blog.oversecured.com Open in urlscan Pro
143.204.98.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3oaDrLy
Effective URL:
https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Submission: On February 07 via manual (February 7th 2022, 5:12:58 pm UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 24 HTTP transactions. The main IP is 143.204.98.50, located in United States and belongs to AMAZON-02, US. The main domain is blog.oversecured.com.
TLS certificate: Issued by Amazon on August 23rd 2021. Valid for: a year.

This is the only time blog.oversecured.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
18	143.204.98.50 143.204.98.50	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1 2	2a04:4e42:400... 2a04:4e42:400::775	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
24	5

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 143.204.98.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-50.fra50.r.cloudfront.net

blog.oversecured.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::775 (United States) 1 redirects

ASN54113 (FASTLY, US)

demo.ghost.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	oversecured.com blog.oversecured.com	3 MB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	ghost.io 1 redirects demo.ghost.io	341 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	5 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	30 KB
1	bit.ly 1 redirects bit.ly — Cisco Umbrella Rank: 4192	336 B
24	6

	Domain	Requested by
18	blog.oversecured.com	blog.oversecured.com
2	www.google-analytics.com	blog.oversecured.com www.google-analytics.com
2	demo.ghost.io	1 redirects blog.oversecured.com
2	cdnjs.cloudflare.com	blog.oversecured.com
1	code.jquery.com	blog.oversecured.com
1	bit.ly	1 redirects
24	6

This site contains links to these domains. Also see Links.

Domain
play.google.com
oversecured.com
calendly.com
twitter.com
www.facebook.com
linkedin.com

Subject Issuer	Validity	Valid
oversecured.com Amazon	`2021-08-23` - `2022-09-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Frame ID: A80D9474658AA869F8C04D9BD2EABCA4
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Oversecured detects dangerous vulnerabilities in the TikTok Android app | Oversecured Blog

Page URL History Show full URLs

https://bit.ly/3oaDrLy HTTP 301
https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/ Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

96 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

3356 kB
Transfer

3434 kB
Size

4
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.zhiliaoapp.musically
Title: TikTok

Search URL Search Domain Scan URL

URL: https://oversecured.com/docs/quick-start/
Title: Quick Start

Search URL Search Domain Scan URL

URL: https://calendly.com/oversecured/30min
Title: book a call

Search URL Search Domain Scan URL

URL: https://oversecured.com/contact-us
Title: contact us

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Oversecured+detects+dangerous+vulnerabilities+in+the+TikTok+Android+app&url=https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/

Search URL Search Domain Scan URL

URL: https://oversecured.com/
Title: Oversecured.com

Search URL Search Domain Scan URL

URL: https://oversecured.com/pricing
Title: Pricing

Search URL Search Domain Scan URL

URL: https://oversecured.com/about
Title: About

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/Oversecured/

Search URL Search Domain Scan URL

URL: https://twitter.com/OversecuredInc

Search URL Search Domain Scan URL

URL: https://oversecured.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3oaDrLy HTTP 301
https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://demo.ghost.io/assets/js/jquery.fitvids.js?v=724281a32e HTTP 301
https://demo.ghost.io/assets/js/jquery.fitvids.js/?v=724281a32e

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Redirect Chain

https://bit.ly/3oaDrLy
https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/

89 KB
90 KB

76ms
20ms

Document
text/html

143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e10fb8484c6d99f6e4557694ee1c4fbcd5dfba2c18219ec64b4b7d58a26d38c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
content-length: 91292
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
date: Mon, 07 Feb 2022 16:30:39 GMT
etag: "f531bdd955f5767704edded97377da77"
x-cache: Hit from cloudfront
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: S8IPGcY460Etoz9XE-O1mtLnBW2wdnLcND_kSybMreRQXf07YqsRvQ==
age: 2535

Redirect headers

server: nginx
date: Mon, 07 Feb 2022 17:12:53 GMT
content-type: text/html; charset=utf-8
content-length: 188
cache-control: private, max-age=90
content-security-policy: referrer always;
location: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
referrer-policy: unsafe-url
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 screen.css
blog.oversecured.com/assets/built/ 33 KB
33 KB 13ms
13ms Stylesheet
text/css 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.oversecured.com/assets/built/screen.css
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb06b7c165002d4846ebe711bcba26e15cff7ed006d6a4a15220cc89a6c7525f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:22:09 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
age: 17445
etag: "e5b28ba6a73af4e871267eb2a3254d66"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA50-C1
content-length: 33792
x-amz-cf-id: FYc8yAvR9cKfRXmTVwa09BK9YrvFJr-AbCX0ikluhzrWXNLXUPGG8A==

GET
H2 200 screen.edited.css
blog.oversecured.com/assets/built/ 2 KB
2 KB 20ms
19ms Stylesheet
text/css 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.oversecured.com/assets/built/screen.edited.css
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ce9b8c78efab8fcb6314d9eef206525a0eac074f0da347ba9b8e4cb1946dcf9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:22:09 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
age: 17445
etag: "89b4d6ad47eeb7bb3ad2e82a1ea027d7"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA50-C1
content-length: 1619
x-amz-cf-id: Sn2AUMqdFDuSn6g2prAWZ1QJ5VqHhofQwm1-PDMMNq3RkWX5WU6olw==

GET
H2 200 syntax.css
blog.oversecured.com/assets/built/ 6 KB
6 KB 15ms
14ms Stylesheet
text/css 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.oversecured.com/assets/built/syntax.css
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fca69ce546ab1de51cf7b013e76b3b1909bf7f7994eb2a4c49551d51a1e93289

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:32:31 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
age: 34823
etag: "fa940ae09e807f234e9b44427fc482ef"
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-pop: FRA50-C1
content-length: 5784
x-amz-cf-id: QC2pp1GBf2xmp-SObESFgAYsRHZJcc8mPuZLPjtvSmZJm07yBTs-xg==

GET
H2 200 default.min.css
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/styles/ 776 B
626 B 49ms
25ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.12.0/styles/default.min.css

Requested by

Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65dd6271f67bd94066b0877f99471a82b98dec8379424aef87be480872105539

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1156687
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 271
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e7a-308"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pMbSApUZzUMtksJc0x5cLLgMIoNWjJfgzeOotsbsmflUbpLXwdKT4RqAHMVDpSOILbmxPPySwqBEoWTlNlnA2hx63UIkTpVo1Q%2Fhl0nhklWQp%2Fpc8rfXckNvgwLRKOmbWeG8nSIqr25GVa4DEgPMJVms"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d9e3ee6bab29013-FRA
expires: Sat, 28 Jan 2023 17:12:53 GMT

GET
H2 200 blog-icon.png
blog.oversecured.com/assets/images/ 11 KB
11 KB 35ms
34ms Image
image/png 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.oversecured.com/assets/images/blog-icon.png
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 846c72e2aa14e98df4c692c84eb7515240e5b6e372115a64a2716f46d17694df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:32:31 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
age: 34823
etag: "3e5377c89cc42ace35562fff86c91ebf"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
content-length: 11432
x-amz-cf-id: JzZYigULZqpMEk3nFRryl2xQyMXn_2CBaMslx80WVZLPSItVuVZOoA==

GET
H2 200 LiveWallPaperPreviewActivity.png
blog.oversecured.com/assets/images/ 922 KB
924 KB 12ms
11ms Image
image/png 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.oversecured.com/assets/images/LiveWallPaperPreviewActivity.png
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c7695680008756788cd3b165f3c8912b669e82d48f053e7e7a4b39dd391cfa67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:37:43 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
age: 5711
etag: "c6033407540bc1760f7d726e477281c9"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
content-length: 944313
x-amz-cf-id: mQDg6_0J76ZQj3p9n8DCchKqVXsHpMZLn4aYGhmgQAOthJWeVBvo6w==

GET
H2 200 NotificationBroadcastReceiver.png
blog.oversecured.com/assets/images/ 377 KB
377 KB 140ms
139ms Image
image/png 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.oversecured.com/assets/images/NotificationBroadcastReceiver.png
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a61f3d9ac3fb92e359fd3b149ee3dccc734d66e48ebb29015d01ae3c3e61310a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:12:54 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "ece6e6f594c9abf51bbdc07afd8c7315"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-length: 385735
x-amz-cf-id: gczpZNKYrKdHDrzfISgxoaelXHxepfy2YLTAf13tkFQbJoJADloMBQ==

GET
H2 200 facebook_so.png
blog.oversecured.com/assets/images/ 1 MB
1 MB 283ms
283ms Image
image/png 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.oversecured.com/assets/images/facebook_so.png
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b84aa5c8d011c6fb4f2b5aef11b4f48456a56f0c75dede1290b1d0233fd436a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:12:54 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "3408318c4cf2d9aca5d82a328fe3b745"
x-cache: Miss from cloudfront
content-type: image/png
content-length: 1139964
x-amz-cf-id: xdC66sLMSej4DvFSgMBnrkaTNvzfs-LdCH9xC5AG5f2i8L2d48tV6g==

GET
H2 200 DetailActivity.png
blog.oversecured.com/assets/images/ 379 KB
380 KB 139ms
138ms Image
image/png 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.oversecured.com/assets/images/DetailActivity.png
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2eb85e44df9155ee43846065b79a32cbfd6a2d313bf0ff1eab429bf0285c94e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:12:54 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "04b5cd240d798692e2ccaea08a70ed5a"
x-cache: RefreshHit from cloudfront
content-type: image/png
content-length: 388396
x-amz-cf-id: OSuFITBS-7XxXn3cE1i18SaBqumg6tD9qjauC6X9N3dQKwPRVEU2uA==

GET
H2 200 favicon.ico
blog.oversecured.com/assets/images/ 7 KB
8 KB 13ms
13ms Image
image/vnd.microsoft.icon 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.oversecured.com/assets/images/favicon.ico
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2756e6bf8c71eef5c4199527d28b88983b252ba26eb2a48b14790a0198b42020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 23:22:57 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
age: 64197
etag: "ef448993751bb6b6b753793259201917"
x-cache: Hit from cloudfront
content-type: image/vnd.microsoft.icon
x-amz-cf-pop: FRA50-C1
content-length: 7406
x-amz-cf-id: 9IknNa-Fu9sjHwMeWLP3icIjqToRSaUxSMc6b6n7E2d5CyaGFuu_TQ==

GET
H2 200 favicon.svg
blog.oversecured.com/assets/images/ 2 KB
2 KB 32ms
31ms Image
image/svg+xml 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.oversecured.com/assets/images/favicon.svg
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f545eddf2fc7da74b7aaa838f28e2fa64972d2589beb61f16b176bf5566722

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 10:45:47 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
age: 23227
etag: "94fa1ddf055bad5732447ce76aee9ad5"
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-pop: FRA50-C1
content-length: 1859
x-amz-cf-id: WR7qPx4bRWq6VbYkdPs_DMLSNpALZ6jlJ_JtBOcjRfpqbbUyXomglw==

GET
H2 200 prism-abap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/prism/1.10.0/components/ 8 KB
4 KB 32ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/prism/1.10.0/components/prism-abap.min.js

Requested by

Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

113ad32dec14a1f35f5fbe4a6490d9c58d49be9c31658dac53c704412eb6839a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1156191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3315
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fab-1ef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LREoU04F0gN2XTxkIhWhjvBIrhzFHN1h2%2FBIraBdcxP%2BcZ0iMG6FOGIr9CHzH6vKhWltstKwM46vMSYtRfUGA1c0yEHiZ%2B4%2B31ue0QBi%2BfByQkn%2BQKtuqKIQiCdH4d0W%2BzNBfWgV5L7otL5LJGZmDnFn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d9e3ee6bab69013-FRA
expires: Sat, 28 Jan 2023 17:12:53 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 53ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://blog.oversecured.com/
Origin: https://blog.oversecured.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 17:12:53 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1644253973.dop146.am5.t,1644253973.cds115.am5.hn,1644253973.cds255.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H2 200 jquery.fitvids.js Show response
blog.oversecured.com/assets/js/ 3 KB
4 KB 25ms
24ms Script
application/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.oversecured.com/assets/js/jquery.fitvids.js
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e3fc9948343d85d59440451c12f2de1ddb6c2132ae503314f6ac6b3f87218a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:34:08 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:51 GMT
server: AmazonS3
age: 34726
etag: "3cf0415f27458151d8ed390eb699752e"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
content-length: 3446
x-amz-cf-id: 4v9VIlv3bPSsJo_vj-H3mUbiH8L7E63K_8dKVMTk2Jzy-OMxhYJtxw==

GET
H2

404

/
demo.ghost.io/assets/js/jquery.fitvids.js/
Redirect Chain

https://demo.ghost.io/assets/js/jquery.fitvids.js?v=724281a32e
https://demo.ghost.io/assets/js/jquery.fitvids.js/?v=724281a32e

0
0

16ms
16ms

Script
text/html

2a04:4e42:400::775
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://demo.ghost.io/assets/js/jquery.fitvids.js/?v=724281a32e
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Server: 2a04:4e42:400::775 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

ghost-age: 0
date: Mon, 07 Feb 2022 17:12:53 GMT
via: 1.1 varnish, 1.1 varnish
age: 34916
x-cache: HIT, HIT
status: 301 Moved Permanently
content-length: 0
ghost-fastly: true
x-request-id: 5b8ddaa3e828ca599abc383b6c13317a, 5b8ddaa3e828ca599abc383b6c13317a
x-served-by: cache-ams21052-AMS, cache-hhn4044-HHN
accept-ranges: bytes
server: openresty
x-timer: S1644253974.583837,VS0,VE1
vary: Cookie
location: /assets/js/jquery.fitvids.js/?v=724281a32e
cache-control: public, max-age=31536000
ghost-cache: MISS
x-cache-hits: 1, 1

GET
H2 200 toggleHeaderNotice.js Show response
blog.oversecured.com/assets/js/ 552 B
872 B 23ms
22ms Script
application/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.oversecured.com/assets/js/toggleHeaderNotice.js
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be355fd7955e28041c0130ab82721f42c0c9e4c38f36eb49bd69667d7b774458

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 02:37:18 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:51 GMT
server: AmazonS3
age: 52536
etag: "81334ee4be6765087749976266f665f5"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
content-length: 552
x-amz-cf-id: QdnA4fzlSJTDwyzOuohf-XC2ko_1nzKCuf6D1ZqwNfqPyp5tByPSDQ==

GET
H2 200 gdprNoticeToggle.js Show response
blog.oversecured.com/assets/js/ 515 B
833 B 27ms
27ms Script
application/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.oversecured.com/assets/js/gdprNoticeToggle.js
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7713192f18fe67fc2d40927e946147566d12fe9d92823c34f09e3ff716d30c0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 07:34:08 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:51 GMT
server: AmazonS3
age: 34726
etag: "182ea2895fee1c74d60652734d0ff693"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
content-length: 515
x-amz-cf-id: oIEYp0fKxCUTKCBZpre4Ukp6wnYAZA26-P3f6Dou4rFGNiJ9cahD5Q==

GET
H2 200 anchor.min.js Show response
blog.oversecured.com/assets/anchorjs-4.3.1/ 6 KB
6 KB 28ms
28ms Script
application/javascript 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.oversecured.com/assets/anchorjs-4.3.1/anchor.min.js
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d16319f4f1786f685317ae84825bfff47e55c24ea59ce1b801b982271a3de964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 12:22:09 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
age: 17445
etag: "a58f4bdbf86e8ae057af9131b5b1bcfd"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
content-length: 6008
x-amz-cf-id: yLsJz0o8aaIFypTpyW_x39AEblAX8O88UnP2Ua1D0ZAZc73WcDrZvA==

GET
H2 200 tiktok_back.png
blog.oversecured.com/assets/images/ 79 KB
79 KB 12ms
12ms Image
image/png 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.oversecured.com/assets/images/tiktok_back.png
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e8a023e0f8abf0bf76a8214a320fe12aa41836f51caca08083a0514b3c419a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 10:24:40 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:51 GMT
server: AmazonS3
age: 24494
etag: "75187d9364ef738ef7656c4a08ff085b"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
content-length: 80443
x-amz-cf-id: 5ds_S77YFiiI6IxMaqDBtlrgDft_zprl3KhKodpCly9Yg8YxWMs3Tw==

GET
H2 200 blog-image-post-7th-article.png
blog.oversecured.com/assets/images/ 218 KB
219 KB 12ms
11ms Image
image/png 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.oversecured.com/assets/images/blog-image-post-7th-article.png
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1bbfc3b7c36ee92b6f9552d07f05684d1218ceb51dfc6dd50fdc36ce7ce1c428

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 10:24:40 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:50 GMT
server: AmazonS3
age: 24494
etag: "2f434b3759e90ad60f58874c192f3ce2"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
content-length: 223346
x-amz-cf-id: 2_RJgLq7Hi5bGEr830qurpiCqs4k4mavwKWMayp5U4kF7qErABrPLg==

GET
H2 200 fourthArticleBack.png
blog.oversecured.com/assets/images/ 44 KB
44 KB 13ms
13ms Image
image/png 143.204.98.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.oversecured.com/assets/images/fourthArticleBack.png
Requested by: Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-50.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8b9569d0fd6887d0c1011f7f054525a73729100922430b2ec89f8e5577ea4d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 20:02:10 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
last-modified: Wed, 15 Dec 2021 16:44:51 GMT
server: AmazonS3
age: 76244
etag: "fff6e151b214daf6ace0cd3f9ec01db3"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
content-length: 45087
x-amz-cf-id: x0kYD92o7BOfv6ODlFQVzEwOX0AubjZgEVnJxa7v7yqWVJPTT0rYrw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: blog.oversecured.com
URL: https://blog.oversecured.com/Oversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://blog.oversecured.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5879
date: Mon, 07 Feb 2022 15:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 07 Feb 2022 17:34:54 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
210 B 47ms
45ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1675166981&t=pageview&_s=1&dl=https%3A%2F%2Fblog.oversecured.com%2FOversecured-detects-dangerous-vulnerabilities-in-the-TikTok-Android-app%2F&ul=en-us&de=UTF-8&dt=Oversecured%20detects%20dangerous%20vulnerabilities%20in%20the%20TikTok%20Android%20app%20%7C%20Oversecured%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1345358881&gjid=1090427878&cid=1217522376.1644253974&tid=UA-171786448-1&_gid=699909758.1644253974&_r=1&_slc=1&z=1604605831

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://blog.oversecured.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 07 Feb 2022 17:12:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://blog.oversecured.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bit.ly/	1970-01-20 05:03:25	Name: _bit Value: m17hcR-b1aead2d7316c7f67b-00R
.oversecured.com/	1970-01-20 18:15:25	Name: _ga Value: GA1.2.1217522376.1644253974
.oversecured.com/	1970-01-20 00:45:40	Name: _gid Value: GA1.2.699909758.1644253974
.oversecured.com/	1970-01-20 00:44:14	Name: _gat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://demo.ghost.io/assets/js/jquery.fitvids.js/?v=724281a32e Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
blog.oversecured.com
cdnjs.cloudflare.com
code.jquery.com
demo.ghost.io
www.google-analytics.com
143.204.98.50
2001:4de0:ac18::1:a:1a
2606:4700::6810:135e
2a00:1450:4001:811::200e
2a04:4e42:400::775
67.199.248.10
113ad32dec14a1f35f5fbe4a6490d9c58d49be9c31658dac53c704412eb6839a
1b84aa5c8d011c6fb4f2b5aef11b4f48456a56f0c75dede1290b1d0233fd436a
1bbfc3b7c36ee92b6f9552d07f05684d1218ceb51dfc6dd50fdc36ce7ce1c428
1e8a023e0f8abf0bf76a8214a320fe12aa41836f51caca08083a0514b3c419a9
2756e6bf8c71eef5c4199527d28b88983b252ba26eb2a48b14790a0198b42020
2eb85e44df9155ee43846065b79a32cbfd6a2d313bf0ff1eab429bf0285c94e2
4ce9b8c78efab8fcb6314d9eef206525a0eac074f0da347ba9b8e4cb1946dcf9
65dd6271f67bd94066b0877f99471a82b98dec8379424aef87be480872105539
6e10fb8484c6d99f6e4557694ee1c4fbcd5dfba2c18219ec64b4b7d58a26d38c
6e3fc9948343d85d59440451c12f2de1ddb6c2132ae503314f6ac6b3f87218a8
7713192f18fe67fc2d40927e946147566d12fe9d92823c34f09e3ff716d30c0f
846c72e2aa14e98df4c692c84eb7515240e5b6e372115a64a2716f46d17694df
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b9569d0fd6887d0c1011f7f054525a73729100922430b2ec89f8e5577ea4d6b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a61f3d9ac3fb92e359fd3b149ee3dccc734d66e48ebb29015d01ae3c3e61310a
be355fd7955e28041c0130ab82721f42c0c9e4c38f36eb49bd69667d7b774458
c7695680008756788cd3b165f3c8912b669e82d48f053e7e7a4b39dd391cfa67
d16319f4f1786f685317ae84825bfff47e55c24ea59ce1b801b982271a3de964
eb06b7c165002d4846ebe711bcba26e15cff7ed006d6a4a15220cc89a6c7525f
f7f545eddf2fc7da74b7aaa838f28e2fa64972d2589beb61f16b176bf5566722
fca69ce546ab1de51cf7b013e76b3b1909bf7f7994eb2a4c49551d51a1e93289

blog.oversecured.com Open in urlscan Pro 143.204.98.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

96 %HTTPS

67 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

3356 kBTransfer

3434 kBSize

4 Cookies

12 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

blog.oversecured.com Open in urlscan Pro
143.204.98.50 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

96 %
HTTPS

67 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

3356 kB
Transfer

3434 kB
Size

4
Cookies

24 HTTP transactions
0 data transactions