urlscan.io logo urlscan.io
SecurityTrails logo

www.tiktok.com Open in urlscan Pro
23.210.92.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.duke6.tk/
Effective URL: https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html
Submission: On November 24 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 9 HTTP transactions. The main IP is 23.210.92.132, located in United States and belongs to AKAMAI-ASN1 Akamai International B.V., NL. The main domain is www.tiktok.com. The Cisco Umbrella rank of the primary domain is 4406.
TLS certificate: Issued by RapidSSL TLS ECC CA G1 on November 11th 2024. Valid for: a year.
This is the only time www.tiktok.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3.254.119.43 16509 (AMAZON-02)
1 1 109.235.49.197 6206 (NETROUTIN...)
2 23.210.92.132 20940 (AKAMAI-AS...)
6 184.25.59.91 20940 (AKAMAI-AS...)
9 3
1    3.254.119.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-254-119-43.eu-west-1.compute.amazonaws.com
www.duke6.tk
1    109.235.49.197 (Amsterdam, Netherlands)

ASN6206 (NETROUTING-AS Netrouting B.V., NL)
domain.dot.tk
2    23.210.92.132 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-210-92-132.deploy.static.akamaitechnologies.com
www.tiktok.com
6    184.25.59.91 (Mount Prospect, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a184-25-59-91.deploy.static.akamaitechnologies.com
sf16-website-login.neutral.ttwstatic.com
Apex Domain
Subdomains		 Transfer
6 ttwstatic.com
sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 7292
84 KB
2 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 4406
13 KB
1 dot.tk
domain.dot.tk
306 B
1 duke6.tk
www.duke6.tk
972 B
9 4
Domain Requested by
6 sf16-website-login.neutral.ttwstatic.com www.tiktok.com
sf16-website-login.neutral.ttwstatic.com
2 www.tiktok.com www.duke6.tk
1 domain.dot.tk 1 redirects
1 www.duke6.tk
9 4

This site contains no links.

Subject Issuer Validity Valid
*.www.tiktok.com
RapidSSL TLS ECC CA G1		 2024-11-11 -
2025-11-10		 a year crt.sh
*.neutral.ttwstatic.com
RapidSSL TLS RSA CA G1		 2024-07-02 -
2025-07-01		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html
Frame ID: C7F22D44FD104F3834B1B9B6EB8867DE
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.duke6.tk/ HTTP 307
    https://www.duke6.tk/ HTTP 307
    http://www.duke6.tk/ Page URL
  2. http://domain.dot.tk/p/?d=DUKE6.TK&i=149.88.16.227&c=972&ro=0&ref=unknown&_=1732485088638 HTTP 307
    https://domain.dot.tk/p/?d=DUKE6.TK&i=149.88.16.227&c=972&ro=0&ref=unknown&_=1732485088638 HTTP 307
    http://domain.dot.tk/p/?d=DUKE6.TK&i=149.88.16.227&c=972&ro=0&ref=unknown&_=1732485088638 HTTP 301
    https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-... Page URL

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

98 kB
Transfer

162 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.duke6.tk/ HTTP 307
    https://www.duke6.tk/ HTTP 307
    http://www.duke6.tk/ Page URL
  2. http://domain.dot.tk/p/?d=DUKE6.TK&i=149.88.16.227&c=972&ro=0&ref=unknown&_=1732485088638 HTTP 307
    https://domain.dot.tk/p/?d=DUKE6.TK&i=149.88.16.227&c=972&ro=0&ref=unknown&_=1732485088638 HTTP 307
    http://domain.dot.tk/p/?d=DUKE6.TK&i=149.88.16.227&c=972&ro=0&ref=unknown&_=1732485088638 HTTP 301
    https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://www.duke6.tk/ HTTP 307
  • https://www.duke6.tk/ HTTP 307
  • http://www.duke6.tk/

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.duke6.tk/
Redirect Chain
  • http://www.duke6.tk/
  • https://www.duke6.tk/
  • http://www.duke6.tk/
634 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.duke6.tk/
Protocol
HTTP/1.1
Server
3.254.119.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-254-119-43.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
no-cache
Connection
keep-alive
Content-Length
634
Content-Type
text/html;charset=UTF-8
Date
Sun, 24 Nov 2024 21:51:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
nginx
X-Server
ip-172-30-2-229

Redirect headers

Location
http://www.duke6.tk/
Non-Authoritative-Reason
HttpsUpgrades
Primary Request v2
www.tiktok.com/link/
Redirect Chain
  • http://domain.dot.tk/p/?d=DUKE6.TK&i=149.88.16.227&c=972&ro=0&ref=unknown&_=1732485088638
  • https://domain.dot.tk/p/?d=DUKE6.TK&i=149.88.16.227&c=972&ro=0&ref=unknown&_=1732485088638
  • http://domain.dot.tk/p/?d=DUKE6.TK&i=149.88.16.227&c=972&ro=0&ref=unknown&_=1732485088638
  • https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html
2 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html
Requested by
Host: www.duke6.tk
URL: http://www.duke6.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.92.132 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-210-92-132.deploy.static.akamaitechnologies.com
Software
TLB /
Resource Hash
f7273a98469e4cb45aa130998bdbd978d0efcbe65a0800c5b4420f4bac37d5d5
Security Headers
Name Value
Content-Security-Policy report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=80f352be-49fc-4004-81b3-90cca4ee7d56&scene=1; script-src 'unsafe-eval' apis.google.com c.paypal.com cdn.ampproject.org cdnjs.cloudflare.com client-api.arkoselabs.com code.jquery.com connect.facebook.net developers.kakao.com googleads.g.doubleclick.net googletagmanager.com interactives.ap.org js.hcaptcha.com js.hsforms.net pay.google.com recaptcha.google.com s20.tiktokcdn.com s3.amazonaws.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com sf16m-website-login.neutral.ttwstatic.com ssl.bing.com ssl.google-analytics.com unpkg.com vimeo.com www.google-analytics.com www.google.com www.googleadservices.com www.googleapis.com www.googletagmanager.com www.gstatic.com www.vimeo.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.arkoselabs.com *.billetlugen.dk *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.entradas.com *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.giphy.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tenor.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com interactives.ap.org media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; worker-src www.tiktok.com/business/sw.js www.tiktok.com/creator/worker/ www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/help/sw.js www.tiktok.com/live/creator-networks/pdf.worker.min.js www.tiktok.com/live/static/player-worker/ www.tiktok.com/risk-appeal-ocr/BlinkCardWasmSDK.worker.min.js www.tiktok.com/series/worker/ www.tiktok.com/sw.js; report-to csp-endpoint; upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.duke6.tk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-expose-headers
tt-idc-switch
cache-control
max-age=0, no-cache, no-store
content-encoding
br
content-length
486
content-security-policy
report-uri https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=80f352be-49fc-4004-81b3-90cca4ee7d56&scene=1; script-src 'unsafe-eval' apis.google.com c.paypal.com cdn.ampproject.org cdnjs.cloudflare.com client-api.arkoselabs.com code.jquery.com connect.facebook.net developers.kakao.com googleads.g.doubleclick.net googletagmanager.com interactives.ap.org js.hcaptcha.com js.hsforms.net pay.google.com recaptcha.google.com s20.tiktokcdn.com s3.amazonaws.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com sf16m-website-login.neutral.ttwstatic.com ssl.bing.com ssl.google-analytics.com unpkg.com vimeo.com www.google-analytics.com www.google.com www.googleadservices.com www.googleapis.com www.googletagmanager.com www.gstatic.com www.vimeo.com; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsintegrity.net *.akamaized.net *.amazonaws.com *.arkoselabs.com *.billetlugen.dk *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.entradas.com *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.giphy.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ad *.google.ae *.google.al *.google.am *.google.az *.google.ba *.google.be *.google.bf *.google.bg *.google.bj *.google.bs *.google.by *.google.ca *.google.cd *.google.cg *.google.ci *.google.cl *.google.cm *.google.co.ao *.google.co.bw *.google.co.cr *.google.co.id *.google.co.il *.google.co.in *.google.co.jp *.google.co.ke *.google.co.kr *.google.co.ls *.google.co.ma *.google.co.mz *.google.co.nz *.google.co.th *.google.co.tz *.google.co.ug *.google.co.uk *.google.co.ve *.google.co.za *.google.co.zm *.google.co.zw *.google.com *.google.com.ag *.google.com.ar *.google.com.au *.google.com.bd *.google.com.bh *.google.com.bn *.google.com.bo *.google.com.br *.google.com.bz *.google.com.co *.google.com.cy *.google.com.do *.google.com.ec *.google.com.eg *.google.com.et *.google.com.fj *.google.com.gh *.google.com.gi *.google.com.gt *.google.com.jm *.google.com.kh *.google.com.kw *.google.com.lb *.google.com.ly *.google.com.mm *.google.com.mt *.google.com.mx *.google.com.my *.google.com.na *.google.com.ng *.google.com.ni *.google.com.np *.google.com.om *.google.com.pa *.google.com.pe *.google.com.pg *.google.com.ph *.google.com.pk *.google.com.pr *.google.com.py *.google.com.qa *.google.com.sa *.google.com.sg *.google.com.sl *.google.com.sv *.google.com.tj *.google.com.tr *.google.com.ua *.google.com.uy *.google.com.vc *.google.com.vn *.google.cv *.google.cz *.google.de *.google.dk *.google.dm *.google.dz *.google.ee *.google.es *.google.fr *.google.ga *.google.ge *.google.hn *.google.ht *.google.ie *.google.im *.google.iq *.google.it *.google.je *.google.jo *.google.kg *.google.kz *.google.la *.google.lk *.google.lt *.google.lv *.google.md *.google.me *.google.mg *.google.mk *.google.ml *.google.mn *.google.mu *.google.mv *.google.mw *.google.ne *.google.nl *.google.no *.google.pl *.google.ps *.google.ro *.google.rs *.google.ru *.google.rw *.google.se *.google.sk *.google.sn *.google.so *.google.td *.google.tg *.google.tl *.google.tn *.google.to *.google.tt *.googleadservices.com *.googleapis.com *.googlesyndication.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tenor.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.xzcs3zlph.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com googletagmanager.com i.ticketweb.com images.universe.com interactives.ap.org media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; worker-src www.tiktok.com/business/sw.js www.tiktok.com/creator/worker/ www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/help/sw.js www.tiktok.com/live/creator-networks/pdf.worker.min.js www.tiktok.com/live/static/player-worker/ www.tiktok.com/risk-appeal-ocr/BlinkCardWasmSDK.worker.min.js www.tiktok.com/series/worker/ www.tiktok.com/sw.js; report-to csp-endpoint; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sun, 24 Nov 2024 21:51:32 GMT
expires
Sun, 24 Nov 2024 21:51:32 GMT
pragma
no-cache
reporting-endpoints
csp-endpoint="https://mon.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns"
server
TLB
server-timing
inner; dur=117 cdn-cache; desc=MISS, edge; dur=2, origin; dur=127
strict-transport-security
max-age=63072000; includeSubDomains; preload
tt-idc-switch
10000@20241124165626
x-akamai-request-id
562b8054
x-cache
TCP_MISS from a23-46-181-178.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5564540792473a75b19a89fcf1e2a34b) (-)
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-janus-info
qXBpEQLEMta4RypsLgMNu0md0V2AybeQNQZDybAQchIlVZgRl-i2Cc7ZsDICuSe70pjI1YchhJfRt0dP5sjnKnLFcTyV4O2qwgwva6bDSJUoOcYur8gGVpzE6e6EqCEyionhyrSh_Bch1xV1Znz4MPjlC_Tcnpwp32fGqXV8aa4AKT_2PwQWPOKdcwq4qucq3cBiiT8nEz6potsIo8UZWyZJiiOaaO7ZeitcNXcoslyTuQ1j4WzWjVagSnuViB6We8RK8Hr8tKde9uCYzaYZ
x-origin-response-time
128,23.46.181.178
x-robots-tag
noindex
x-tt-logid
2024112421513195E0358B808DBE35BAEB
x-tt-trace-host
0124323af473e500e8fd1429152736a9f774297a87dbf1d1c5100172bebc2e2eaa2f314d20249fcae57ab57106b6aa674f74d87577ae20c62b7b7f92be96ceaacc341867bc339ebdef203d67f6c2cd5a2f4f13678d7a4366e1239bca8d6a087906
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-xss-protection
1; mode=block

Redirect headers

Connection
close
Content-Length
0
Content-Type
text/html; charset=ISO-8859-1
Date
Sun, 24 Nov 2024 21:41:27 GMT
Location
https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html
Server
nginx/1.18.0
app.css
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/css/app.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.59.91 Mount Prospect, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-25-59-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2614acd22c8b685ed646f26af8cf88db5bafee81a1baabe64a98865b72c18f63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
EGOK+VsDezv4vcGSdluZAQ==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
content-encoding
br
etag
7298ff54-14c9-4224-848d-d518e5c3b4fb
x-check-cacheable
YES
x-content-type-options
nosniff
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Tue, 24 Dec 2024 21:51:32 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=0
x-cache
TCP_MEM_HIT from a23-218-248-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5564540792473a75b19a89fcf1e2a34b) (-)
date
Sun, 24 Nov 2024 21:51:32 GMT
last-modified
Fri, 06 Sep 2024 17:39:59 GMT
content-type
text/css
vary
Accept-Encoding
x-akamai-request-id
13cc12ef
opc-request-id
iad-1:feuUqlZu4_yvDKQ7rFk082CkJn7LJcOOdCbP5ePnjA9sbHQhVUr9NiQf_YSlTBg0
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
5538a909-15b0-483e-bf40-cc939edf1fdd
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
998
1180.css
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/css/1180.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.59.91 Mount Prospect, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-25-59-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ccee864a64dccdcc68c64587f7bdf84664b7c1b7d494c1a1910ece9cad77682b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
m8qVz9tSODyMN5F3GvcL9Q==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
content-encoding
br
etag
03c61e45-26f9-4537-9bb2-9423bf616eda
x-cache-remote
TCP_HIT from a23-33-86-70.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5564540792473a75b19a89fcf1e2a34b) (-)
x-check-cacheable
YES
x-content-type-options
nosniff
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Tue, 24 Dec 2024 21:51:32 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=11, origin; dur=0
x-cache
TCP_MISS from a23-218-248-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5564540792473a75b19a89fcf1e2a34b) (-)
date
Sun, 24 Nov 2024 21:51:32 GMT
last-modified
Fri, 06 Sep 2024 17:39:58 GMT
content-type
text/css
vary
Accept-Encoding
x-akamai-request-id
83373de.13cc12f3
opc-request-id
iad-1:4xzYPnwex4kD7_mEPGCCTFOAzy1AsxaWmfG4bCk89b65tVfA2rd6Q6DM2iYVbY_3
strict-transport-security
max-age=31536000; includeSubDomains
x-origin-response-time
220,23.206.250.102
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
9098534a-99cd-41cf-a925-0e44a38d596f
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
575
x-parent-response-time
11,23.218.248.13
tiktok.css
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/css/ 		460 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/css/tiktok.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.59.91 Mount Prospect, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-25-59-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc7990eab1b533b833482453d1c67f993986dddc3b6a7db5e33bf7cebe13ffc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
y5S5MJj4xO1NWgqpvnggiA==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
content-encoding
br
etag
aef798ce-de99-4796-9456-813bb8e98465
x-check-cacheable
YES
x-content-type-options
nosniff
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Tue, 24 Dec 2024 21:51:32 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=0
x-cache
TCP_MEM_HIT from a23-218-248-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5564540792473a75b19a89fcf1e2a34b) (-)
date
Sun, 24 Nov 2024 21:51:32 GMT
last-modified
Fri, 06 Sep 2024 17:39:59 GMT
content-type
text/css
vary
Accept-Encoding
x-akamai-request-id
13cc12f4
opc-request-id
iad-1:DCxNsN28RtGwf_KRcZtEYyYZt2cUf7p5LwSYWs6_HEXNV8yOIL6_08cINb4snw2W
strict-transport-security
max-age=31536000; includeSubDomains
x-origin-response-time
242,23.203.132.170
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
1a3b3ca5-358b-4936-a3b5-fc1ab4f0848a
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
184
1180_suspicious.png
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/img/1180_suspicious.png
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.59.91 Mount Prospect, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-25-59-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9f13a3d8746f5eaf29288b597b38ec806f6b3afcab7aacf96248298e97c689cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
VTTf6zXnH0Dw6peQXs/RDw==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
etag
598e820d-5b57-479f-8009-2c8b4ac442eb
x-cache-remote
TCP_MISS from a23-201-44-210.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5564540792473a75b19a89fcf1e2a34b) (-)
x-check-cacheable
YES
x-content-type-options
nosniff
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Tue, 24 Dec 2024 21:51:33 GMT
server-timing
cdn-cache; desc=MISS, edge; dur=470, origin; dur=0
x-cache
TCP_MISS from a23-218-248-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5564540792473a75b19a89fcf1e2a34b) (-)
date
Sun, 24 Nov 2024 21:51:33 GMT
last-modified
Fri, 06 Sep 2024 17:39:59 GMT
content-type
image/png
x-akamai-request-id
d77a5d8.25f64ea9.13cc12f6
opc-request-id
iad-1:Zs1hqyyLmHHrVvGWPGvBcu4BKHKjIV1-G4i3vH66-AIBixuqchMosO7Ppi8jYTZT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
f968fff2-41ee-4665-850a-55bea817a9ec
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
3958
x-parent-response-time
461,23.201.44.210, 470,23.218.248.13
tiktok_suspicious_mobile.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/js/ 		393 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/js/tiktok_suspicious_mobile.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/link/v2?aid=1180&lang=en&scene=bio_url&target=http://citybf.com/free-online-access-user059.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.59.91 Mount Prospect, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-25-59-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc6ce89021d96224e2d8fd9842e2881f79e545f53bf66c978b61b56cdd0fd4b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
7aiF3MWpL3QItLTVRUCuMg==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
content-encoding
br
etag
4b1dd459-9ef0-4b6d-9265-8221586a03ad
x-check-cacheable
YES
x-content-type-options
nosniff
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Tue, 24 Dec 2024 21:51:32 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=0
x-cache
TCP_MEM_HIT from a23-218-248-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5564540792473a75b19a89fcf1e2a34b) (-)
date
Sun, 24 Nov 2024 21:51:32 GMT
last-modified
Fri, 06 Sep 2024 17:39:59 GMT
content-type
application/javascript
vary
Accept-Encoding
x-akamai-request-id
13cc12f5
opc-request-id
iad-1:DjMXfpGIDdZ_AH2_ogwjE2gR4zuymPnLI_hbwkI2gYwoITfaFE1qngE9ENOjVJJ3
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
1cff70a7-028c-4e31-84b8-584b97956290
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
153
TikTokFont-Regular.ttf
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/font/ 		143 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/font/TikTokFont-Regular.ttf
Requested by
Host: sf16-website-login.neutral.ttwstatic.com
URL: https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/css/tiktok.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.25.59.91 Mount Prospect, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-25-59-91.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
817da98d9aed9e49e37bf30ab089379f89ed1479c7714cdd7d2ea1b23563ab1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.tiktok.com
Referer
https://sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/seclink_static/static/css/tiktok.css

Response headers

content-md5
WJhgjAAzZd2VNk1/HyDBhw==
access-control-expose-headers
accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,storage-tier,strict-transport-security,version-id,x-api-id,x-content-type-options
content-encoding
gzip
etag
18101b85-d663-4ccd-9792-ce466a5895bb
x-check-cacheable
YES
x-content-type-options
nosniff
access-control-allow-methods
POST,PUT,GET,HEAD,DELETE,OPTIONS
x-api-id
native
expires
Tue, 24 Dec 2024 21:51:33 GMT
server-timing
cdn-cache; desc=HIT, edge; dur=0
x-cache
TCP_MEM_HIT from a23-218-248-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5564540792473a75b19a89fcf1e2a34b) (-)
date
Sun, 24 Nov 2024 21:51:33 GMT
last-modified
Fri, 06 Sep 2024 17:39:58 GMT
content-type
font/ttf
vary
Accept-Encoding
x-akamai-request-id
13cc14c7
opc-request-id
iad-1:lCDX3k15cK_gJx-U9X59f5opGmAoI1XALnALrZdII2uJ1hmCpK5dYl4kJn8psO7w
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=2592000
timing-allow-origin
*
storage-tier
Standard
version-id
5f57c794-eb2c-42e8-babd-afa67b6beb95
access-control-allow-credentials
true
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
74193
x-parent-response-time
25,23.192.44.231, 425,23.33.86.173
favicon.ico
www.tiktok.com/ 		7 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.tiktok.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.210.92.132 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-210-92-132.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
698fc7056302ac9ea260aad79c23b0f2428ed78a2434f2148d4ea4606ba00084
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
"66ecff7f-1a63"
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-cache
TCP_MEM_HIT from a23-46-181-178.deploy.akamaitechnologies.com (AkamaiGHost/11.7.1-5564540792473a75b19a89fcf1e2a34b) (-)
date
Sun, 24 Nov 2024 21:51:33 GMT
content-type
image/x-icon
vary
Accept-Encoding
x-akamai-request-id
562b8ac0
last-modified
Fri, 20 Sep 2024 04:52:15 GMT
x-tt-trace-host
018de47b37595c9f7e67a0e62a8927ab58228235565db58e5dc2929928b1ec47aa182118ec46101a1ad950d3cfbacccd15e063e19be7dcb01e3f3c36a8b9066063ec96aaaaae58ca502486e4c2f679e68acc76b618ee61470299aa161c929e4a68
strict-transport-security
max-age=31536000; includeSubDomains
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
accept-ranges
bytes
x-tt-trace-id
00-241002161950034B9500AE9921796A59-5BA349C250040F1C-00
content-length
6759
x-tt-logid
20241002161950034B9500AE9921796A59
server
nginx

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
www.duke6.tk/ Name: JSESSIONID
Value: 61049D9FDCD953FAFD9168713304E512