Summary
A Concise Overview of the scan result of url https://www.tiktok.com/@arcticcheatsgaming/live?enter_from_merge=share&enter_method=share_copy_link
- Document
- HTML
- 2
- StyleSheets
- 2
- Scripts
- 181
- Font
- 6
- Images
- 4
- Links
- 1
- JavaScript Variables
- 40
- Console log messages
- 0
- Network
- Requests
- 296
- Bytes Transferred
- 4.85MB
- Bytes Total
- 17.95MB
- DNS Record
- CNAME Record
- 4
- A Record
- 9
- Technology
- PaaS
- 1
- Payment processors
- 1
- Web servers
- 1
- Reverse proxies
- 1
- Security
- 2
- CDN
- 1
Document
Links
The outgoing links identified from the page.
Link | Text |
---|---|
https://effecthouse.tiktok.com/download?utm_campaign=ttweb_entrance_v1&utm_source=tiktok_webapp_main | Create TikTok effects, get a reward |
JavaScript Variables
Global JavaScript variables are variables that are defined outside of any function or block scope in JavaScript.
Technology
The technologies identified are present on the scanned URL.
Name | Description | Detected patterns |
---|---|---|
Security | ||
hCaptcha | hCaptcha is an anti-bot solution that protects user privacy and rewards websites. | Type: headers Name: content-security-policy Regex: (?:\.|\/\/)hcaptcha\.com |
HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS. | Type: headers Name: strict-transport-security Regex: (?:) | |
Web servers | ||
Nginx | Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. | Type: headers Name: server Regex: nginx(?:\/([\d.]{1,250}))? |
CDN | ||
Amazon S3 | Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface. | Type: headers Name: server Regex: s3[^ ]{0,250}\.amazonaws\.com |
Payment processors | ||
PayPal | PayPal is an online payments system that supports online money transfers and serves as an electronic alternative to traditional paper methods like checks and money orders. | Type: headers Name: content-security-policy Regex: \.paypal\.com |
PaaS | ||
Amazon Web Services | Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality. | Dependent on Amazon S3 |
Reverse proxies | ||
Nginx | Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache. | Type: headers Name: server Regex: nginx(?:\/([\d.]{1,250}))? |
Performance
The speed and efficiency of the scanned URL loads and displays its content.
- dns
- 1 msGood
- tcp
- 65 msGood
- requestTime
- 59 msGood
- dom
- 6952 msPoor
DNS Record
A DNS record maps a domain name to an IP address or other resource information.
Type | Name | Content | DNSSEC |
---|---|---|---|
CNAME | www.tiktok.com | www.tiktok.com.edgesuite.net. | no |
CNAME | www.tiktok.com.edgesuite.net | a2047.api10.akamai.net. | no |
A | a2047.api10.akamai.net | 23.33.22.147 | no |
A | a2047.api10.akamai.net | 23.33.22.150 | no |
A | a2047.api10.akamai.net | 23.33.22.155 | no |
A | a2047.api10.akamai.net | 23.33.22.156 | no |
A | a2047.api10.akamai.net | 23.33.22.154 | no |
A | a2047.api10.akamai.net | 23.33.22.145 | no |
A | a2047.api10.akamai.net | 23.33.22.146 | no |
A | a2047.api10.akamai.net | 23.33.22.149 | no |
A | a2047.api10.akamai.net | 23.33.22.151 | no |
CNAME | www.tiktok.com | www.tiktok.com.edgesuite.net. | no |
CNAME | www.tiktok.com.edgesuite.net | a2047.api10.akamai.net. | no |
SSL Certificate
An SSL certificate is a digital certificate that verifies the authenticity and encrypts the communication between a website and its visitors.
Subject | Issue date | Expiry date | Valid |
---|---|---|---|
*.www.tiktok.com RapidSSL ECC CA 2018 | 11/9/2023 | 12/9/2024 | 1 year 1 month 1 day |
*.neutral.ttwstatic.com RapidSSL TLS RSA CA G1 | 7/2/2024 | 7/1/2025 | 12 months 4 days |
*.tiktokv.com RapidSSL TLS RSA CA G1 | 8/20/2024 | 9/20/2025 | 1 year 1 month 1 day |
*.tiktokv.eu RapidSSL TLS ECC CA G1 | 8/5/2024 | 9/5/2025 | 1 year 1 month 1 day |
*.tiktokw.eu RapidSSL TLS ECC CA G1 | 8/13/2024 | 9/13/2025 | 1 year 1 month 1 day |
*.tiktok.com RapidSSL TLS ECC CA G1 | 7/15/2024 | 7/15/2025 | 1 year |
*.tiktokcdn.com RapidSSL TLS ECC CA G1 | 7/15/2024 | 7/15/2025 | 1 year |
*.byteoversea.com RapidSSL TLS RSA CA G1 | 10/25/2023 | 11/24/2024 | 1 year 1 month 1 day |
*.pipopay.com RapidSSL ECC CA 2018 | 3/21/2024 | 4/21/2025 | 1 year 1 month 1 day |
HTTP Headers
HTTP Header
An HTTP header is a component of an HTTP request or response that contains additional information about the message being sent or received.
Name | Value |
---|---|
cache-control | max-age=0, no-cache, no-store |
content-encoding | br |
content-security-policy | script-src 'unsafe-eval' sf16-website-login.neutral.ttwstatic.com s20.tiktokcdn.com *.tiktokcdn-eu.com *.tiktokcdn-us.com connect.facebook.net www.google.com js.hcaptcha.com js.braintreegateway.com; frame-src *.tiktok.com accounts.google.com www.google.com recaptcha.google.com www.facebook.com *.kakao.com lf16-web.tiktokcdn.com assets.braintreegateway.com appleid.apple.com access.line.me api.twitter.com h.online-metrix.net bytedance: *.jumio.ai f-p.sgsnssdk.com f-p-va.isnssdk.com eu.pipopay.com fp.us.tiktokv.com fp-sg.pipopay.com fp-va.pipopay.com fp.pipopayment.us fp2.pipopayment.us js.braintreegateway.com app.shuftipro.com api.yoti.com; worker-src https: blob:; report-to csp-endpoint; upgrade-insecure-requests ; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://*.tiktokv.com wss://*.tiktokv.eu wss://tiktok.com wss://tiktokv.com *.adsco.re *.adsintegrity.net *.akamaized.net *.amazonaws.com *.arkoselabs.com *.billetlugen.dk *.bing.com *.bitssec.com *.bytedapm.com *.bytedgame.com *.bytehwm-row.com *.byteicdn.com *.byteintl.com *.byteintl.net *.byteintlapi.com *.byteintlstatic.com *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.capcut.com *.cloudflare.com *.ctfassets.net *.doubleclick.net *.entradas.com *.evbuc.com *.eventim.de *.facebook.com *.facebook.net *.fbsbx.com *.fcdnstatic-intl.com *.fdmstatic.com *.g-p-static.com *.gauthmath.com *.giphy.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.ae *.google.at *.google.be *.google.bg *.google.bj *.google.by *.google.ca *.google.ch *.google.co.cr *.google.co.id *.google.co.il *.google.co.jp *.google.co.kr *.google.co.ma *.google.co.nz *.google.co.uk *.google.co.za *.google.com *.google.com.ar *.google.com.au *.google.com.bd *.google.com.br *.google.com.cy *.google.com.do *.google.com.ec *.google.com.gh *.google.com.lb *.google.com.mt *.google.com.my *.google.com.ng *.google.com.pe *.google.com.pk *.google.com.sa *.google.com.sg *.google.com.tr *.google.cz *.google.de *.google.dk *.google.dz *.google.ee *.google.es *.google.fi *.google.fr *.google.gr *.google.hr *.google.hu *.google.ie *.google.iq *.google.is *.google.it *.google.lt *.google.lu *.google.lv *.google.md *.google.nl *.google.no *.google.pl *.google.ps *.google.pt *.google.ro *.google.rs *.google.se *.google.si *.google.sk *.google.td *.google.tn *.googleapis.com *.googletagmanager.com *.gstatic.com *.hsforms.com *.hsforms.net *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.jumio.ai *.kakao.com *.lemon8-app.com *.lemon8cdn.com *.licdn.com *.linkedin.com *.midtrans.com *.muscdn.com *.musical.ly *.oecstatic.com *.omise.co *.pangle-ads.com *.paypal.com *.pipopay.com *.redditstatic.com *.resso.me *.sgsnssdk.com *.soundon.global *.tableau.com *.tenor.com *.tiktok-row.net *.tiktok.com *.tiktok.ru *.tiktok.vn *.tiktokapis.com *.tiktokcdn-eu.com *.tiktokcdn-in.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokcreativeone.com *.tiktokforbusinessoutbound.com *.tiktokglobalshop.com *.tiktokmusic.me *.tiktokshop.com *.tiktokstaticb.com *.tiktokus.info *.tiktokv.com *.tiktokv.eu *.tiktokv.us *.tiktokw.eu *.tiktokw.us *.topbuzzcdn.com *.ttlivecdn.com *.ttlstatic.com *.ttwstatic.com *.vimeo.com *.vodupload.com *.yahoo.co.jp *.yhgfb-static.com *.youtube-nocookie.com *.zhiliaoapp.com code.jquery.com facebook.com google.com i.ticketweb.com images.universe.com media.ticketmaster.eu res.cloudinary.com s1.ticketm.net static-label.frontgatetickets.com t.co tikitoks.com tiktok.com tiktok.ua tiktok.vn tiktokfollowersfree.com tiktokv.com unpkg.com vimeo.com; report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=988610fa-4298-4be2-9c6d-db19c4ddae23&scene=1 |
content-security-policy-report-only | report-uri https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=988610fa-4298-4be2-9c6d-db19c4ddae23&scene=1;report-to csp-endpoint;script-src 'unsafe-eval' apis.google.com c.paypal.com cdn.ampproject.org cdnjs.cloudflare.com client-api.arkoselabs.com code.jquery.com connect.facebook.net developers.kakao.com googleads.g.doubleclick.net googletagmanager.com js.hcaptcha.com js.hsforms.net pay.google.com recaptcha.google.com s20.tiktokcdn.com s3.amazonaws.com sf16-website-login.neutral.ttwstatic.com sf16-website.neutral.ttwstatic.com ssl.bing.com ssl.google-analytics.com unpkg.com vimeo.com www.google-analytics.com www.google.com www.googleadservices.com www.googleapis.com www.googletagmanager.com www.gstatic.com www.vimeo.com;worker-src www.tiktok.com/business/sw.js www.tiktok.com/embed/sw.js www.tiktok.com/firebase-messaging-sw.js www.tiktok.com/help/sw.js www.tiktok.com/live/creator-networks/pdf.worker.min.js www.tiktok.com/live/static/player-worker/ www.tiktok.com/risk-appeal-ocr/BlinkCardWasmSDK.worker.min.js www.tiktok.com/sw.js |
content-type | text/html; charset=utf-8 |
date | Wed, 02 Oct 2024 17:09:50 GMT |
expires | Wed, 02 Oct 2024 17:09:50 GMT |
feature-policy | microphone 'none'; geolocation 'none' |
pragma | no-cache |
referrer-policy | strict-origin-when-cross-origin |
reporting-endpoints | csp-endpoint="https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns" |
server | TLB |
server-timing | inner; dur=504 cdn-cache; desc=MISS, edge; dur=3, origin; dur=606 |
strict-transport-security | max-age=31536000; includeSubdomains |
x-akamai-request-id | 8c5f2b1 |
x-bytefaas-execution-duration | 487.80 |
x-bytefaas-request-id | 202410021709496315A7CC025BAA749CA9 |
x-cache | TCP_MISS from a96-16-85-143.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-3dc23d207184ce034768276f9716916d) (-) |
x-content-type-options | nosniff |
x-download-options | noopen |
x-frame-options | SAMEORIGIN |
x-gw-dst-psm | serverless.live.stack |
x-origin-response-time | 606,96.16.85.143 |
x-powered-by | Goofy Node |
x-pumbaa-web-avail | 1 |
x-tt-logid | 202410021709496315A7CC025BAA749CA9 |
x-tt-trace-host | 01356f17445847c2a52b5f3aa8693fc635320f03cc1cb9bd8c941b11d0a67cecef158ce75de49250691c80be37fdb25594ad08e63e60cba5f14bea184aa792597e055b6590533a16957ec18902b7e188f87f01a7610e8165a968a0a3095eb6b6d9 |
x-tt-trace-id | 00-2410021709496315A7CC025BAA749CA9-3F0E8369325EA7C5-00 |
x-tt-trace-tag | id=16;cdn-cache=miss;type=dyn |
x-xss-protection | 1; mode=block |
Content Security Policy
Content Security Policy (CSP) is a security mechanism that helps prevent cross-site scripting (XSS) and other code injection attacks by specifying which content sources are allowed to be loaded on a web page.
Name | Value |
---|---|
script-src | 'unsafe-eval'sf16-website-login.neutral.ttwstatic.coms20.tiktokcdn.com*.tiktokcdn-eu.com*.tiktokcdn-us.comconnect.facebook.netwww.google.comjs.hcaptcha.comjs.braintreegateway.com |
frame-src | *.tiktok.comaccounts.google.comwww.google.comrecaptcha.google.comwww.facebook.com*.kakao.comlf16-web.tiktokcdn.comassets.braintreegateway.comappleid.apple.comaccess.line.meapi.twitter.comh.online-metrix.netbytedance:*.jumio.aif-p.sgsnssdk.comf-p-va.isnssdk.comeu.pipopay.comfp.us.tiktokv.comfp-sg.pipopay.comfp-va.pipopay.comfp.pipopayment.usfp2.pipopayment.usjs.braintreegateway.comapp.shuftipro.comapi.yoti.com |
worker-src | https:blob: |
report-to | csp-endpoint |
upgrade-insecure-requests | |
default-src | 'self''unsafe-eval''unsafe-inline'blob:bytedance:data:wss://*.tiktok.comwss://*.tiktokv.comwss://*.tiktokv.euwss://tiktok.comwss://tiktokv.com*.adsco.re*.adsintegrity.net*.akamaized.net*.amazonaws.com*.arkoselabs.com*.billetlugen.dk*.bing.com*.bitssec.com*.bytedapm.com*.bytedgame.com*.bytehwm-row.com*.byteicdn.com*.byteintl.com*.byteintl.net*.byteintlapi.com*.byteintlstatic.com*.bytelemon.com*.byteoversea.com*.byteoversea.net*.bytevcloudapi.com*.capcut.com*.cloudflare.com*.ctfassets.net*.doubleclick.net*.entradas.com*.evbuc.com*.eventim.de*.facebook.com*.facebook.net*.fbsbx.com*.fcdnstatic-intl.com*.fdmstatic.com*.g-p-static.com*.gauthmath.com*.giphy.com*.goofy-cdn.com*.goofy.app*.google-analytics.com*.google.ae*.google.at*.google.be*.google.bg*.google.bj*.google.by*.google.ca*.google.ch*.google.co.cr*.google.co.id*.google.co.il*.google.co.jp*.google.co.kr*.google.co.ma*.google.co.nz*.google.co.uk*.google.co.za*.google.com*.google.com.ar*.google.com.au*.google.com.bd*.google.com.br*.google.com.cy*.google.com.do*.google.com.ec*.google.com.gh*.google.com.lb*.google.com.mt*.google.com.my*.google.com.ng*.google.com.pe*.google.com.pk*.google.com.sa*.google.com.sg*.google.com.tr*.google.cz*.google.de*.google.dk*.google.dz*.google.ee*.google.es*.google.fi*.google.fr*.google.gr*.google.hr*.google.hu*.google.ie*.google.iq*.google.is*.google.it*.google.lt*.google.lu*.google.lv*.google.md*.google.nl*.google.no*.google.pl*.google.ps*.google.pt*.google.ro*.google.rs*.google.se*.google.si*.google.sk*.google.td*.google.tn*.googleapis.com*.googletagmanager.com*.gstatic.com*.hsforms.com*.hsforms.net*.ibytedtos.com*.ibyteimg.com*.isnssdk.com*.jumio.ai*.kakao.com*.lemon8-app.com*.lemon8cdn.com*.licdn.com*.linkedin.com*.midtrans.com*.muscdn.com*.musical.ly*.oecstatic.com*.omise.co*.pangle-ads.com*.paypal.com*.pipopay.com*.redditstatic.com*.resso.me*.sgsnssdk.com*.soundon.global*.tableau.com*.tenor.com*.tiktok-row.net*.tiktok.com*.tiktok.ru*.tiktok.vn*.tiktokapis.com*.tiktokcdn-eu.com*.tiktokcdn-in.com*.tiktokcdn-us.com*.tiktokcdn.com*.tiktokcreativeone.com*.tiktokforbusinessoutbound.com*.tiktokglobalshop.com*.tiktokmusic.me*.tiktokshop.com*.tiktokstaticb.com*.tiktokus.info*.tiktokv.com*.tiktokv.eu*.tiktokv.us*.tiktokw.eu*.tiktokw.us*.topbuzzcdn.com*.ttlivecdn.com*.ttlstatic.com*.ttwstatic.com*.vimeo.com*.vodupload.com*.yahoo.co.jp*.yhgfb-static.com*.youtube-nocookie.com*.zhiliaoapp.comcode.jquery.comfacebook.comgoogle.comi.ticketweb.comimages.universe.commedia.ticketmaster.eures.cloudinary.coms1.ticketm.netstatic-label.frontgatetickets.comt.cotikitoks.comtiktok.comtiktok.uatiktok.vntiktokfollowersfree.comtiktokv.comunpkg.comvimeo.com |
report-uri | https://mon-i18n.tiktokv.com/monitor_browser/collect/batch/security/?bid=tiktok_pns&ev_type=csp&revision=988610fa-4298-4be2-9c6d-db19c4ddae23&scene= |
Cookies
Cookies are small pieces of data stored on a user's web browser to track and remember information about their browsing activity on a website.
Name | Value | Domain/Path | Expires | Secure | HTTP Only |
---|---|---|---|---|---|
tt_csrf_token | [tt_csrf_token redacted] | .tiktok.com/ | 12/31/1969, 11:59:59 PM | yes | yes |
tt_chain_token | [tt_chain_token redacted] | .tiktok.com/ | 3/31/2025, 5:09:50 PM | yes | yes |
ak_bmsc | D62C1C1BA1B02F6670481BCCB46913C0~000000000000000000000000000000~YAAQj1UQYBAEak2SAQAAfKE1ThlSpFv/kwIH6WO2PGbCTOaZlS7uXAWp1axKQLGdMIrIkhRrw/M5cIZnXslXHzt1vYB/RZ5KL7NfzIkkdj8qyYz3wGNY8EtL7J6yZQ9wg8eRJUo61xIca6CDx7PJSb8VjjolkPbVwnrxh9foe/1fT0W7tbCkRwGGqkLphjd/Y2OABlqZ7bJ5RCzJmwjAVcSC/odWc7fFf/NbM3Bx9J/mb5uJq6av2olKYPJwfKdlDZx1xU6UGuQIwY6EMmI7yPFX46bVeL15SFDtGVEfVN5/nEgQuaXjHX8PV0ybpwLTeeKnCmHBf3Qi7u+p1rkkRYGvna/m47cuk55ghTL4JOpTVGkNhTAl5PLBl2EknVTerD81nithCQ0Oow== | .tiktok.com/ | 10/2/2024, 7:09:49 PM | no | no |
tiktok_webapp_theme_source | dark | .www.tiktok.com/ | 7/29/2025, 5:09:52 PM | yes | no |
tiktok_webapp_theme | dark | .www.tiktok.com/ | 7/29/2025, 5:09:54 PM | yes | no |
ttwid | 1%7CzLrPb492WFc3uxszSJktUpk9XcJPW9VatBCp5RM5S0Y%7C1727888992%7C93ff335acbacb4d1084ad75357f0c4c2e650573de2c9c6445bb91f9df0f72973 | .tiktok.com/ | 10/2/2025, 5:09:52 PM | yes | yes |
csrf_session_id | [csrf_session_id redacted] | webcast.tiktok.com/ | 12/31/1969, 11:59:59 PM | yes | no |
msToken | [msToken redacted] | .tiktok.com/ | 10/12/2024, 5:10:02 PM | yes | no |
msToken | [msToken redacted] | www.tiktok.com/ | 12/31/2024, 5:10:02 PM | no | no |