tiktokbadgeportal.ml
Open in
urlscan Pro
20.216.26.250
Malicious Activity!
Public Scan
Effective URL: https://tiktokbadgeportal.ml/
Submission: On April 24 via api from GB — Scanned from GB
Summary
TLS certificate: Issued by R3 on April 23rd 2022. Valid for: 3 months.
This is the only time tiktokbadgeportal.ml was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: TikTok (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 20.216.26.250 20.216.26.250 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::200e | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a04:4e42:200... 2a04:4e42:200::729 | 54113 (FASTLY) (FASTLY) | |
11 | 92.123.225.57 92.123.225.57 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
5 | 92.123.225.82 92.123.225.82 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 2.21.20.198 2.21.20.198 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
22 | 7 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tiktokbadgeportal.ml |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-57.deploy.static.akamaitechnologies.com
s16.tiktokcdn.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-82.deploy.static.akamaitechnologies.com
s16b.tiktokcdn.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-198.deploy.static.akamaitechnologies.com
s16a.tiktokcdn.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
tiktokcdn.com
s16.tiktokcdn.com — Cisco Umbrella Rank: 94520 s16b.tiktokcdn.com s16a.tiktokcdn.com |
1 MB |
2 |
tiktokbadgeportal.ml
1 redirects
tiktokbadgeportal.ml |
3 KB |
1 |
ravenjs.com
cdn.ravenjs.com — Cisco Umbrella Rank: 6637 |
13 KB |
1 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 |
20 KB |
0 |
ipstatp.com
Failed
s0.ipstatp.com Failed |
|
22 | 5 |
Domain | Requested by | |
---|---|---|
11 | s16.tiktokcdn.com |
tiktokbadgeportal.ml
s16.tiktokcdn.com |
5 | s16b.tiktokcdn.com |
tiktokbadgeportal.ml
|
2 | s16a.tiktokcdn.com |
tiktokbadgeportal.ml
|
2 | tiktokbadgeportal.ml | 1 redirects |
1 | cdn.ravenjs.com |
tiktokbadgeportal.ml
|
1 | www.google-analytics.com |
tiktokbadgeportal.ml
|
0 | s0.ipstatp.com Failed |
tiktokbadgeportal.ml
|
22 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.tiktok.com |
www.instagram.com |
www.facebook.com |
www.twitter.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
tiktokbadgeportal.ml R3 |
2022-04-23 - 2022-07-22 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-04-11 - 2022-07-04 |
3 months | crt.sh |
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA H2 2021 |
2021-11-26 - 2022-12-28 |
a year | crt.sh |
*.tiktokcdn.com RapidSSL RSA CA 2018 |
2020-06-11 - 2022-06-12 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://tiktokbadgeportal.ml/
Frame ID: F34D587438CFAC67F893279B6C32A4F8
Requests: 22 HTTP requests in this frame
Screenshot
Page Title
TikTok - Verified Badge PortalPage URL History Show full URLs
-
http://tiktokbadgeportal.ml/
HTTP 301
https://tiktokbadgeportal.ml/ Page URL
Detected technologies
Google Analytics (Analytics) ExpandDetected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Support
Search URL Search Domain Scan URL
Title: Community Policy
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://tiktokbadgeportal.ml/
HTTP 301
https://tiktokbadgeportal.ml/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
22 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
tiktokbadgeportal.ml/ Redirect Chain
|
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
slardar.js
s0.ipstatp.com/static_magic/toutiao/monitor/sdk/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
raven.min.js
cdn.ravenjs.com/3.24.1/ |
34 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base_97cbbf8.css
s16.tiktokcdn.com/aweme/resource/web_i18n/static/style/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
base_fd8cb8f.css
s16b.tiktokcdn.com/aweme/resource/web_i18n/page/website_en/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index_8ac9f56.css
s16.tiktokcdn.com/aweme/resource/web_i18n/page/website_en/creator/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
red-circle_c736f70.png
s16b.tiktokcdn.com/aweme/resource/web_i18n/static/image/creator/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tiktok_18a0b80.png
s16a.tiktokcdn.com/aweme/resource/web_i18n/static/image/creator/ |
37 KB 38 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
people_14f9f32.png
s16b.tiktokcdn.com/aweme/resource/web_i18n/static/image/creator/ |
768 KB 771 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
creator_ana_9e5cc5e.png
s16a.tiktokcdn.com/aweme/resource/web_i18n/static/image/creator/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
creator_tech_144dc76.png
s16b.tiktokcdn.com/aweme/resource/web_i18n/static/image/creator/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
creator_early_56389e6.png
s16.tiktokcdn.com/aweme/resource/web_i18n/static/image/creator/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
creator_cre_e3212f7.png
s16b.tiktokcdn.com/aweme/resource/web_i18n/static/image/creator/ |
20 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tiktok_icon_2.png
s16.tiktokcdn.com/musical/resource/mtact/static/tiktok/image/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sofiapro-regular.otf
s16.tiktokcdn.com/musical/resource/mtact/static/fonts/ |
155 KB 86 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
follow_ig.png
s16.tiktokcdn.com/musical/resource/mtact/static/tiktok/image/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
follow_fb.png
s16.tiktokcdn.com/musical/resource/mtact/static/tiktok/image/ |
343 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
follow_tt.png
s16.tiktokcdn.com/musical/resource/mtact/static/tiktok/image/ |
733 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
follow_ytb.png
s16.tiktokcdn.com/musical/resource/mtact/static/tiktok/image/ |
760 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sofiapro-bold.otf
s16.tiktokcdn.com/musical/resource/mtact/static/fonts/ |
163 KB 91 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sofiapro-medium.otf
s16.tiktokcdn.com/musical/resource/mtact/static/fonts/ |
161 KB 89 KB |
Font
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- s0.ipstatp.com
- URL
- https://s0.ipstatp.com/static_magic/toutiao/monitor/sdk/slardar.js
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: TikTok (Social Network)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| google_tag_data function| ga object| gaplugins object| Raven0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.ravenjs.com
s0.ipstatp.com
s16.tiktokcdn.com
s16a.tiktokcdn.com
s16b.tiktokcdn.com
tiktokbadgeportal.ml
www.google-analytics.com
s0.ipstatp.com
2.21.20.198
20.216.26.250
2a00:1450:4001:831::200e
2a04:4e42:200::729
92.123.225.57
92.123.225.82
1134f4c4fe5cba03e8c7f18f77e8e98478c32b33fafc019f0b6128370fec2de1
2477525b2174868859305c33e68267a5679f87358ad1ed3fcbcfed23aa41ab55
362732757fd8ef2a7aca850ca0c0a291c44a1192c367281e532be6b90acab235
45c21e543acfcaa9e5a503228d1943c876b11d80a0721aa4e159c3affeb6ede0
4d40e3c581830d7511c855d82eb2ba440cda5b900e15e4faa353e981455b6992
518ac6fd983ed608febe345d32d583b28a28704fdf13df38951c45bf85a214a7
558e3242e17304a228694682fc7fadff172c4ae20b404aaef7e1e86ed5e10c8d
61af758659df2bd7909d77d4155512f672ff4907b7a5bd39f786421b13e83085
62c62154a099e8cdfd2af9d1f5a54670f4a5bb3063c043c05a978aa93d205752
83ec668dae63bfe17eb5d034007975e66c79c382a638e72da7bc8578412a9dd6
8548912dd89c8e879ef3df1469eb188a2130948c389c02d9e906069ff3300ab9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4256095c6d9416648863f64d0dc43501b0ea2474202bfa0fbaa6681af9c7a3e
abd2fe8929adda76da27e0ca45e61f2849d4078da8deeac770d7ed5bad8c1cbb
ae84c04458b50c75c809c461980dbb57531b1c4f23ca1736a481422eed46153c
b08781588baa221137fbe6393e4ae8efee2286cfb8ed35e31087fee561e50d64
c617043a65a12e6529b99d8a49125b17151373875b96118f2d100dce9d850344
dd3544c991134803b697653dbffa19ee05654397f1321d1c1a1af4d43f080b76
e145b1a56b822a1f604021905dc0c661a5447c13a569b6424be2abc8c140b668
e466cddde1e61bd3e7312cb6fbed6a90f51431dd30b2d0bb9c56fb61c63e8f51
f73b54788dec75306e94b413793600fb495dc0af422ea4ebba9ddc6ad9a1749e