Summary
A Concise Overview of the scan result of url https://www.tiktok.com/explore
- Document
- HTML
- 3
- StyleSheets
- 6
- Scripts
- 181
- Font
- 6
- Images
- 21
- Links
- 2
- JavaScript Variables
- 46
- Console log messages
- 0
- Network
- Requests
- 279
- Bytes Transferred
- 9.01MB
- Bytes Total
- 20.37MB
- DNS Record
- CNAME Record
- 4
- A Record
- 9
- Technology
- PaaS
- 1
- Web servers
- 1
- Reverse proxies
- 1
- Security
- 2
- CDN
- 1
Document
Links
The outgoing links identified from the page.
Link | Text |
---|---|
https://effecthouse.tiktok.com/download?utm_source=tiktok_webapp_main | |
https://effecthouse.tiktok.com/download?utm_campaign=ttweb_entrance_v1&utm_source=tiktok_webapp_main | Create TikTok effects, get a reward |
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
Name | Description | Detected patterns |
---|---|---|
Security | ||
hCaptcha | hCaptcha is an anti-bot solution that protects user privacy and rewards websites. | Type: headers Name: content-security-policy Regex: (?:\.|\/\/)hcaptcha\.com |
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
Web servers | ||
Nginx | Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. | Type: headers Name: server Regex: nginx(?:\/([\d.]{1,250}))? |
CDN | ||
Amazon CloudFront | Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds. | Type: headers Name: x-amz-cf-id Regex: \(CloudFront\)$ |
PaaS | ||
Amazon Web Services | Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality. | Dependent on Amazon CloudFront |
Reverse proxies | ||
Nginx | Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. | Type: headers Name: server Regex: nginx(?:\/([\d.]{1,250}))? |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 1 msGood
- requestTime
- 49 msGood
- dom
- 5907 msPoor
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
Type | Name | Content | DNSSEC |
---|---|---|---|
CNAME | www.tiktok.com | www.tiktok.com.edgesuite.net. | no |
CNAME | www.tiktok.com.edgesuite.net | a2047.api10.akamai.net. | no |
A | a2047.api10.akamai.net | 23.206.171.42 | no |
A | a2047.api10.akamai.net | 23.206.171.27 | no |
A | a2047.api10.akamai.net | 23.206.171.8 | no |
A | a2047.api10.akamai.net | 23.206.171.51 | no |
A | a2047.api10.akamai.net | 23.206.171.9 | no |
A | a2047.api10.akamai.net | 23.206.171.18 | no |
A | a2047.api10.akamai.net | 23.206.171.33 | no |
A | a2047.api10.akamai.net | 23.206.171.25 | no |
A | a2047.api10.akamai.net | 23.206.171.11 | no |
CNAME | www.tiktok.com | www.tiktok.com.edgesuite.net. | no |
CNAME | www.tiktok.com.edgesuite.net | a2047.api10.akamai.net. | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
Subject | Issue date | Expiry date | Valid |
---|---|---|---|
*.www.tiktok.com RapidSSL TLS ECC CA G1 | 11/11/2024 | 11/10/2025 | 12 months 4 days |
*.neutral.ttwstatic.com RapidSSL TLS RSA CA G1 | 7/2/2024 | 7/1/2025 | 12 months 4 days |
*.tiktokv.eu RapidSSL TLS ECC CA G1 | 8/5/2024 | 9/5/2025 | 1 year 1 month 1 day |
*.tiktokw.eu RapidSSL TLS ECC CA G1 | 8/13/2024 | 9/13/2025 | 1 year 1 month 1 day |
*.tiktokv.com RapidSSL TLS RSA CA G1 | 8/20/2024 | 9/20/2025 | 1 year 1 month 1 day |
1450622545.rsc.cdn77.org E5 | 1/7/2025 | 4/7/2025 | 2 months 29 days |
*.tiktokcdn.com RapidSSL TLS ECC CA G1 | 7/15/2024 | 7/15/2025 | 1 year |
*.tiktok.com RapidSSL TLS ECC CA G1 | 7/15/2024 | 7/15/2025 | 1 year |
*.tiktokcdn-us.com RapidSSL TLS ECC CA G1 | 8/20/2024 | 9/20/2025 | 1 year 1 month 1 day |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
Name | Value |
---|---|
cache-control | max-age=0, no-cache, no-store |
content-encoding | br |
content-security-policy | script-src 'unsafe-eval' sf16-website-login.neutral.ttwstatic.com s20.tiktokcdn.com *.tiktokcdn-us.com www.google.com recaptcha.google.com js.hcaptcha.com client-api.arkoselabs.com www.gstatic.com connect.facebook.net;frame-src *.tiktok.com accounts.google.com www.google.com recaptcha.google.com www.facebook.com *.kakao.com lf16-web.tiktokcdn.com assets.braintreegateway.com appleid.apple.com access.line.me api.twitter.com h.online-metrix.net bytedance: newassets.hcaptcha.com client-api.arkoselabs.com;worker-src https: blob:;frame-ancestors tea-va.bytedance.net www.tiktok.com |
content-type | text/html; charset=utf-8 |
date | Sat, 11 Jan 2025 12:16:18 GMT |
expires | Sat, 11 Jan 2025 12:16:18 GMT |
feature-policy | microphone 'none'; geolocation 'none' |
pragma | no-cache |
referrer-policy | strict-origin-when-cross-origin |
server | nginx |
server-timing | cdn-cache; desc=MISS, edge; dur=55, origin; dur=152 inner; dur=97 |
strict-transport-security | max-age=31536000; includeSubdomains |
x-akamai-request-id | 3668b7f.d5275f4 |
x-bytefaas-execution-duration | 95.69 |
x-bytefaas-request-id | 202501111216188B08B45100936E90F5DD |
x-cache | TCP_MISS from a84-53-132-148.deploy.akamaitechnologies.com (AkamaiGHost/11.8.0-2d0f2d516c5d43e1487924a77ec5924a) (-) |
x-cache-remote | TCP_MISS from a95-101-11-180.deploy.akamaitechnologies.com (AkamaiGHost/11.7.2.1-9611f29bef89eba7b18045b10aa2af98) (-) |
x-content-type-options | nosniff |
x-download-options | noopen |
x-frame-options | SAMEORIGIN |
x-gw-dst-psm | serverless.tiktok.desktop |
x-origin-response-time | 152,95.101.11.180 |
x-parent-response-time | 207,84.53.132.148 |
x-powered-by | Goofy Node |
x-pumbaa-web-avail | 1 |
x-tt-logid | 202501111216188B08B45100936E90F5DD |
x-tt-trace-host | 0172964ea68b0008443b65aecf0a118ed1152d2eb5d391f6b37c7f776f0e6a10c7f6be749940d511b1bb615438b9372940bc3b072eb4482868463c1ec651ab76a8ec0f25686bf7b89847ab06a67de9c0d6112b906862284f665fa1974aad228592d8f04f7df4886caa7ad79d371cc95b94708b5b48b38e022eecfa45e414f897acf4fea403b2a27b860d2282b0021f6e1c |
x-tt-trace-id | 00-2501111216188B08B45100936E90F5DD-59C07F3D65C2C151-00 |
x-tt-trace-tag | id=16;cdn-cache=miss;type=dyn |
x-xss-protection | 1; mode=block |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
Name | Value |
---|---|
script-src | 'unsafe-eval'sf16-website-login.neutral.ttwstatic.coms20.tiktokcdn.com*.tiktokcdn-us.comwww.google.comrecaptcha.google.comjs.hcaptcha.comclient-api.arkoselabs.comwww.gstatic.comconnect.facebook.net;frame-src*.tiktok.comaccounts.google.comwww.google.comrecaptcha.google.comwww.facebook.com*.kakao.comlf16-web.tiktokcdn.comassets.braintreegateway.comappleid.apple.comaccess.line.meapi.twitter.comh.online-metrix.netbytedance:newassets.hcaptcha.comclient-api.arkoselabs.com;worker-srchttps:blob:;frame-ancestorstea-va.bytedance.netwww.tiktok.co |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
Name | Value | Domain/Path | Expires | Secure | HTTP Only |
---|---|---|---|---|---|
tt_csrf_token | [tt_csrf_token redacted] | .tiktok.com/ | 12/31/1969, 11:59:59 PM | yes | yes |
ak_bmsc | F0A5429B8C93D039FE1770116B743AFD~000000000000000000000000000000~YAAQlIQ1VDlPFlKUAQAAYC5LVRqhHsSe0/kCDLHDV8i5lF25zEQphuhTOhng5Nx/uR4DtpIWI+j92IEMuwDl4fvv07VexTDcOaN3zMww+mLBKj4c84XFxjyzK6Iv6hWjF1usSyPPRLzJOfMXTA4P5QoN9G3Ps1SUgdRFW57GKl/8bHdN3O7cXW8bOh7ln0Vz9SZwAiYJ+wny0vqCdKytJI0cHf9hS4sDy6t42e6h3yNtJs0tKyCIa+BL3jiq8CxRWjAsXOzg0MXE/2M2XlAuLOTbhexgHQPK2dvjYA17L1vlZCU6qVQ6i/8A4drW5lsUyKpBaFPY/84vLIhd3QJcCgCRu+Rxp8uVTEIx8gBQf7apbTBnMYhyQuenSXTggtmYTMuIpfqQTMZVGQ== | .tiktok.com/ | 1/11/2025, 2:16:17 PM | no | no |
tt_chain_token | [tt_chain_token redacted] | .tiktok.com/ | 7/10/2025, 12:16:18 PM | yes | yes |
bm_sv | A15DFD5FE28CC49A40D3913E49EAF9F6~YAAQlIQ1VDxPFlKUAQAARi9LVRpK7QQbdVLITL60Rrtrk6+4cbd0g+cbNVNeiBLLLUjvSKUB4z5CxLQLS6oMcxQb2CtSuwmeaoOetIen35nqwWxP5gj9IrI4KR347IBnE3giKHBocchmLiHQPQyTlgHIvBVDkkR33qZ5y6FlrqABzSFC3knONWsMBx2rWgJndnKV+kgPF3jMm1BedPnlkNHUx5o1E3xkXfYUvWNbLfji3Xg9zOBTHf21GTAKp8ey~1 | .tiktok.com/ | 1/11/2025, 2:16:18 PM | yes | no |
tiktok_webapp_theme_source | system | .www.tiktok.com/ | 11/7/2025, 12:16:20 PM | yes | no |
tiktok_webapp_theme | light | .www.tiktok.com/ | 11/7/2025, 12:16:20 PM | yes | no |
ttwid | 1%7CKnXPEy6PLEeUh-_UBHLYnT-Ts26dNcD2GYvqnQBLDwc%7C1736597780%7Cf363c248072126788e7e7876b9ca1a2d4d0fe9f7fa7fcfb55b74f3628b664ee2 | .tiktok.com/ | 1/11/2026, 12:16:20 PM | yes | yes |
msToken | [msToken redacted] | .tiktokw.eu/ | 1/21/2025, 12:16:28 PM | yes | no |
msToken | [msToken redacted] | www.tiktok.com/ | 4/11/2025, 12:16:28 PM | no | no |
msToken | [msToken redacted] | .tiktok.com/ | 1/21/2025, 12:16:27 PM | yes | no |
perf_feed_cache | {%22expireTimestamp%22:1736769600000%2C%22itemIds%22:[%227437716410081578295%22%2C%227429759434332622098%22%2C%227448336569351736578%22]} | .www.tiktok.com/ | 1/16/2025, 12:16:28 PM | yes | no |