account-tiktok.rf.gd Open in urlscan Pro
185.27.134.150  Malicious Activity! Public Scan

Submitted URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/
Effective URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Submission: On January 04 via manual from AU — Scanned from GB

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 185.27.134.150, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is account-tiktok.rf.gd.
This is the only time account-tiktok.rf.gd was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: TikTok (Social Network)

Domain & IP information

IP Address AS Autonomous System
4 185.27.134.150 34119 (WILDCARD-...)
6 2.16.186.27 20940 (AKAMAI-ASN1)
6 2.16.186.41 20940 (AKAMAI-ASN1)
16 4
Domain Requested by
6 sf16-scmcdn-va.ibytedtos.com account-tiktok.rf.gd
6 s16.tiktokcdn.com account-tiktok.rf.gd
4 account-tiktok.rf.gd account-tiktok.rf.gd
16 3

This site contains links to these domains. Also see Links.

Domain
www.tiktok.com
Subject Issuer Validity Valid
*.tiktokcdn.com
RapidSSL RSA CA 2018
2020-06-11 -
2022-06-12
2 years crt.sh
*.ibytedtos.com
RapidSSL RSA CA 2018
2020-02-07 -
2022-04-07
2 years crt.sh

This page contains 1 frames:

Primary Page: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Frame ID: 840EEE3130A30290841768366D916523
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Log in with phone or email | TikTok

Page URL History Show full URLs

  1. http://account-tiktok.rf.gd/login/phone-or-email/phone/ Page URL
  2. http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1 Page URL

Page Statistics

16
Requests

69 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

620 kB
Transfer

1113 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://account-tiktok.rf.gd/login/phone-or-email/phone/ Page URL
  2. http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
account-tiktok.rf.gd/login/phone-or-email/phone/
858 B
847 B
Document
General
Full URL
http://account-tiktok.rf.gd/login/phone-or-email/phone/
Protocol
HTTP/1.1
Server
185.27.134.150 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
565c49223cd89532282e358604b31c056ac66f52e13f2f42fd0a096a2f328613

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

Server
nginx
Date
Tue, 04 Jan 2022 16:11:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control
no-cache
Content-Encoding
gzip
aes.js
account-tiktok.rf.gd/
30 KB
31 KB
Script
General
Full URL
http://account-tiktok.rf.gd/aes.js
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/
Protocol
HTTP/1.1
Server
185.27.134.150 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
d2701c86a2a31a641520e72121749dbbabeed4b1a59aece20bbf14f9c9de82bc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://account-tiktok.rf.gd/login/phone-or-email/phone/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 16:11:41 GMT
Last-Modified
Sat, 08 Aug 2015 08:12:26 GMT
Server
nginx
ETag
"55c5b9ea-79e6"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31206
Primary Request /
account-tiktok.rf.gd/login/phone-or-email/phone/
167 KB
34 KB
Document
General
Full URL
http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/
Protocol
HTTP/1.1
Server
185.27.134.150 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
a2f9ded0bf2d964d34d23c64ec7b7f19366c3e83afb31607e04c3a589619d073

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
http://account-tiktok.rf.gd/login/phone-or-email/phone/

Response headers

Server
nginx
Date
Tue, 04 Jan 2022 16:11:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
max-age=0
Expires
Tue, 04 Jan 2022 16:11:41 GMT
Content-Encoding
gzip
loading.gif
account-tiktok.rf.gd/login/phone-or-email/
23 KB
23 KB
Image
General
Full URL
http://account-tiktok.rf.gd/login/phone-or-email/loading.gif
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
HTTP/1.1
Server
185.27.134.150 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software
nginx /
Resource Hash
6f17dbea8b6db5fd570d0a498b3a082691979671adf03ac1aa3c20697ec8296e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Tue, 04 Jan 2022 16:11:41 GMT
Last-Modified
Thu, 02 Dec 2021 17:49:57 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
max-age=2592000, public, proxy-revalidate, public, proxy-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23701
Expires
Thu, 03 Feb 2022 16:11:41 GMT
sofiapro-bold.otf
s16.tiktokcdn.com/musical/resource/mtact/static/fonts/
163 KB
91 KB
Font
General
Full URL
https://s16.tiktokcdn.com/musical/resource/mtact/static/fonts/sofiapro-bold.otf
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
dd3544c991134803b697653dbffa19ee05654397f1321d1c1a1af4d43f080b76

Request headers

Referer
http://account-tiktok.rf.gd/
Origin
http://account-tiktok.rf.gd
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
15018dda
date
Tue, 04 Jan 2022 16:11:42 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-cache
TCP_HIT from a2-16-186-23.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
server-timing
cdn-cache; desc=HIT, edge; dur=35, inner; dur=4
last-modified
Thu, 06 Aug 2020 04:32:03 GMT
server
nginx
etag
"5f2b87c3-28c94"
vary
Accept-Encoding
content-type
font/otf
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=4891692
x-tt-trace-host
0181786d650160b18462fb398ed2d60ce21afcb97e0a91ac9a3251d8930ae5c2e9e34f0eddc846718a0a81e111fb14290574fdd9d10f2b89ecd6c4b0185c8b3208988c8447aeaa94eb8e7101432e031b8b191969e2c30592b3d6eb172c610d298200b7273a3c3c6a8686ca9f8001d7427a
accept-ranges
bytes
expires
Wed, 02 Mar 2022 06:59:54 GMT
sofiapro-medium.otf
s16.tiktokcdn.com/musical/resource/mtact/static/fonts/
161 KB
89 KB
Font
General
Full URL
https://s16.tiktokcdn.com/musical/resource/mtact/static/fonts/sofiapro-medium.otf
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
362732757fd8ef2a7aca850ca0c0a291c44a1192c367281e532be6b90acab235

Request headers

Referer
http://account-tiktok.rf.gd/
Origin
http://account-tiktok.rf.gd
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
15018ddb
date
Tue, 04 Jan 2022 16:11:42 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-cache
TCP_HIT from a2-16-186-23.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
server-timing
cdn-cache; desc=HIT, edge; dur=15
last-modified
Thu, 06 Aug 2020 04:32:03 GMT
server
nginx
etag
"5f2b87c3-28288"
vary
Accept-Encoding
content-type
font/otf
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=10448234
accept-ranges
bytes
expires
Thu, 05 May 2022 14:28:56 GMT
sofiapro-regular.otf
s16.tiktokcdn.com/musical/resource/mtact/static/fonts/
155 KB
86 KB
Font
General
Full URL
https://s16.tiktokcdn.com/musical/resource/mtact/static/fonts/sofiapro-regular.otf
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e145b1a56b822a1f604021905dc0c661a5447c13a569b6424be2abc8c140b668

Request headers

Referer
http://account-tiktok.rf.gd/
Origin
http://account-tiktok.rf.gd
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
15018ddc
date
Tue, 04 Jan 2022 16:11:42 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-cache
TCP_HIT from a2-16-186-23.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
server-timing
cdn-cache; desc=HIT, edge; dur=5
last-modified
Thu, 06 Aug 2020 04:32:03 GMT
server
nginx
etag
"5f2b87c3-26bf4"
vary
Accept-Encoding
content-type
font/otf
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=8970779
accept-ranges
bytes
expires
Mon, 18 Apr 2022 12:04:41 GMT
help.a708bf24.svg
sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/
824 B
1 KB
Image
General
Full URL
https://sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/help.a708bf24.svg
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
69f0d1d60fbc8338cedd9c36c4068b2dea90624afcc37957854862649e44262d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://account-tiktok.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
6311d8b9.24f27c5f
date
Tue, 04 Jan 2022 16:11:42 GMT
content-encoding
gzip
x-expires-ms
1636348285244
content-md5
YSR3Dgc67D7Ouqg14Wn3Gg==
x-cache
TCP_MISS from a2-16-186-37.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
20,2.16.186.37
server-timing
cdn-cache; desc=MISS, edge; dur=21, origin; dur=0, inner; dur=4
content-length
389
server
nginx
x-tos-request-id
f0b8da88ac068b06-abc2286
x-tos-response-time
Mon, 08 Nov 2021 04:48:06 GMT
last-modified
Tue, 12 Oct 2021 01:48:01 GMT
x-cache-remote
TCP_HIT from a2-16-111-203.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=1825717
x-origin-response-time
64,23.55.60.4
x-tt-trace-host
01b3ed52a94f4f09f3566c4e4db7f69a263086574e770d7532973d33c60b44ca16f1c2c340a2bbd5538e01fb64189fb440ec75971436a400d88ef17d77563ccc27625f2b672c66b8240cc30bdd30fd7a22906798a8960577865e286e6678909268ee1c04a06a3a019c08360a874ddbb3e5
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
access-control-allow-credentials
false
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
34833eca688407faa4d2e17c650c445c447ad535c0a24611b26f4a608ba438cf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://account-tiktok.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type
image/png
openSelector.3e786e4d.svg
sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/
357 B
1 KB
Image
General
Full URL
https://sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/openSelector.3e786e4d.svg
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9426ab3e4ef10c1b356eb95de2a204d3ea259bdf66c340b14f92169771d5816d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://account-tiktok.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
29a691fc.24f27c64
date
Tue, 04 Jan 2022 16:11:43 GMT
content-encoding
gzip
x-expires-ms
1636348546765
content-md5
Sa3RhysO+frqdmNLtTEtdg==
x-cache
TCP_MISS from a2-16-186-37.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
311,23.11.206.221, 349,2.16.186.37
server-timing
cdn-cache; desc=MISS, edge; dur=350, origin; dur=0, inner; dur=0
content-length
257
server
nginx
x-tos-request-id
ff8761883a906af4-abd4b9e
x-tos-response-time
Sun, 07 Nov 2021 20:44:00 GMT
last-modified
Tue, 12 Oct 2021 01:48:01 GMT
x-cache-remote
TCP_REFRESH_HIT from a23-11-206-221.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (S)
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2571574
x-origin-response-time
17,23.55.60.21
x-tt-trace-host
015a0b94e87273075a64fd08d04ae5ce111c2ea56ab459881a3e23273a7df576962313b1f99bc8a316e9a98bc7caf9ff30ff1265d49d53092509fd3251ab9c1e42cfb088fc286a9e6cafb07f99a8359fd471be3659fda9df39c76d2b9e28a3492cfb95959faabca30d1c5ca4d89e73a88f5b855c6dc559fcef6774610a38cc6920
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
access-control-allow-credentials
false
error.d9f0b771.svg
sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/
753 B
2 KB
Image
General
Full URL
http://sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/error.d9f0b771.svg
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
HTTP/1.1
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4f3db8175cf894afdcba2e8c502f4c599a4c2fee6c1990d1e4f74fd71123a5ba

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://account-tiktok.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-Akamai-Request-ID
1babc77.24f27c16
Date
Tue, 04 Jan 2022 16:11:42 GMT
Content-Encoding
gzip
X-Expires-MS
1641233490772
Content-MD5
l+6QfpLgBdW9UgJie3CEgg==
X-Cache
TCP_MISS from a2-16-186-37.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
X-Bdcdn-Cache-Status
TCP_MISS
X-Parent-Response-Time
8,184.51.7.5, 18,2.16.186.37
Server-Timing
cdn-cache; desc=MISS, edge; dur=19, origin; dur=0, inner; dur=121
Content-Length
395
Server
nginx
X-Tos-Request-Id
99714d33c51f435-abd4d68
X-Tos-Response-Time
Mon, 03 Jan 2022 18:11:29 GMT
Last-Modified
Tue, 12 Oct 2021 01:48:01 GMT
X-Cache-Remote
TCP_HIT from a2-22-8-22.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
Cache-Control
max-age=2512807
ETag
CJaZgsngw/MCEAE=
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
X-Check-Cacheable
YES
Connection
keep-alive
Access-Control-Allow-Credentials
false
x-tt-trace-host
017b3caabf8702841a12f8187fdd910a9cd5d50b9632b5803a3a0cf753c4cbd32ffb28a7373a1440a42c44dafdf3fc5055e1fe3f1eb530e4885d702d61d87b960c1851f071edfec280cee6903007ee32aa02324317c009b769b7259b5a7cef89906611d742628fd2226eea663d8463da69
Access-Control-Max-Age
86400
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
search.73141555.svg
sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/
578 B
1 KB
Image
General
Full URL
https://sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/search.73141555.svg
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d63e03591eca3b9aab7823154a09cea4d0fdbe628a6b9ea5cc38437be443f206

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://account-tiktok.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
49f28869.1dac81e2.24f27c6a
date
Tue, 04 Jan 2022 16:11:43 GMT
content-encoding
gzip
x-expires-ms
1641312074494
content-md5
t7w64DTFBdCDOMioBPU5fQ==
x-cache
TCP_MISS from a2-16-186-37.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
447,23.3.89.197, 462,2.16.186.37
server-timing
cdn-cache; desc=MISS, edge; dur=463, origin; dur=0, inner; dur=78
content-length
308
server
nginx
x-tos-request-id
353ea0d46f4968ff-abd4b9a
x-tos-response-time
Tue, 04 Jan 2022 16:01:13 GMT
last-modified
Tue, 12 Oct 2021 01:48:01 GMT
x-cache-remote
TCP_MISS from a23-3-89-197.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
etag
CNOkhMngw/MCEAE=
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2591343
access-control-allow-credentials
false
x-tt-trace-host
0199181d717da2f02ed4bb8e3d7a872e1b44596c0fd200e18486cadd2ed97c54b9b85d81e1f3564ae7aeceaa35528a450a9193440c035cc0123083be51a876b02c573b63ac4e51fb5a325a7b94a58dda685d899e0b81b51d0bede9c4b4fd93d57bfde26aa471e2d95821351a4899c6e061
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
back_bold.9a9bc698.svg
sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/
610 B
1 KB
Image
General
Full URL
https://sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/back_bold.9a9bc698.svg
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2d76d5e203f23b8dafcd4aac449b38585844fcc3fcdb4da39cc8758f37000250

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://account-tiktok.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
db024b19.1c99c60d.24f27c71
date
Tue, 04 Jan 2022 16:11:43 GMT
content-encoding
gzip
x-expires-ms
1641305138180
content-md5
H6Mp6orOLa6mgj7SNGkyqg==
x-cache
TCP_MISS from a2-16-186-37.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status
TCP_MISS
x-parent-response-time
458,104.99.57.219, 470,2.16.186.37
server-timing
cdn-cache; desc=MISS, edge; dur=470, origin; dur=0, inner; dur=120
content-length
349
server
nginx
x-tos-request-id
57ea20d45431dc29-abeb9a5
x-tos-response-time
Tue, 04 Jan 2022 14:05:37 GMT
last-modified
Tue, 12 Oct 2021 01:48:01 GMT
x-cache-remote
TCP_MISS from a104-99-57-219.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
etag
COaEgcngw/MCEAE=
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=2584481
access-control-allow-credentials
false
x-tt-trace-host
01ef17c8e0dfc67edd5dc65b8614ef0545f2a3bbc5f99a7ba572a67f4c8a08d1873cd617c5ab429cd50de9e325d16a68b518639b2f947eaef7c35a6254f9c9479dd8bda143be2d02b6a857d109f1d2f050c80453b9f36d66ba9ad8a1c899e78013275212f0480025c1ec02e6e6400bcbd7
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
arrow.f377b007.svg
sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/
306 B
1 KB
Image
General
Full URL
https://sf16-scmcdn-va.ibytedtos.com/goofy/ies/tiktok_webapp_login/svgs/arrow.f377b007.svg
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4dc2b912705bc72035bc6d47e530126ea5ea8cde0c3129d30e9016abd48591d4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
http://account-tiktok.rf.gd/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
68c9bb62.24f27c7f
date
Tue, 04 Jan 2022 16:11:42 GMT
content-encoding
gzip
x-expires-ms
1636348507825
content-md5
NuXzkv2DEf+eS7XSlAdbMw==
x-cache
TCP_MISS from a2-16-186-37.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=static
x-bdcdn-cache-status
TCP_HIT
x-parent-response-time
4,23.204.146.37, 22,2.16.186.37
server-timing
cdn-cache; desc=MISS, edge; dur=22, origin; dur=0, inner; dur=0
content-length
229
server
nginx
x-tos-request-id
849072885dc82925-abd2e42
x-tos-response-time
Sun, 07 Nov 2021 23:14:16 GMT
last-modified
Tue, 12 Oct 2021 01:48:01 GMT
x-cache-remote
TCP_HIT from a23-53-42-68.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=414824
access-control-allow-credentials
false
x-tt-trace-host
01fb703a5cef11ee1534009a8ceea2c12e54d6782fda3a88e95248547bca19f45cf78eaee359df443d69b79cbf1d851d1e0e63f111925edba460cbad13ed9d1e5989a1c4c5fbe017b4bd8265c63e304d9cb7e634e3bd4364307aadcb359c0ec57448918d7055a4a467cde070aebeed9138c6a6e073e8a508c8581e9276d0fe1fed
access-control-max-age
86400
accept-ranges
bytes
access-control-allow-headers
*
proxima-nova-regular.otf
s16.tiktokcdn.com/musical/resource/mtact/static/fonts/
134 KB
85 KB
Font
General
Full URL
https://s16.tiktokcdn.com/musical/resource/mtact/static/fonts/proxima-nova-regular.otf
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
21387d49779e6ad4ce969a865eb7543619aa37f3bd9c3243018340b08b774e3e

Request headers

Referer
http://account-tiktok.rf.gd/
Origin
http://account-tiktok.rf.gd
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
15018dd3
date
Tue, 04 Jan 2022 16:11:42 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-cache
TCP_HIT from a2-16-186-23.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
server-timing
cdn-cache; desc=HIT, edge; dur=6
last-modified
Thu, 06 Aug 2020 04:32:03 GMT
server
nginx
etag
"5f2b87c3-218dc"
vary
Accept-Encoding
content-type
font/otf
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=11738863
accept-ranges
bytes
expires
Fri, 20 May 2022 12:59:25 GMT
proxima-nova-bold.otf
s16.tiktokcdn.com/musical/resource/mtact/static/fonts/
138 KB
87 KB
Font
General
Full URL
https://s16.tiktokcdn.com/musical/resource/mtact/static/fonts/proxima-nova-bold.otf
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b1fb6db7fb9b71519ef57c1352cd8510e9789110fbc780103a2becfa850bb79d

Request headers

Referer
http://account-tiktok.rf.gd/
Origin
http://account-tiktok.rf.gd
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
15018dd5
date
Tue, 04 Jan 2022 16:11:42 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-cache
TCP_HIT from a2-16-186-23.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
server-timing
cdn-cache; desc=HIT, edge; dur=21, inner; dur=1
last-modified
Thu, 06 Aug 2020 04:32:03 GMT
server
nginx
etag
"5f2b87c3-22970"
vary
Accept-Encoding
content-type
font/otf
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=10649650
x-tt-trace-host
01c6bb4a449992ce5fa1db075682782e48312533cec0748bb10667f3c7f0a0a290ea4cde288e0a141e4d2012a34dd1447ecf9cc0f6b3ce8b6aee4ba61e73ff11bfd0993822b3b79e292d08d17ebba9de450578945dc346d74082b62ec004e7a3d52546c39f7ab7e8659b8c87093674c1135e559981483dcbde71151918f5c91926
accept-ranges
bytes
expires
Sat, 07 May 2022 22:25:52 GMT
proxima-nova-semibold.otf
s16.tiktokcdn.com/musical/resource/mtact/static/fonts/
135 KB
85 KB
Font
General
Full URL
https://s16.tiktokcdn.com/musical/resource/mtact/static/fonts/proxima-nova-semibold.otf
Requested by
Host: account-tiktok.rf.gd
URL: http://account-tiktok.rf.gd/login/phone-or-email/phone/?i=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.27 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-27.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
ce4993b1c3acb40b5c298d10d45d38f13a913588ff5dc5e078697de692ff8f1b

Request headers

Referer
http://account-tiktok.rf.gd/
Origin
http://account-tiktok.rf.gd
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-akamai-request-id
15018dd7
date
Tue, 04 Jan 2022 16:11:42 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-cache
TCP_HIT from a2-16-186-23.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
server-timing
cdn-cache; desc=HIT, edge; dur=42, inner; dur=2
last-modified
Thu, 06 Aug 2020 04:32:03 GMT
server
nginx
etag
"5f2b87c3-21a08"
vary
Accept-Encoding
content-type
font/otf
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=14868180
x-tt-trace-host
01dfd466a5e935fef17b198fb5a345d052b138e71b157f5823e4cabd24f130804a397e833f046c4bb98f18e58c473e3bcd99f898f2e775ecec178cbd97e2b133c8779a8e3b6934d5cb8ab3dd2c3a83132d47db79ff24f56f178e09b7224f44d5c16e70e8b4208f1570648254c91562f128
accept-ranges
bytes
expires
Sat, 25 Jun 2022 18:14:42 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: TikTok (Social Network)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| setnum function| windownumber function| checkpole function| checknum function| sendcode function| checknumber function| check

1 Cookies

Domain/Path Name / Value
account-tiktok.rf.gd/ Name: __test
Value: cca50cf193213a9b73d664d99dcf0dee