shop.tiktok.com
Open in
urlscan Pro
23.201.29.81
Public Scan
Submission: On February 12 via manual from IL — Scanned from DE
Summary
TLS certificate: Issued by RapidSSL ECC CA 2018 on July 14th 2023. Valid for: a year.
This is the only time shop.tiktok.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 23.201.29.81 23.201.29.81 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
3 | 23.50.131.94 23.50.131.94 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
9 | 23.0.174.249 23.0.174.249 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:831::2008 | 15169 (GOOGLE) (GOOGLE) | |
4 | 71.18.5.241 71.18.5.241 | 396986 (BYTEDANCE) (BYTEDANCE) | |
8 | 95.101.111.136 95.101.111.136 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 88.221.110.88 88.221.110.88 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
29 | 8 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-201-29-81.deploy.static.akamaitechnologies.com
shop.tiktok.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-131-94.deploy.static.akamaitechnologies.com
lf16-tiktok-common.ibytedtos.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-0-174-249.deploy.static.akamaitechnologies.com
sf16-website-login.neutral.ttwstatic.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN396986 (BYTEDANCE, US)
PTR: a71-18-5-241.deploy.static.akamaitechnologies.com
mon-va.byteoversea.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-136.deploy.static.akamaitechnologies.com
mcs-va.tiktokv.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-110-88.deploy.static.akamaitechnologies.com
mon.tiktokv.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
tiktokv.com
mcs-va.tiktokv.com — Cisco Umbrella Rank: 23676 mon.tiktokv.com — Cisco Umbrella Rank: 4179 |
3 KB |
9 |
ttwstatic.com
sf16-website-login.neutral.ttwstatic.com — Cisco Umbrella Rank: 7894 |
606 KB |
4 |
byteoversea.com
mon-va.byteoversea.com — Cisco Umbrella Rank: 6476 |
2 KB |
3 |
ibytedtos.com
lf16-tiktok-common.ibytedtos.com — Cisco Umbrella Rank: 15093 |
171 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
84 KB |
1 |
tiktok.com
shop.tiktok.com — Cisco Umbrella Rank: 209440 |
116 KB |
0 |
Failed
function sub() { [native code] }. Failed |
|
29 | 7 |
Domain | Requested by | |
---|---|---|
9 | sf16-website-login.neutral.ttwstatic.com |
shop.tiktok.com
sf16-website-login.neutral.ttwstatic.com |
8 | mcs-va.tiktokv.com |
sf16-website-login.neutral.ttwstatic.com
|
4 | mon-va.byteoversea.com |
sf16-website-login.neutral.ttwstatic.com
|
3 | lf16-tiktok-common.ibytedtos.com |
shop.tiktok.com
|
2 | mon.tiktokv.com |
sf16-website-login.neutral.ttwstatic.com
|
1 | www.googletagmanager.com |
shop.tiktok.com
|
1 | shop.tiktok.com | |
0 | dispatch_message Failed |
sf16-website-login.neutral.ttwstatic.com
|
29 | 8 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.tiktok.com RapidSSL ECC CA 2018 |
2023-07-14 - 2024-08-13 |
a year | crt.sh |
*.ibytedtos.com RapidSSL TLS ECC CA G1 |
2023-03-13 - 2024-04-12 |
a year | crt.sh |
*.neutral.ttwstatic.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1 |
2023-06-30 - 2024-07-30 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.byteoversea.com RapidSSL TLS RSA CA G1 |
2023-10-25 - 2024-11-24 |
a year | crt.sh |
*.tiktokv.com RapidSSL ECC CA 2018 |
2023-08-14 - 2024-09-13 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://shop.tiktok.com/view/product/1729385514289041578
Frame ID: 2698196CCB7A3F4D516AE76624AAF619
Requests: 21 HTTP requests in this frame
Frame:
bytedance://dispatch_message/
Frame ID: F62955FBCB7C217E7267B815F383B919
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Google Tag Manager (Tag Managers) ExpandDetected patterns
- googletagmanager\.com/gtag/js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
1729385514289041578
shop.tiktok.com/view/product/ |
770 KB 116 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TikTokFont-Regular.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ |
55 KB 56 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TikTokFont-Semibold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ |
56 KB 57 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TikTokFont-Bold.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/tiktok_fonts/ |
57 KB 58 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
482.2b7d4eb3.css
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/i18n_ecom_fe/i18n_ecom_client_h5_ssr/ |
97 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.b2e39d86.css
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/i18n_ecom_fe/i18n_ecom_client_h5_ssr/ |
70 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.718/ |
74 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
244 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
core.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.718/ |
80 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
482.47e7d81c.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/i18n_ecom_fe/i18n_ecom_client_h5_ssr/chunk/ |
1 MB 338 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.2b46c72f.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/i18n_ecom_fe/i18n_ecom_client_h5_ssr/ |
797 KB 162 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
devtools.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/tiktok_privacy_protection_framework/loader/1.0.0.718/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
dispatch_message/ Frame F629 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
browser-settings
mon-va.byteoversea.com/monitor_web/settings/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
webid
mcs-va.tiktokv.com/v1/user/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
browser-settings
mon-va.byteoversea.com/monitor_web/settings/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
webid
mcs-va.tiktokv.com/v1/user/ |
58 B 725 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.fc0dfa76.gif
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/i18n_ecom_fe/i18n_ecom_client_h5_ssr/image/ |
23 KB 24 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-monitors.1.5.0.js
sf16-website-login.neutral.ttwstatic.com/obj/tiktok_web_login_static/slardar/fe/sdk-web/plugins/ |
19 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
list
mcs-va.tiktokv.com/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
list
mcs-va.tiktokv.com/v1/ |
21 B 729 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
list
mcs-va.tiktokv.com/v1/ |
7 B 714 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
list
mcs-va.tiktokv.com/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
list
mcs-va.tiktokv.com/v1/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
list
mcs-va.tiktokv.com/v1/ |
21 B 730 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ |
0 800 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
mon-va.byteoversea.com/monitor_browser/collect/batch/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
mon.tiktokv.com/monitor_browser/collect/batch/ |
0 0 |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
mon.tiktokv.com/monitor_browser/collect/batch/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- dispatch_message
- URL
- bytedance://dispatch_message/
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| google_tag_manager object| google_tag_data object| dataLayer object| __PNS_RUNTIME__ number| __PUMBAA_RUN_FLAG__ object| webpackChunki18n_ecom_client_h5_ssr object| regeneratorRuntime object| __SLARDAR_REGISTRY__ object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| _ object| __STARLING_INCONTEXT_GLOBAL__HOOK__ object| LogPluginObject0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors https://pearl.tiktok-row.net https://seller-id.tiktok.com/ https://seller-uk.tiktok.com/ https://pearl.bytedance.net/ https://boei18n-ads.byteoversea.net/ https://ads.tiktok.com/ https://*.tiktok.com/ https://oec-partner-boe.byteintl.net/ https://partner.tiktokshop.com/ https://partner.eu.tiktokshop.com/ https://partner.us.tiktokshop.com/ https://*.tiktokglobalshop.com/; default-src 'self' 'unsafe-eval' 'unsafe-inline' blob: bytedance: data: wss://*.tiktok.com wss://tiktok.com *.adsintegrity.net *.akamaized.net *.bitssec.com *.bytedapm.com *.byteintl.net *.bytelemon.com *.byteoversea.com *.byteoversea.net *.bytevcloudapi.com *.facebook.com *.facebook.net *.fbsbx.com *.g-t-static.com *.goofy-cdn.com *.goofy.app *.google-analytics.com *.google.co.vi *.google.com *.google.com.ph *.googleapis.com *.googletagmanager.com *.gstatic.com *.ibytedtos.com *.ibyteimg.com *.isnssdk.com *.oecstatic.com *.pangle-ads.com *.pipopay.com *.pipopayment.com *.pipopayment.us *.tiktok.com *.tiktokcdn-eu.com *.tiktokcdn-us.com *.tiktokcdn.com *.tiktokshop.com *.tiktokv.com *.ttlstatic.com *.ttwstatic.com *.vodupload.com *.yhgfb-static.com tiktok.com unpkg.com; upgrade-insecure-requests ; report-to csp-endpoint; report-uri https://mon.tiktokv.com/log/sentry/v2/api/slardar/main/?bid=tiktok_pns&ev_type=csp&revision=308469a3-2dcb-4f15-b24c-6b6c3cf4b827 |
Strict-Transport-Security | max-age=63072000; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
dispatch_message
lf16-tiktok-common.ibytedtos.com
mcs-va.tiktokv.com
mon-va.byteoversea.com
mon.tiktokv.com
sf16-website-login.neutral.ttwstatic.com
shop.tiktok.com
www.googletagmanager.com
dispatch_message
23.0.174.249
23.201.29.81
23.50.131.94
2a00:1450:4001:831::2008
71.18.5.241
88.221.110.88
95.101.111.136
0658526ad7d4663ee2e2ff13911af738aa234f53f93f8372a95d6bb43a10804f
102057a3c90b04e50192e726e01044a280138f6faeaa9c44794c5cbb6011744c
1222c7e03abaeb7be738a6643e44aaee641f6fb82687221b8cf65e26d2101635
1d21c7c4a5231e2baf41c4c0f580cd87bb0536d8feb0e20be417870875c99963
346ef8311d077f8cb25cab289a7cf744ec0991c67903c89fcd2e64e335045f37
52a37b3a78eb5b59df3bdb129b9115c6fed9bec6ca62b55ae56d8c2701de5972
5ac2037030385ad8cf10e486b44475d778eef2e2a377751fbf3c938fd3991b1c
5c46a210eb96977a846535edbbf86710884ff7189fadc84777acc9d703740ec4
64a734e93faa70bcbe26a32d65d76a1d927c53cc053c135b4c7c1c233016567e
7520bda9576b519df3561d67722d95bea0bfb8f644b8b83b38b663138d62cd68
948190a15ae7d94bc1d62d16316370c5365c520310b32a4e3719a93d9a05f78f
95b78f9a01327cc5b21fc64ce697ba5b35e3f364770d7ab74dfa3435de91c0a8
b4a03bd41c1fe8b61ac0f5d987f9e37cea86a8f5c22a2f3b42ee3e49a2494d4b
bcb1761441eff1ee22ab8bdd4575c4bd4ac171da17048828a8a0d4c4064d0996
c0215494b55037ba627c80e6735e7fcda1181fd7c5d0c96174478ad071c88c22
c0b1c3c6995c24eabd1a6fcc4f00523e022b546cf1fa4fce6c30d04763244d1b
d4f4cf3f5b4373618c678c0a339dae848211c8bd17588f6d944afdce6adc2c7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fbd787d052fac80ff0f335797487f1f21052cfa2cdbe8a73295f4b3ccfd57678