login.dingtalk.com
Open in
urlscan Pro
47.246.137.199
Public Scan
Effective URL: https://login.dingtalk.com/oauth2/challenge.htm?response_type=code&client_id=suitebdc1ha7rlxbhny0z&scope=openid&state=ddddd...
Submission: On February 14 via api from US — Scanned from US
Summary
TLS certificate: Issued by GlobalSign Organization Validation CA... on April 6th 2023. Valid for: a year.
This is the only time login.dingtalk.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 101.37.164.212 101.37.164.212 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
1 | 47.246.137.199 47.246.137.199 | 45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.) | |
14 | 2404:2280:1b2... 2404:2280:1b2:0:3::a | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
2 | 47.246.22.253 47.246.22.253 | 24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.) | |
2 | 203.119.145.40 203.119.145.40 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
2 | 124.239.14.250 124.239.14.250 | 4134 (CHINANET-...) (CHINANET-BACKBONE No.31) | |
3 | 2401:b180:700... 2401:b180:7003::2e | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
24 | 6 |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
aone-test.linkheer.com |
ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
login.dingtalk.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
g.alicdn.com | |
img.alicdn.com |
ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
o.alicdn.com | |
at.alicdn.com |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
csp.dingtalk.com |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
log.mmstat.com | |
gm.mmstat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
16 |
alicdn.com
g.alicdn.com — Cisco Umbrella Rank: 9855 o.alicdn.com — Cisco Umbrella Rank: 39354 img.alicdn.com — Cisco Umbrella Rank: 15560 at.alicdn.com — Cisco Umbrella Rank: 18803 |
641 KB |
3 |
mmstat.com
log.mmstat.com — Cisco Umbrella Rank: 19009 gm.mmstat.com — Cisco Umbrella Rank: 22738 |
961 B |
3 |
dingtalk.com
login.dingtalk.com — Cisco Umbrella Rank: 935418 csp.dingtalk.com — Cisco Umbrella Rank: 561770 |
2 KB |
2 |
taobao.com
fourier.taobao.com — Cisco Umbrella Rank: 16616 |
1 KB |
1 |
linkheer.com
1 redirects
aone-test.linkheer.com |
325 B |
24 | 5 |
Domain | Requested by | |
---|---|---|
10 | g.alicdn.com |
login.dingtalk.com
g.alicdn.com |
4 | img.alicdn.com |
login.dingtalk.com
|
2 | log.mmstat.com |
login.dingtalk.com
|
2 | fourier.taobao.com |
g.alicdn.com
|
2 | csp.dingtalk.com |
g.alicdn.com
login.dingtalk.com |
1 | gm.mmstat.com |
g.alicdn.com
|
1 | at.alicdn.com |
login.dingtalk.com
|
1 | o.alicdn.com |
login.dingtalk.com
|
1 | login.dingtalk.com | |
1 | aone-test.linkheer.com | 1 redirects |
24 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.dingtalk.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-04-06 - 2024-05-07 |
a year | crt.sh |
*.tbcdn.cn GlobalSign Organization Validation CA - SHA256 - G3 |
2023-12-26 - 2024-07-30 |
7 months | crt.sh |
*.alibabacorp.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
tfe.alibaba.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-12-04 - 2024-12-30 |
a year | crt.sh |
*.mmstat.com GlobalSign Organization Validation CA - SHA256 - G3 |
2023-08-01 - 2024-09-01 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.dingtalk.com/oauth2/challenge.htm?response_type=code&client_id=suitebdc1ha7rlxbhny0z&scope=openid&state=dddddffff&prompt=consent&redirect_uri=https://aone-test.linkheer.com/dingding/auth/6fbd4c481c1543d890c59169ee35d1a6
Frame ID: D913F7FBC4AF478455B6FB0F58D9DC43
Requests: 24 HTTP requests in this frame
Screenshot
Page Title
MOS0测试 - DingTalk unified identity authenticationPage URL History Show full URLs
-
https://aone-test.linkheer.com/
HTTP 302
https://login.dingtalk.com/oauth2/challenge.htm?response_type=code&client_id=suitebdc1ha7rlxbhny0z&scop... Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://aone-test.linkheer.com/
HTTP 302
https://login.dingtalk.com/oauth2/challenge.htm?response_type=code&client_id=suitebdc1ha7rlxbhny0z&scope=openid&state=dddddffff&prompt=consent&redirect_uri=https://aone-test.linkheer.com/dingding/auth/6fbd4c481c1543d890c59169ee35d1a6 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
challenge.htm
login.dingtalk.com/oauth2/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
g.alicdn.com/ |
13 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
o.alicdn.com/dingding/bird/ |
68 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
login.js
g.alicdn.com/dingding/h5-dingtalk-login/0.52.2/ |
2 MB 331 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
et_f.js
g.alicdn.com/AWSC/et/1.70.8/ |
207 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp
csp.dingtalk.com/ |
9 B 88 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rp
fourier.taobao.com/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
g.alicdn.com/ |
30 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aplus_v2.js
g.alicdn.com/alilog/mlog/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
collina.js
g.alicdn.com/AWSC/uab/1.140.0/ |
243 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O1CN01SFzKuD28PF9A6X2RA_!!6000000007924-2-tps-360-210.png
img.alicdn.com/imgextra/i2/ |
17 KB 17 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font_2266628_5h8v9rx657m.woff2
at.alicdn.com/t/a/ |
3 KB 3 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O1CN01WElbd21CHEVIFcZwE_!!6000000000055-2-tps-180-180.png
img.alicdn.com/imgextra/i1/ |
9 KB 9 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O1CN01nbCqSO1dfV3JNFq7F_!!6000000003763-2-tps-600-360.png
img.alicdn.com/imgextra/i1/ |
485 B 794 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
g.alicdn.com/alilog/ |
116 KB 45 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
O1CN01a2J40d1HtlqT5oBD8_!!6000000000816-2-tps-204-204.png
img.alicdn.com/imgextra/i1/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
csp
csp.dingtalk.com/ |
9 B 197 B |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eg.js
log.mmstat.com/ |
91 B 331 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
arms.1.1
gm.mmstat.com/ |
43 B 156 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
g.alicdn.com/sd/baxia-entry/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v.gif
log.mmstat.com/ |
43 B 474 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
g.alicdn.com/secdev/entry/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.js
g.alicdn.com/secdev/sufei_data/3.9.14/ |
17 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ts
fourier.taobao.com/ |
0 59 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
34 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| baxiaCommon object| AWSC object| AWSCInner function| AWSCFY number| etrprtrt object| __BIRD_CONFIG object| __LOGIN_PAGE_VARS object| __BIRD_perf_data boolean| __BIRD_inited object| __BIRD object| __baxia__ function| clearImmediate function| setImmediate object| regeneratorRuntime function| TraceJSErrorPlugin function| TracePvPlugin function| TraceResourceErrorPlugin number| g_aplus_grey_launched object| goldlog object| __awsc_et__ object| __etModule function| etSign object| UA_Opt number| __acjs number| _uab_module object| __acjs_awsc_140 object| AWSC_UAB_MODULE object| ali_analytics object| goldlog_queue number| g_tb_aplus_loaded number| aplus_spmact object| g_SPM boolean| __sec_entry_loaded8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
login.dingtalk.com/oauth2 | Name: arms_uid Value: 696ceaf2-1f57-4d0e-8753-34bbd4e471c9 |
|
.dingtalk.com/ | Name: tfstk Value: epBBqU4AD20Q5sln5yZNftF9qdp7uww2p0tRmgHE2ppLVa_ARQR8r65SPibWUpS8-a6WWNqnTUWy6N_RJkvPzkfSPZ8NzYSFF1D5mgXUxLrHKMvkerrwFrShxLcpnpQa3F1nJR44u-yNxMvker5FoV0cX3XsAITjc-iFbT82OEIQIYH5CxRBkMLsehX6AzYAvFG-agRK3EgfZbTDqYt6ulZsrbxRzMA-MGm-5BKMASr_f2Nk9hx6ulZsZbApjHN4flgQZ |
|
.dingtalk.com/ | Name: xlly_s Value: 1 |
|
.mmstat.com/ | Name: cna Value: yMlTHirXdTQBASYC/8gxWqpK |
|
.dingtalk.com/ | Name: cna Value: yMlTHirXdTQBASYC/8gxWqpK |
|
.dingtalk.com/ | Name: isg Value: BN7eZc0WN8W_GmMhYx5NhqlUL3Qgn6IZHD4Qy4hnSiEcq36F8C_yKQRZpa-niJox |
|
.mmstat.com/ | Name: atpsida Value: ade85d199dc8af30d2a15ce4_1707924424_1 |
|
.mmstat.com/ | Name: sca Value: 4d40164b |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aone-test.linkheer.com
at.alicdn.com
csp.dingtalk.com
fourier.taobao.com
g.alicdn.com
gm.mmstat.com
img.alicdn.com
log.mmstat.com
login.dingtalk.com
o.alicdn.com
101.37.164.212
124.239.14.250
203.119.145.40
2401:b180:7003::2e
2404:2280:1b2:0:3::a
47.246.137.199
47.246.22.253
04975704505b42dc124568d9d4be26aee2d4592826a0487920cb1d016d1a8e58
05f728c48b0d95b2b7bfd458d7f7dac76c344a7e88fb739ad8a0a82b4f9965b4
144a42a1034cfe8f3292c85c8519ff66610816b9655bcd72658110a500f1bda0
21d7c4c5179b6b4e691516c84646cc18979033008bd248bb161a935579676f11
23948fca566004c16d67b8ccc5998c2fb1105dc91d1bf744b7b3bb1698c4b9d1
2940bfe4046335ed282ae0f39af481c57e82cb268aa9042aeff443077bfdbd08
29b7217acb615f118fba97483fb6909f81af614d76294e7e1a4bc1d3d2506c9a
457adf535d0255a5c76df9e02d19216f6938454ca2bc9b250eb0c58266a131f9
78080cb0dc00ad932214aaf80f209e61f84851d84cb46510a5ee20204beb2339
7a90afe4057d606cc642e6d29b7bad6befbd114735eb6137c35fc81925db888a
7ea672f9ecb968acecda9b7f9ac3a7264a0f95988c431eabd3b022eb30bdbc16
80cc031dcc272fe700570ad4c79131cd15789978233437e9585d78242259f575
90afe383ad15dceabf3da77dec6b91ca5878a80a910441f8bc6c76b6b254d58d
91e3aead734b16237ac435737eea953e998b67576fc9f599b03d90104bf864d7
9960ae9605c7bb7562d7e49cb6a7ff27683fec777e99810597015b875a5a67fd
9d5f012d2dd237cf35506bd44e2dc7a53f71b99481c878604bd7e6261c40f3fe
bdceaed90f56a4d6600efd41efda67b0fde0589334f629945c4bda48130546b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3391c70fd24c8d9fb2baba10d14aa2f08d85aa1e15948fc57b67805267144cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4425a89ec24254262bc3d81a838890e5c9740428e28cd96e520c5bf8ddffa4c
fe80304747ee08781702937bd4e525a7a5f7a4b6c90aea30213fc913d24536c8