Summary
A Concise Overview of the scan result of url https://www.tiktok.com/@frenchfuse/video/7418986706180836641?_t=8qCvV7U3jTc&_r=1
- Document
- HTML
- 2
- StyleSheets
- 4
- Scripts
- 163
- Font
- 7
- Images
- 15
- Links
- 2
- JavaScript Variables
- 41
- Console log messages
- 0
- Network
- Requests
- 268
- Bytes Transferred
- 4.35MB
- Bytes Total
- 17.08MB
- DNS Record
- CNAME Record
- 4
- A Record
- 9
- Technology
- Payment processors
- 1
- Security
- 2
Document
Links
The outgoing links identified from the page.
Link | Text |
---|---|
https://effecthouse.tiktok.com/download?utm_source=tiktok_webapp_main | |
https://effecthouse.tiktok.com/download?utm_campaign=ttweb_entrance_v1&utm_source=tiktok_webapp_main | Create TikTok effects, get a reward |
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
Name | Description | Detected patterns |
---|---|---|
Security | ||
hCaptcha | hCaptcha is an anti-bot solution that protects user privacy and rewards websites. | Type: headers Name: content-security-policy Regex: (?:\.|\/\/)hcaptcha\.com |
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
Payment processors | ||
PayPal | PayPal is an online payments system that supports online money transfers and serves as an electronic alternative to traditional paper methods like checks and money orders. | Type: headers Name: content-security-policy Regex: \.paypal\.com |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 28 msGood
- requestTime
- 132 msGood
- dom
- 2195 msPoor
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
Type | Name | Content | DNSSEC |
---|---|---|---|
CNAME | www.tiktok.com | www.tiktok.com.edgesuite.net. | no |
CNAME | www.tiktok.com.edgesuite.net | a2047.api10.akamai.net. | no |
A | a2047.api10.akamai.net | 2.19.126.87 | no |
A | a2047.api10.akamai.net | 2.19.126.88 | no |
A | a2047.api10.akamai.net | 2.19.126.80 | no |
A | a2047.api10.akamai.net | 2.19.126.82 | no |
A | a2047.api10.akamai.net | 2.19.126.85 | no |
A | a2047.api10.akamai.net | 2.19.126.81 | no |
A | a2047.api10.akamai.net | 2.19.126.83 | no |
A | a2047.api10.akamai.net | 2.19.126.86 | no |
A | a2047.api10.akamai.net | 2.19.126.84 | no |
CNAME | www.tiktok.com | www.tiktok.com.edgesuite.net. | no |
CNAME | www.tiktok.com.edgesuite.net | a2047.api10.akamai.net. | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
Subject | Issue date | Expiry date | Valid |
---|---|---|---|
*.www.tiktok.com RapidSSL ECC CA 2018 | 11/9/2023 | 12/9/2024 | 1 year 1 month 1 day |
*.neutral.ttwstatic.com RapidSSL TLS RSA CA G1 | 7/2/2024 | 7/1/2025 | 12 months 4 days |
*.tiktokv.com RapidSSL TLS RSA CA G1 | 8/20/2024 | 9/20/2025 | 1 year 1 month 1 day |
*.tiktokw.eu RapidSSL TLS ECC CA G1 | 8/13/2024 | 9/13/2025 | 1 year 1 month 1 day |
*.tiktok.com RapidSSL TLS ECC CA G1 | 7/15/2024 | 7/15/2025 | 1 year |
*.tiktokcdn.com RapidSSL TLS ECC CA G1 | 7/15/2024 | 7/15/2025 | 1 year |
*.tiktokv.eu RapidSSL TLS ECC CA G1 | 8/5/2024 | 9/5/2025 | 1 year 1 month 1 day |
1562951790.rsc.cdn77.org E6 | 9/15/2024 | 12/14/2024 | 2 months 29 days |
1450622545.rsc.cdn77.org E6 | 9/15/2024 | 12/14/2024 | 2 months 29 days |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
Name | Value |
---|---|
cache-control | max-age=0, no-cache, no-store |
content-encoding | br |
content-security-policy | script-src 'unsafe-eval' sf16-website-login.neutral.ttwstatic.com s20.tiktokcdn.com *.tiktokcdn-us.com www.google.com recaptcha.google.com js.hcaptcha.com client-api.arkoselabs.com www.gstatic.com connect.facebook.net; frame-src *.tiktok.com accounts.google.com www.google.com recaptcha.google.com www.facebook.com *.kakao.com lf16-web.tiktokcdn.com assets.braintreegateway.com appleid.apple.com access.line.me api.twitter.com h.online-metrix.net bytedance: newassets.hcaptcha.com client-api.arkoselabs.com; worker-src https: blob:; frame-ancestors tea-va.bytedance.net www.tiktok.com; report-to csp-endpoint; connect-src * 'unsafe-inline' blob: data:; report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=90e6d773-21ae-42ab-8c71-39270905f535; upgrade-insecure-requests ; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsco.re *.adsintegrity.net *.akamaized.net *.amazonaws.com *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ae *.google.at *.google.be *.google.bg *.google.bj *.google.by *.google.ca *.google.ch *.google.co.cr *.google.co.id *.google.co.il *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.uk *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bd *.google.com.br *.google.com.cy *.google.com.do *.google.com.ec *.google.com.gh *.google.com.lb *.google.com.mt *.google.com.my *.google.com.ng *.google.com.pe *.google.com.pk *.google.com.sa *.google.com.sg *.google.com.tr *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.gr *.google.hr *.google.hu *.google.ie *.google.iq *.google.is *.google.it *.google.lt *.google.lu *.google.lv *.google.md *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.se *.google.si *.google.sk *.google.td *.google.tn *.googleapis.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com |
content-type | text/html; charset=utf-8 |
date | Wed, 02 Oct 2024 18:15:04 GMT |
expires | Wed, 02 Oct 2024 18:15:04 GMT |
feature-policy | microphone 'none'; geolocation 'none' |
pragma | no-cache |
referrer-policy | strict-origin-when-cross-origin |
reporting-endpoints | csp-endpoint="https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns" |
server | TLB |
server-timing | cdn-cache; desc=MISS, edge; dur=99, origin; dur=379 inner; dur=377 |
strict-transport-security | max-age=31536000; includeSubdomains |
x-akamai-request-id | b9c67bf.acd226c |
x-bytefaas-execution-duration | 374.98 |
x-bytefaas-request-id | 202410021815027F8788D19D0A0E78A369 |
x-cache | TCP_MISS from a96-16-85-135.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-3dc23d207184ce034768276f9716916d) (-) |
x-cache-remote | TCP_MISS from a23-32-17-5.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-f27d542afa37241d2fddd9371d528b09) (-) |
x-content-type-options | nosniff |
x-download-options | noopen |
x-frame-options | SAMEORIGIN |
x-gw-dst-psm | serverless.tiktok.desktop |
x-ms-token | tjobz-xFd5VG6IwEo-yIiR-QpOw5Et83bfQubb0Bq3nWLXlp5Nu2wGy40sWm8v0nhiWpy5MwMZThmioA16CH4mN9rWBnJC6FpkcONpUqUKvS4Wr1q300VUmQzYjB |
x-origin-response-time | 380,23.32.17.5 |
x-parent-response-time | 478,96.16.85.135 |
x-powered-by | Goofy Node |
x-pumbaa-web-avail | 1 |
x-tt-logid | 202410021815027F8788D19D0A0E78A369 |
x-tt-trace-host | 0118ba8556354cb9024d0bf14e069de655f41008e037fda6da4aef901241c96838d55ed1793e793e1475603f2a96daa32cb248b66648b15a47b81981a86984725dd91600e07e63ccac30748a63f24d5fdff3611f745c13925e1f1a66bf9e70238c5fc5b17a6b808442782920b44447e780 |
x-tt-trace-id | 00-2410021815027F8788D19D0A0E78A369-14AF0E8F4271C960-00 |
x-tt-trace-tag | id=16;cdn-cache=miss;type=dyn |
x-xss-protection | 1; mode=block |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
Name | Value |
---|---|
script-src | 'unsafe-eval'sf16-website-login.neutral.ttwstatic.coms20.tiktokcdn.com*.tiktokcdn-us.comwww.google.comrecaptcha.google.comjs.hcaptcha.comclient-api.arkoselabs.comwww.gstatic.comconnect.facebook.net |
frame-src | *.tiktok.comaccounts.google.comwww.google.comrecaptcha.google.comwww.facebook.com*.kakao.comlf16-web.tiktokcdn.comassets.braintreegateway.comappleid.apple.comaccess.line.meapi.twitter.comh.online-metrix.netbytedance:newassets.hcaptcha.comclient-api.arkoselabs.com |
worker-src | https:blob: |
frame-ancestors | tea-va.bytedance.netwww.tiktok.com |
report-to | csp-endpoint |
connect-src | *'unsafe-inline'blob:data: |
report-uri | https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=90e6d773-21ae-42ab-8c71-39270905f535 |
upgrade-insecure-requests | |
default-src | 'self''unsafe-eval''unsafe-inline'blob:bytedance:data:wss://*.tiktok.comwss://*.tiktokv.comwss://*.tiktokv.euwss://tiktok.comwss://tiktokv.com*.adsco.re*.adsintegrity.net*.akamaized.net*.amazonaws.com*.bing.com*.bitssec.com*.bytedapm.com*.bytedgame.com*.bytehwm-row.com*.byteicdn.com*.byteintl.com*.byteintl.net*.byteintlapi.com*.byteintlstatic.com*.bytelemon.com*.byteoversea.com*.byteoversea.net*.bytevcloudapi.com*.capcut.com*.cloudflare.com*.ctfassets.net*.doubleclick.net*.evbuc.com*.eventim.de*.facebook.com*.facebook.net*.fbsbx.com*.fcdnstatic-intl.com*.fdmstatic.com*.g-p-static.com*.gauthmath.com*.goofy-cdn.com*.goofy.app*.google-analytics.com*.google.ae*.google.at*.google.be*.google.bg*.google.bj*.google.by*.google.ca*.google.ch*.google.co.cr*.google.co.id*.google.co.il*.google.co.jp*.google.co.kr*.google.co.ma*.google.co.nz*.google.co.uk*.google.co.za*.google.com*.google.com.ar*.google.com.au*.google.com.bd*.google.com.br*.google.com.cy*.google.com.do*.google.com.ec*.google.com.gh*.google.com.lb*.google.com.mt*.google.com.my*.google.com.ng*.google.com.pe*.google.com.pk*.google.com.sa*.google.com.sg*.google.com.tr*.google.cz*.google.de*.google.dk*.google.dz*.google.ee*.google.es*.google.fi*.google.fr*.google.gr*.google.hr*.google.hu*.google.ie*.google.iq*.google.is*.google.it*.google.lt*.google.lu*.google.lv*.google.md*.google.nl*.google.no*.google.pl*.google.ps*.google.pt*.google.ro*.google.rs*.google.se*.google.si*.google.sk*.google.td*.google.tn*.googleapis.com*.googletagmanager.com*.gstatic.com*.hsforms.com*.hsforms.net*.ibytedtos.com*.ibyteimg.com*.isnssdk.com*.jumio.ai*.kakao.com*.lemon8-app.com*.lemon8cdn.com*.licdn.com*.linkedin.com*.midtrans.com*.muscdn.com*.musical.ly*.oecstatic.com*.omise.co*.pangle-ads.com*.paypal.com*.pipopay.com*.redditstatic.com*.resso.me*.sgsnssdk.com*.soundon.global*.tableau.com*.tiktok-row.net*.tiktok.com*.tiktok.ru*.tiktok.vn*.tiktokapis.com*.tiktokcdn-eu.com*.tiktokcdn-in.com*.tiktokcdn-us.com*.tiktokcdn.com*.tiktokcreativeone.com*.tiktokforbusinessoutbound.com*.tiktokglobalshop.com*.tiktokmusic.me*.tiktokshop.com*.tiktokstaticb.com*.tiktokus.info*.tiktokv.com*.tiktokv.eu*.tiktokv.us*.tiktokw.eu*.tiktokw.us*.topbuzzcdn.com*.ttlivecdn.com*.ttlstatic.com*.ttwstatic.com*.vimeo.com*.vodupload.com*.yahoo.co.jp*.yhgfb-static.com*.youtube-nocookie.com*.zhiliaoapp.comcode.jquery.comfacebook.comgoogle.comi.ticketweb.comimages.universe.commedia.ticketmaster.eures.cloudinary.coms1.ticketm.netstatic-label.frontgatetickets.comt.cotikitoks.comtiktok.comtiktok.uatiktok.vntiktokfollowersfree.comtiktokv.comunpkg.comvimeo.co |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
Name | Value | Domain/Path | Expires | Secure | HTTP Only |
---|---|---|---|---|---|
tt_csrf_token | [tt_csrf_token redacted] | .tiktok.com/ | 12/31/1969, 11:59:59 PM | yes | yes |
tt_chain_token | [tt_chain_token redacted] | .tiktok.com/ | 3/31/2025, 6:15:04 PM | yes | yes |
ak_bmsc | 03C84AE5B1A4B525C8C855D9FBB6B2EF~000000000000000000000000000000~YAAQh1UQYOcjYk2SAQAApllxThnDASBGZ9Ji2xOMnO496EeW+JvZzalphoHgZTz30H3NbAZKmC45FrloDBr3KG2HgVU8uUYsNJeofpnf8IdhZ8kbv465LonmYKzbWMy7K/sy/AgqVevBcyPxIhyxIvON+cLYbXIqCoe3dxyB8KpwqothxTWqHzEAWaR5qnSMqk3eVV9+qyt4xMCLHj+MDcenCCQm8hL41Qt8bTpU0SgJptnGOBVqsbfNfK3SlDZWamd7ZVgHEyIZ5HZX13m6sGSdn39jGfVwRK21PIPQkzHKIlT5o4Gt4ysnYnS4JmBXa/FBJ4EM8X1c90JoOO7JBQMvIhBcs6Jy/+Zp3B9qkmcjiQ0Bcb5T4LTiTvPUCrZw+38jObeIBJUoDQ== | .tiktok.com/ | 10/2/2024, 8:15:03 PM | no | no |
tiktok_webapp_theme_source | system | .www.tiktok.com/ | 7/29/2025, 6:15:06 PM | yes | no |
tiktok_webapp_theme | light | .www.tiktok.com/ | 7/29/2025, 6:15:06 PM | yes | no |
ttwid | 1%7CoVpIMfvCHCsPgqesN2gnXrCtgwaC5093OW_ukZD0u4w%7C1727892906%7C89f8e8078298e8d571c5f257870fad66fc3a080d6a6d020244324aafb5e6e970 | .tiktok.com/ | 10/2/2025, 6:15:07 PM | yes | yes |
delay_guest_mode_vid | 8 | .www.tiktok.com/ | 7/29/2025, 6:15:07 PM | yes | no |
msToken | [msToken redacted] | .tiktok.com/ | 10/12/2024, 6:15:15 PM | yes | no |
msToken | [msToken redacted] | www.tiktok.com/ | 12/31/2024, 6:15:15 PM | no | no |