urlscan.io logo urlscan.io
SecurityTrails logo

www.tiktok.com Open in urlscan Pro
92.123.225.35  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.tiktok.com/notfound
Submission: On May 04 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 2 HTTP transactions. The main IP is 92.123.225.35, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.tiktok.com. The Cisco Umbrella rank of the primary domain is 2875.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on December 13th 2021. Valid for: a year.
This is the only time www.tiktok.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 92.123.225.35 20940 (AKAMAI-ASN1)
1 2.16.186.8 20940 (AKAMAI-ASN1)
2 3
Apex Domain
Subdomains		 Transfer
1 ibytedtos.com
lf16-tiktok-common.ibytedtos.com — Cisco Umbrella Rank: 9008
156 KB
1 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 2875
66 KB
2 2
Domain Requested by
1 lf16-tiktok-common.ibytedtos.com www.tiktok.com
1 www.tiktok.com
2 2

This site contains links to these domains. Also see Links.

Domain
twitter.com
instagram.com
Subject Issuer Validity Valid
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.ibytedtos.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-08 -
2023-04-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.tiktok.com/notfound
Frame ID: 3552A72F0339B716FFEAF2931868B70B
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TikTok

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

222 kB
Transfer

409 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request notfound
www.tiktok.com/ 		248 KB
66 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tiktok.com/notfound
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.225.35 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-225-35.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
62c7008392591e495c4a7df1cf527132954391da9f33c235f3bd1e4be7a16055
Security Headers
Name Value
Content-Security-Policy frame-ancestors self *.bytedance.net *.tiktok.com *.tiktok.tc;report-uri https://mon-va.byteoversea.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=tiktok_web_article
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
br
content-security-policy
frame-ancestors self *.bytedance.net *.tiktok.com *.tiktok.tc;report-uri https://mon-va.byteoversea.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=tiktok_web_article
content-security-policy-report-only
default-src 'self' data: blob: *.tiktokcdn.com *.tiktokcdn-us.com *.akamaized.net *.muscdn.com *.tiktok.com *.byteoversea.com *.ibytedtos.com;connect-src *.ibytedtos.com *.bytedanceapi.com *.tiktokv.com *.snssdk.com *.tiktok.com *.byteoversea.com *.tiktokcdn.com *.tiktokcdn-us.com *.hypstarcdn.com *.bytedance.net cdn.ampproject.org *.googletagmanager.com;script-src data: blob: 'unsafe-inline' 'unsafe-eval' *.bytedance.com *.byteoversea.com *.ibytedtos.com *.ipstatp.com *.tiktok.com *.tiktokcdn.com *.tiktokcdn-us.com *.hypstarcdn.com *.googletagmanager.com *.akamaized.com *.muscdn.com *.googleapis.com *.ravenjs.com cdn.ampproject.org *.facebook.com *.ttwstatic.com;style-src 'unsafe-inline' *.tiktokcdn.com *.tiktokcdn-us.com *.muscdn.com *.akamaized.net *.ibytedtos.com *.tiktok.com *.ibyteimg.com *.googleapis.com;img-src data: blob: *.muscdn.com *.akamaized.net *.tiktokcdn.com *.tiktokcdn-us.com *.ibytedtos.com *.ibyteimg.com *.tiktok.com *.hypstarcdn.com *.facebook.com *.byted.org *.googletagmanager.com;frame-src *.tiktok.com;media-src *.tiktokcdn.com *.tiktokcdn-us.com *.akamaized.net *.muscdn.com *.ibytedtos.com *.byted.org *.tiktok.com;font-src *.gstatic.com *.ibytedtos.com *.tiktokcdn.com *.tiktokcdn-us.com;report-uri https://mon-va.byteoversea.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=tiktok_web_article
content-type
text/html; charset=utf-8
date
Wed, 04 May 2022 07:54:34 GMT
expires
Wed, 04 May 2022 07:54:34 GMT
pragma
no-cache
server
nginx
server-timing
cdn-cache; desc=MISS, edge; dur=88, origin; dur=30 inner; dur=24
strict-transport-security
max-age=31536000
x-akamai-request-id
d4104d8.664ad6f
x-cache
TCP_MISS from a92-123-225-31.deploy.akamaitechnologies.com (AkamaiGHost/10.8.0-41078462) (-)
x-cache-remote
TCP_MISS from a23-222-12-12.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-content-type-options
nosniff
x-csp-nonce
ecommLiR0Q51skqyoX4Ot
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-origin-response-time
30,23.222.12.12
x-parent-response-time
118,92.123.225.31
x-tt-logid
20220504075434010223082152027F160E
x-tt-trace-host
01c98d95a4c89fa6573f148d054a5703b5d138a8602bf2b5663581f908d1a1aab3ba677315ecad33cfcafb9bb135352e0f215f7ac2268677a09f871fd18aac72ca3b15e9a3fba3c8477934cd6cd91b49b88d610d16b76c59e6f4290bc9cb969b21d8003a0dadcf7a8981e315725d4651b7
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3002f440208533779f449a4b7797ec893328003969685c3f06ea085ef9dd3da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
32c0a04b9406b61b17f0138a5b5e9d2456de1800de6619d54e64d5a94eba0c53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
sofiapro-regular.otf
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/ 		155 KB
156 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/sofiapro-regular.otf
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/notfound
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-8.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e145b1a56b822a1f604021905dc0c661a5447c13a569b6424be2abc8c140b668

Request headers

Referer
https://www.tiktok.com/
Origin
https://www.tiktok.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-akamai-request-id
32ff4d9
date
Wed, 04 May 2022 07:54:34 GMT
etag
"f3775fefdc62abe3d65f8ad711bc367a"
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
83df79xiq+PWX4rXEbw2eg==
x-cache
TCP_MEM_HIT from a2-16-186-4.deploy.akamaitechnologies.com (AkamaiGHost/10.7.5-41022941) (-)
x-bdcdn-cache-status
TCP_HIT
x-tos-storage-class
Standard
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
158708
x-tos-request-id
4f6324581ae69bb1-af54d25
x-tos-response-time
Thu, 14 Apr 2022 13:00:22 GMT
last-modified
Tue, 29 Mar 2022 06:30:26 GMT
server
nginx
x-tt-trace-id
00-2829da9410618ead8638914605cf04d1-2829da9410618ead-01
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/font-sfnt
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=882392
access-control-allow-credentials
false
x-tt-trace-host
01a5b9ebe1360fec918f3a6093a05cc607c73aa4abc69c13046fb371609162927de4f1341beea24c5ea72a1fa495ea3b2495d26f5bf6bdb85b632c8159e4b80355c63d5eecd96d8cce251fc903c498f2b2f18c0d36486e2602e12510de552466ca144624bee0bc9df7c5e0f9e2ad8ab64eb16a23e56f2e48e16f9aa72aaa0b92b6
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails string| _I18N_LANG_ object| _I18N_LANG_MAP_ function| gettext function| __ function| getLocale

2 Cookies

Domain/Path Name / Value
.tiktok.com/ Name: _abck
Value: 3F352421B4C9E16E79A6E2536845237A~-1~YAAQH+F7XE7EaoaAAQAALEwQjgeV+2IkJQ2mDbf2UsKLyAEPXkEDjCcZ5DLJA3rYJPJkrmSRb9X5QNIemdS3WKiOxsE4c25kFdMMgfMFFVJuPmdgdoHJ/QCxnXaOozAfl5dPgup5Sd+WzJhRnWbdML8aaLjNlLAQbW+vtzB+rxUZHEUUSBmu0OF+g1priJh9/SYy9a1edKJcO2fAp4vP1qFqFvfMizy0aKprU8eJVg2ynpQRn3kByImbIbzLLh1XHAP/jafZHJtOn73xXtCznwoR/NlV+Wl+3LMsLzAuU4VUqMZHiMj9eeYI9dY1aDwke2nS5F1lS4hRZerknftRPEU7jREtEzVs2G5B7DtAbxhlQq1FVfYUknTWM5s=~-1~-1~-1
.tiktok.com/ Name: bm_sz
Value: C00FFBF1A440CA76286440CAA830B4CE~YAAQH+F7XE/EaoaAAQAALEwQjg/mlKU7S2Rq2OsjZ3oCwUgRVc/I+pQe5qHC4N5GMs9SE7sZ/Wta4sQ8u05xYQ0/I4ZeurGDCYELN4FFnTMQlsM4iA9OdevXfxii/qucOEgJU/PVKqqTNoH41vIDqo8ZLz/9ok9ZfiqLV8uFDeG/p40r1RG3Sp++BVkB13Pa0AI7uqJOeU+Yb1ZGgKQeGtTT9lpSMQmQHWhWo0B0p1xxF8se0z5g+CCzNXqZrDpJQ61fmQv1ljBR3vhkOvl/g6GfUA1d0ocu63UboULty2teYN0=~3555639~3422529

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors self *.bytedance.net *.tiktok.com *.tiktok.tc;report-uri https://mon-va.byteoversea.com/log/sentry/v2/api/slardar/main/?ev_type=csp&bid=tiktok_web_article
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block