains

5
Subdomains

5
IPs

1
Countries

32 kB
Transfer

76 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://40plus.asia/ Page URL
  2. https://www.douyin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
40plus.asia/ 		82 B
347 B 		Document
General
Check archive.org
Download Go to
Full URL
https://40plus.asia/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.183.120.164 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-183-120-164.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0c999a219a2712997a268245b0fdbe077d2288fbc8c3617c317c88444ec6e0bc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 29 Nov 2023 01:27:21 GMT
ETag
W/"63de4272-52"
Last-Modified
Sat, 04 Feb 2023 11:33:06 GMT
Server
nginx
Transfer-Encoding
chunked
Primary Request /
www.douyin.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.douyin.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.129.237 Tokyo, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6fed551e11cc12f215ecb64d79c5d7fc223a3151f9b7e1c3f06c7773355fa377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://40plus.asia/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Wed, 29 Nov 2023 01:27:22 GMT
eagleid
a3b581a317012212428551836e
proxy-status
0000201200061000
server
Tengine
server-timing
cdn-cache;desc=MISS,edge;dur=48,origin;dur=17
strict-transport-security
max-age=31536000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
cache7.l2cm9-10[17,0], ens-cache15.jp8[65,0]
x-tt-logid
202311290927226FB9AF98D54D1144168C
x-tt-system-error
3
x-tt-trace-host
011e045e7ca2cf4e2f8ea23f1eda5efd54830f2c0258409a9e4d2b4b8414927f30fdf0fd68a5ce469dfc2a5493844e61117ad67a6a5d3eef196848497503e9805a
x-tt-trace-tag
id=3;cdn-cache=miss
out-sha256.js
lf-waf-js.byted-static.com/obj/waf-jschallenge/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf-waf-js.byted-static.com/obj/waf-jschallenge/out-sha256.js
Requested by
Host: www.douyin.com
URL: https://www.douyin.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2409:8c20:8ab1:23:1::f4 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
7a4b6997b123f92d0dbf139649d192de87fff3eeb6c1691922856a55a4c19c36

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.douyin.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 05:03:38 GMT
via
fdbd:dc03:14:b32::169
content-encoding
gzip
x-tt-trace-tag
id=06;cdn-cache=hit;type=static
content-md5
IyM50jNMpaul2vbL+IWghA==
age
1283027
x-link-via
yanccm33:443;hamp15:443;
x-cache-status
HIT from KS-CLOUD-HA-MP-15-17, HIT from KS-CLOUD-YANC-CM-33-01
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
STANDARD
server-timing
inner; dur=1
x-kfc-cachekey
http://pinner-imgserver.byted.org/waf-jschallenge/out-sha256.js
content-length
2338
x-tos-request-id
dadbe2ddfeb22fb164ddfeb2-a8133e6-a814e0f
x-tos-response-time
Thu, 17 Aug 2023 11:04:18 GMT
last-modified
Wed, 09 Mar 2022 12:35:14 GMT
server
nginx
x-tt-logid
20230818014239913D58EE36A58E070E99
etag
W/"232339d2334ca5aba5daf6cbf885a084"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-request-ip
fdbd:dc03:13:a4c::45
cache-control
max-age=2592000
x-response-cinfo
2001:ac8:40:1d::1e
x-tt-trace-host
01699db34f261ce6e5028468fb495223b76545140d96123ee323cb2df17142f741b7869f95124883b6f7b031bb2bf7b331066f5f395ac96b182bf068b7a939b3c4054ab183949b35f18b4e4debf1a92626b873f5057b6d976fb2fcde4b9fb1b97e6ccf6951d7cc9c13d1ae08df4895d6d970b44ec50dbfde354e1e1d661a946695
accept-ranges
bytes
x-response-cache
edge_hit
timing-allow-origin
*
x-cdn-request-id
87c63076df556308b18a66af47709b0e
expires
Thu, 14 Dec 2023 05:03:38 GMT
browser.cn.js
lf3-short.ibytedapm.com/slardar/fe/sdk-web/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-short.ibytedapm.com/slardar/fe/sdk-web/browser.cn.js?bid=waf_js&globalName=WAFJS
Requested by
Host: www.douyin.com
URL: https://www.douyin.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.89.66.221 Osaka, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a244b1ba1166efeacdfe1deef0804569e2beb17b97e2ae3a57e9fd2df02572d3

Request headers

Referer
https://www.douyin.com/
Origin
https://www.douyin.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 01:25:19 GMT
via
cache8.l2hk2[343,251,304-0,C], cache16.l2hk2[253,0], cache9.jp2[0,0,200-0,H], cache5.jp2[10,0]
content-encoding
br
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
content-md5
1h1+HQR2aX/aKeXWRrAGxw==
x-tt-trace-id
00-231129092519E594B6FDAC0B8D44B13A-61B267393CAA337A-00
age
124
x-swift-cachetime
300
x-cache
HIT TCP_HIT dirn:7:758509144
x-tos-storage-class
STANDARD
server-timing
cdn-cache;desc=HIT,edge;dur=10
x-swift-savetime
Wed, 29 Nov 2023 01:25:19 GMT
content-length
17789
x-tos-request-id
d3f50b6692ff39e8656692ff-a904adb
x-tos-response-time
Wed, 29 Nov 2023 01:25:19 GMT
last-modified
Thu, 02 Nov 2023 08:03:27 GMT
server
Tengine
x-tt-logid
20231129092519E594B6FDAC0B8D44B13A
etag
W/"d61d7e1d0476697fda29e5d646b006c7"
vary
Accept-Encoding
ali-swift-global-savetime
1701221119
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
x-server
goofy
x-tt-trace-host
0100c470449239baf2ed957b638f0db2bc0c16eab0757e52ed9f6431b570aff1ddee51d3dd23e65553b10614eb646779fabb695a1dc9824646a20df9b56eef03e834de13a9af8162dc4e1ffb016c6e9025b4e1922a39db9d11fc97b386cfdbd898
access-control-request-methods
OPTIONS, HEAD, GET
x-response-cache
edge_hit
timing-allow-origin
*
eagleid
2f59420517012212436974943e
browser-settings
mon.zijieapi.com/monitor_web/settings/ 		0
0
browser-settings
mon.zijieapi.com/monitor_web/settings/ 		0
0
common-monitors.1.12.1.js
lf3-short.ibytedapm.com/slardar/fe/sdk-web/plugins/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf3-short.ibytedapm.com/slardar/fe/sdk-web/plugins/common-monitors.1.12.1.js
Requested by
Host: lf3-short.ibytedapm.com
URL: https://lf3-short.ibytedapm.com/slardar/fe/sdk-web/browser.cn.js?bid=waf_js&globalName=WAFJS
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.89.66.221 Osaka, Japan, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Referer
https://www.douyin.com/
Origin
https://www.douyin.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 01:24:35 GMT
via
cache22.l2hk2[688,366,304-0,C], cache26.l2hk2[368,0], cache4.jp2[0,0,200-0,H], cache5.jp2[7,0]
content-encoding
br
x-tt-trace-tag
id=03;cdn-cache=hit;type=static
content-md5
v/nuCuWdOdnB5ucRx3luPg==
x-tt-trace-id
00-18ad2fb00a1044211e2df811d40d000d-18ad2fb00a104421-01
age
170
x-swift-cachetime
300
x-cache
HIT TCP_MEM_HIT dirn:3:108413452
x-tos-storage-class
STANDARD
server-timing
cdn-cache;desc=HIT,edge;dur=7
x-swift-savetime
Wed, 29 Nov 2023 01:24:35 GMT
content-length
7818
x-tos-request-id
61ed496692d3e5f9656692d3-a8ca32e
x-tos-response-time
Wed, 29 Nov 2023 01:24:35 GMT
last-modified
Thu, 02 Nov 2023 08:03:27 GMT
server
Tengine
x-tt-logid
202311290924356A11EA04E6DC9D433704
etag
W/"bff9ee0ae59d39d9c1e6e711c7796e3e"
vary
Accept-Encoding
ali-swift-global-savetime
1701221075
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
x-server
goofy
x-tt-trace-host
010804c73e99c665e9c487b4d2f6a91387ca9a533a820aa1bc496b63f20e5a97dd8636a4d6cd2c0f2d5e02665febc1b94cb2956aa253100da23a5854cd8b0e99b97c0a844ff2073e4850c47d503dde2f11bbf64cd6bd9a674c3b920804f3078a99
access-control-request-methods
OPTIONS, HEAD, GET
x-response-cache
edge_hit
timing-allow-origin
*
eagleid
2f59420517012212457662425e
/
www.douyin.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
mon.zijieapi.com
URL
https://mon.zijieapi.com/monitor_web/settings/browser-settings?bid=waf_js&store=1
Domain
mon.zijieapi.com
URL
https://mon.zijieapi.com/monitor_web/settings/browser-settings?bid=waf_js&store=1
Domain
www.douyin.com
URL
https://www.douyin.com/

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| WAFJS object| __SLARDAR_REGISTRY__

0 Cookies