urlscan.io logo urlscan.io
SecurityTrails logo

www.tiktokcopyrightsupport.tk Open in urlscan Pro
89.163.146.135  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.tiktokcopyrightsupport.tk/
Submission: On November 25 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 6 HTTP transactions. The main IP is 89.163.146.135, located in Germany and belongs to MYLOC-AS IP Backbone of myLoc managed IT AG, DE. The main domain is www.tiktokcopyrightsupport.tk.
TLS certificate: Issued by Let's Encrypt Authority X3 on November 25th 2020. Valid for: 3 months.
This is the only time www.tiktokcopyrightsupport.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: TikTok (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 89.163.146.135 24961 (MYLOC-AS ...)
2 151.139.128.8 20446 (HIGHWINDS3)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 94.177.222.69 31034 (ARUBA-ASN)
6 5
Domain Requested by
2 i.hizliresim.com www.tiktokcopyrightsupport.tk
2 kit-free.fontawesome.com www.tiktokcopyrightsupport.tk
kit-free.fontawesome.com
1 www.controcampus.it www.tiktokcopyrightsupport.tk
1 www.tiktokcopyrightsupport.tk
6 4

This site contains no links.

Subject Issuer Validity Valid
tiktokcopyrightsupport.tk
Let's Encrypt Authority X3		 2020-11-25 -
2021-02-23		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-24 -
2021-07-24		 a year crt.sh
controcampus.it
Let's Encrypt Authority X3		 2020-10-02 -
2020-12-31		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.tiktokcopyrightsupport.tk/
Frame ID: 8BC18544E362D948CC504B7C2A646C5D
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

248 kB
Transfer

306 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.tiktokcopyrightsupport.tk/ 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tiktokcopyrightsupport.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
89.163.146.135 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
alim.kebirhost.com
Software
nginx / PHP/5.6.40
Resource Hash
83cd885bab13609c8729275bd4db074daa65abfb7d71876dfba0afc3bfe34677

Request headers

:method
GET
:authority
www.tiktokcopyrightsupport.tk
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Wed, 25 Nov 2020 03:07:19 GMT
content-type
text/html; charset=UTF-8
content-length
6194
x-powered-by
PHP/5.6.40
vary
Accept-Encoding,User-Agent
content-encoding
gzip
free.min.css
kit-free.fontawesome.com/releases/latest/css/ 		59 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Requested by
Host: www.tiktokcopyrightsupport.tk
URL: https://www.tiktokcopyrightsupport.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
4f02bd6f018d6f08c37c39f2d114101beac342c2c065046635e5ed0c42853590

Request headers

Referer
https://www.tiktokcopyrightsupport.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 03:07:19 GMT
content-encoding
gzip
last-modified
Mon, 05 Oct 2020 16:00:45 GMT
etag
"1601913645"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1606273639.cds032.pa1.hn,1606273639.cds027.pa1.c
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, private, must-revalidate
access-control-allow-methods
GET
accept-ranges
bytes
content-length
13753
jqZypj.png
i.hizliresim.com/ 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hizliresim.com/jqZypj.png
Requested by
Host: www.tiktokcopyrightsupport.tk
URL: https://www.tiktokcopyrightsupport.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b61b721e34b2dace7d7296b36c29963a6729d590ab89fa630c4cc763b0a5bb7

Request headers

Referer
https://www.tiktokcopyrightsupport.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 03:07:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
124493
cf-bgj
csam-hash
x-amz-request-id
78B9B50D97C18292
x-amz-id-2
wEqnb90EqphqCzvh3a4+VnB2BhU1p0HZd7feglxZ9UDhtFgQTYBpD3KvlVcTMYoKvjCIzfMi7pQO
last-modified
Fri, 03 Jan 2020 20:53:28 GMT
server
cloudflare
etag
W/"9afd57290a54a4dbaa2a5dcb7f64bb94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VXhVfWDHamhi5t%2Bb7g8UrTBvu7d2A9o4a6lzetM6Op73wHen%2Fy1Pmh0sgG1J85GS6tTK5ctu9b4ZmY9YShNFZ3g7mWHu10lcgemdH3tMAGqMFuf%2BVUNw6Bg6fNgg"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
cf-request-id
069ef7bb3700000614bc357000000001
cf-ray
5f7828a52ebf0614-FRA
expires
Mon, 30 Nov 2020 16:32:26 GMT
AOaGYQ.png
i.hizliresim.com/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.hizliresim.com/AOaGYQ.png
Requested by
Host: www.tiktokcopyrightsupport.tk
URL: https://www.tiktokcopyrightsupport.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ac81bf101f0cba6cc559d4dc5afc5ea45bf9b026fedc8a45da10b041ca20bc

Request headers

Referer
https://www.tiktokcopyrightsupport.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 03:07:19 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
112104
cf-bgj
csam-hash
x-amz-request-id
D969CE723E419C4B
x-amz-id-2
Dkrtd4n+IhKJxe8GlzxzRe2EEkJY5KGlTI4z990R5e2VyWyPFTlGem1/fQ2rNozNzSRdtmQSJ0BX
last-modified
Sat, 04 Jan 2020 12:33:20 GMT
server
cloudflare
etag
W/"f42b394b7d8669ed8438ba4b914bba89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Twhk9HMZIvDsDLfMEc4oo54soG1ilqBW28TnMtjhS%2BeAqIGy39%2B5sEER2yNcBCpwK6k4HgtHziajzlHnBhP9%2BSHyImHJm9tkTahQLB7avpuMf5%2FbU%2FGSyC0Hyh2F"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
cf-request-id
069ef7bb37000006146f263000000001
cf-ray
5f7828a52ec00614-FRA
expires
Mon, 30 Nov 2020 19:58:55 GMT
TikTok.jpg
www.controcampus.it/wp-content/uploads/2019/03/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.controcampus.it/wp-content/uploads/2019/03/TikTok.jpg
Requested by
Host: www.tiktokcopyrightsupport.tk
URL: https://www.tiktokcopyrightsupport.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
94.177.222.69 Arezzo, Italy, ASN31034 (ARUBA-ASN, IT),
Reverse DNS
host69-222-177-94.serverdedicati.aruba.it
Software
nginx / PleskLin
Resource Hash
81f3110e97681ccb755f63a08f17c70d7e9fd0a5693ce25c17ac9d3b0242f90e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000; includeSubDomains

Request headers

Referer
https://www.tiktokcopyrightsupport.tk/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 03:07:19 GMT
etag
"5c9fb988-2d69"
last-modified
Sat, 30 Mar 2019 18:46:32 GMT
server
nginx
x-powered-by
PleskLin
strict-transport-security
max-age=15768000; includeSubDomains
content-type
image/jpeg
cache-control
max-age=2419200, public
accept-ranges
bytes
content-length
11625
expires
Wed, 11 Dec 2014 05:00:00 GMT
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3002f440208533779f449a4b7797ec893328003969685c3f06ea085ef9dd3da

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32c0a04b9406b61b17f0138a5b5e9d2456de1800de6619d54e64d5a94eba0c53

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
free-fa-solid-900.woff2
kit-free.fontawesome.com/releases/latest/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://kit-free.fontawesome.com/releases/latest/webfonts/free-fa-solid-900.woff2
Requested by
Host: kit-free.fontawesome.com
URL: https://kit-free.fontawesome.com/releases/latest/css/free.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
01a8d61bd9bb710ec94faf399b0fd995ccbac02771968c87d00df45321595a2d

Request headers

Origin
https://www.tiktokcopyrightsupport.tk
Referer
https://kit-free.fontawesome.com/releases/latest/css/free.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 03:07:19 GMT
last-modified
Mon, 05 Oct 2020 16:12:05 GMT
etag
"1601914325"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, private, must-revalidate
accept-ranges
bytes
content-length
80284
x-hw
1606273639.cds022.pa1.hn,1606273639.cds027.pa1.c

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: TikTok (Social Network)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| StalkerBedo

0 Cookies